The Iron Shell

NICE Work Roles

Cyber Defense Penetration Tester

NICE Tasks

T0047: Conduct vulnerability scans and recognize vulnerabilities in security systems.
T0231: Perform penetration testing as required.
T0293: Analyze encrypted data, encrypted traffic, or cryptographic certificates.
T0697: Exploit system vulnerabilities to elevate privileges.

Background

You are a hired hacker whose job is to attack a target within an office environment. You have been given access to the network and must locate the machine, enumerate it for vulnerabilities, and exploit it to gain root access.

If you are too loud, you will be kicked from the target and must restart your instance.

Getting Started

You have four objectives:

Enumerate and exploit an exposed web portal. You know there is an entry point at /ping.
Crack ssh credentials of a user on the machine. If using tools such as john, you must set:
```
OMP_NUM_THREADS=16
```
Using more than 16 threads will cause stability issues in the environment.
Gain root access to the machine.
Exfiltrate sensitive files without tripping any alarms.

You are provided with a wordlist.txt file located at:

http://grader/wordlist

To submit the cracked SSH credentials, navigate to:

http://grader/

System and Tool Credentials

system / tool	username	password
kali	user	password
`target`	TBD	TBD
`grader`	N/A	N/A

Question 1 – Web Portal Exploit Flag (624 points)

Exploit the exposed web portal and retrieve the flag.

Question 2 – SSH Credential Submission Flag (624 points)

Submit the cracked SSH credentials.

Reminder: Use OMP_NUM_THREADS=16 when running tools like john. Exceeding this value will cause instability.

Question 3 – Root Access Flag (936 points)

Gain root access to the target system and retrieve the flag.

Question 4 – Sensitive File Flag (936 points)

Exfiltrate sensitive files without triggering alarms and retrieve the final flag.