Lab value was 90 pounds and the lab had 14 machines, 1 being out of scope (the firewall).
As you can see, the lab is made out of multiple Windows and Linux machines and you get to practice a multitude of attacks. Some of them are:
- Web App attacks
- Buffer Overflows (2 BoFs)
- Pillaging (gathering information from the target machines)
- Different privilege escalation techniques
- Credential reuse
- Pass the hash (not sure if that was the intended way, but still…)
The machines have 1 to 3 flags depending on the exploitation, services running, etc.
I consider it a good practice to learn how to pivot through the network and how to exploit machines, both individually and by leveraging information found on a machine to access another machine.
There are a total of 26 flags you need to find and submit. The certificate can be generated from the settings of your account at the certificates tab.
The certificate looks like this: