Rules

These are the rules of the game:

Notes

In order to minimize the frequency with which we need to reset this machine, we've tried to prevent successful attackers from actually gaining root access. Even the "high-privilged" user account doesn't have root access. If you're somehow able to get root access, then make sure to let us know! It would definitely be extra bonus points since there's not supposed to be a way to do that!

A utility called Tmpreaper is configured to continuously delete any files in the /tmp directory which are more than one hour old. The reason for this configuration is to minimize the likelihood of new attackers gaining an unfair advantage by seeing artifacts left behind by old attackers. Keep this fact in mind if you notice that your temp files start mysteriously disappearing after a while.

This machine is configured to reboot every day at 7AM UTC time to clean up any lingering processes left behind by previous attackers.

The difficulty of exploitation of this machine is meant to be easy. Depending on the feedback and results we're getting, we may create more difficult boxes in the future.

Happy Hunting!
-Shieldsurge Consulting