This post is part of the Test Your Skills series. You can find an introduction here. And an overview of all TYS’s currently available is over here.

---

Challenge

The goal of this challenge is to write a script/tool/exploit which successfully bypasses the login of the network enabled service running in the provided docker container - without changing the docker run command (run it exactly the way as shown below) or any of the scripts/files provided. Feel free to explore the container and take a closer look at the application binary.

This post is part of the Test Your Skills series. You can find an introduction here. And an overview of all TYS’s currently available is over here.

---

Challenge

The goal of this challenge is to find a way to send a specific input from your host to the “Hidden Service” inside the container (as illustrated by the red arrow) - without changing the docker run command (build and run it exactly the way as shown below) or any of the scripts/files provided.

This post is part of the Test Your Skills series. You can find an introduction here. And an overview of all TYS’s currently available is over here.

---

Challenge

The goal of this challenge is to get your hands on the secret code which itself is hidden behind a secret and a captcha protection! You are allowed use any means necessary - think outside the box!

This post is part of the Test Your Skills series. You can find an introduction here. And an overview of all TYS’s currently available is over here.

---

Challenge

Your objective? Get root! But, do it without making any changes to the container/image or the file-system outside your users home directory (/home/void) and do not change the docker run command (run it the way shown below)!

This post is part of the Test Your Skills series. You can find an introduction here. And an overview of all TYS’s currently available is over here.

---

Scenario

Bob, who has a very cute little puppy, sends you an email asking for your help. He says that he, by accident, deleted the best picture he had of his cute little puppy from a USB memory stick. He also mentioned that he immediately unplugged the memory stick once he noticed that he deleted the picture. He took an image of the stick with DD and attached it to the email.

His last line in the mail is something like: This is really important to me. I need this picture back asap. I will make up to you if you can deliver within 72 hours!