Please follow these steps first before start using the VM machine.
Connect to the VM machine using the SSH tool as follows:
– In Windows, go to command prompt “CMD” and type ssh firstname.lastname@example.org
– In Linux, open the terminal and type ssh email@example.com
– Then provide your password
You must do the following *** Important***
1- Make sure you are in the home directory , use the command pwd, it should show you your current
2- Make sure the files .profile and .bashrc are in your home directory, use the command ls -la, it
should show you them in the output.
We need to add the following snippet to each file ~/.profile and ~/.bashrc ( Hint: use nano editor or
vi , no sudo required)
# DON’T REMOVE NOR CHANGE: Enabling ADDR_LIMIT_3GB to mimic the old-fashioned
trap /usr/local/bin/setarch.sh EXIT
if [ ! -f ~/.setarch.lock ]; then
setarch `uname -m` -3 -L -v $SHELL
After doing this small task you can start working on the VM.
1. ssh into seceng.nms.kcl.ac.uk as per instructions received via email after completing the
initial form as described in the Assessment page.
2. On seceng.nms.kcl.ac.uk you will find:
○ a number of challenges of increasing difficulties (lev1 to lev10):
■ Challenges are in /var/challenge/levelX
■ You start from lev0 (group)
■ You can read the source code of the challenge corresponding to the level you
■ Breaking the current level will give you access to the next one:
■ Besides spawning a shell, execute the command /usr/local/bin/l33t
■ Logout and log back in to retain the privilege level earned.
Check where you are by using the command score:
● At lev0 you show up nowhere. . .
Solutions must be submitted. To this end, create a <hacker handle>.tar.gz that includes the following
● For each challenge that you have successfully solved, a program named exploit that
successfully performs the exploit.
● A file named README.txt containing a short discussion of additional information, such as
interesting findings, alternative exploit techniques.
The .tar.gz file must be structured as follows:
If you need to compile some source file to obtain the exploit executable, provide a Makefile that does
that. The exploit program can be written in either C, C++ or python.
本网站支持 Alipay WeChatPay PayPal等支付方式
E-mail: firstname.lastname@example.org 微信号:vipnxx