I found the original CCTC Preliminary challenge disk in lab a few days back, and wanted to post it here in case someone wants to test their penetration testing/hacking skills. Harshil & Me had worked on it for the first round of the first iteration of CCTC (which we later won).
#Instructions
- Get the VMWare image from http://clipx.cloudapp.net/cctc/
- Hack.
- Credentials are student:student (username:password)
- Open <VM_IP>/cctc in your browser.
#Rules
- Only application and its serving components can be tested for vulnerabilities. The serving components include
- Webserver
- Operating System
- Any other services/files in the guest machine and guest operating system
- Any vulnerability identified in any component outside the above mentioned ones, will not be used for evaluation
- All participants should necessarily submit all the exploit codes/custom scripts written to identify the vulnerabilities in the system.
- The deadline for the original challenge was 2 weeks, but you're free to take as much time as you want. If anyone's really interested, you can make a list of vulnerabilities you've found and email me. The person with highest score gets a chapo from me.
I'll post my own writeup and scripts after a while.
I guess it should be
<VM_IP>/cctc, right?