About a month ago, Vulnhub released a boot2root image built by Lok_Sigma called Hades. The box promised to be full of annoyances and it delivered them in droves. Requiring a combination of exploit development, reverse engineering and some out of the box thinking, I really enjoyed this challenge. I decided to share my solution now that the competition is over. It goes without saying this post has a lot of SPOILERS!
Big thanks go out to the Vulnhub team for the awesome work they do. Follow them on Twitter to keep up with the latest releases.
If you want to tackle Hades yourself, you can grab a copy of the machine here.
It may appear however, that Google has already decided that robots.txt is merely a bug heading towards it’s windscreen and is indexing pages that are excluded via the robots.txt as is apparent with Dropbox.
My name is Ryan and I live in Sydney. My history is extremely boring and full of horror stories from racist countries so I’ll skip to 5 years ago in a hotel room in Perth, shortly after I moved to Australia. I liked to call myself an IT Professional but in all honesty I was a Windows Systems Administrator for 13 years who discovered that you can actually make a living breaking into peoples shit….ethically of course!
I met a guy in a downstairs bar of a hotel I was staying in and after shooting the shit and finding out we both worked in IT he told me why he was there. He was performing a Penetration Test of that hotel and he explained his life of planes, hotels and laptops and after showing me my first ever exploit, I realised I wanted…no…NEEDED to be him! I wanted his life and I wanted his sorcery! I can’t remember his name but if you are reading this, get in touch!
Long story short, I … read more