The german intelligence agencies has some task up on its website. People who can solve it can apply for a job in the cyber security department i guess.
The scenario is the following:
Some agency from an allied country asks the BND to check an incident. The server of some state insurancy company got hacked. They supply an image of the server.
You have to analyze the image. The hackers left traces on the system (files) and you have to figure out how to get root access. LUCKILY the hackers somehow created a low level user (hacker:abcd1234).
They supply an image you can use in a VM. Thats it. Im not far in but i have a decent idea about whats going on but im not advanced enough to solve it all.
http://www.bnd.bund.de/DE/Karriere/Forensik_Challenge/Forensik_Challenge_node.html ... You can find the image here.
http://download.gsb.bund.de/BND/ZIP_Challenge.zip (754 MB).
>>59306031
who the fuck thought that a long agency name is a good idea
>>59306031
go fuck yourself
>>59306041
>Central Intelligence Agency is short
cmon ...
>pic related
>"This machine has been hacked by Rul0rzZ!"
Thats how it looks like when you get in.
>>59306041
In german we just like to link multiple words into one. Translated it would be "federal news service".
>>59306071
>oh no finally an interesting thread involving an interesting challenge .. i better tell OP to go fuck himself and go back to one of my 30 consumerist meme threads and circle jerk about AMD, Intel and the latest vidya gaming hardware
kys tbqh.
>>59306095
Sorry, you had a chance. If not making this thread, which proves that you cannot solve it yourself, then at least this post has rendered you utterly unqualified for the job. People who use such foul language are not welcome in our agency.
Kind Regards
BND
>>59306133
i think i mentioned that i am not advanced enough to solve it all!!!! Thank you though!!!
>>59306086
Federal intelligence service mate
Soo in the scenario they give you some hints:
Apparently there is a web application involved and those are obviously vulnerable.
When you enter a folder named "html" you will find a .php which includes the following code/home/readFile “.$_GET [‘password’].” Insurances/“.$_GET[‘file’]
soo .. i guess the attackers used the .php as their attack vector because it gave them direct access to /home/readFile ... the readFIle.c is also included. I guess the server ran with root access and this is how they managed to change the root password.
From the /mail/ folder i have concluded that the root user name should be 'www-data' since its the only one i can't access.
>>59306031
I couldn't hack my way out of a paper bag, if you gave me an axe.
besides, the CIA has distributed plenty of malware already. the last thing I need is more malware in a language I can't read. Germany has some great talent in the c3. I'll bet someone there will solve- as soon as they can find and remove all the shit merikuh infested the world with.
>>59306272
its just a fucking vmware image you dumb fucking clown ... an image of a debian linux system ...
>>59306280
fuck you, Frazier. fuck you, fuck VMware, fuck CIA niggers, and fuck you, again for good measure. when you're done eating a dick, eat another one.
>>59306385
no need to rage because you have absolutely no idea how to use a VM and the CLI lol
Any of you self proclaimed Linux Gods figured something out yet?!!
Sweet, I can stop role-playing a Nazi and be an actual Nazi.
ITT OP wants the solution to get accepted at bnd
>>59306790
no i dont. I just think its an interesting challenge and i simply want to learn more about it.
>>59306041
It's just regular german autism.
(pic related translates to ''
floor sanding machine rental'')