“Capture the Flag” (CTF) games have become a popular way for hackers to legally practice their hacking skills and gain recognition throughout the community. One way that hackers show off their skills is by posting “walk-throughs” or “write-ups” which detail the steps they took to completely compromise the system and capture the flags. Typically, these provide only the minimum steps necessary to reproduce the attacks, proof that the hacker completed the challenge. They rarely convey the thoughts of the hacker, their reasoning or approach to the problem. This is a shortcoming we have attempted to overcome in the guides in this document; we believe that “walk-throughs” and “write-ups” can be an excellent instructional tool, helping to teach not only the tools and tactics, but also the mind-set of the modern hacker.
The following sections feature complete walk-through guides to various vulnerable systems featured on sites like HackTheBox and VulnHub. They are divided by platform, arranged in a loose and subjective order of ascending difficulty, and cross-referenced with Chapter 2 to provide context and depth to the tools and techniques therein.