Difficulty
intermediate
Average duration
2 hrs
Technologies
evil-winrm
A01:2021 - Broken Access Control
windows
cybersecurity
A02:2021 - Cryptographic Failures
web fuzzing
red team
A05:2021 - Security Misconfiguration
Difficulty
intermediate
Average duration
2 hrs
Technologies
evil-winrm
A01:2021 - Broken Access Control
windows
cybersecurity
A02:2021 - Cryptographic Failures
web fuzzing
red team
A05:2021 - Security Misconfiguration
You are about to face the most deceptive environment yet: the website of the fictitious Umbrella Corporation. At first glance, it appears to be riddled with known vulnerabilities — but not everything that glitters is gold. Among the many apparent paths, only one will truly lead you to system control.
Your challenge is to separate real clues from distractions, interpret technical signs accurately, and remain calm in the face of decoys designed to mislead you. If you proceed cleverly, you might uncover a hidden entry point into the system and, through thorough analysis, discover a way to gain elevated privileges in a Windows environment.
This lab tests your judgment, your analytical skills, and your persistence in the face of uncertainty.
Follow these instructions to get started:
1 https://storage.googleapis.com/cybersecurity-machines/final-boss-lab.ova
During your investigation, you might consider using:
Remember: Not everything that looks vulnerable actually is. Learn to follow the real clues among the decoys.
Good luck, agent!
Difficulty
intermediate
Average duration
2 hrs
Technologies
evil-winrm
A01:2021 - Broken Access Control
windows
cybersecurity
A02:2021 - Cryptographic Failures
web fuzzing
red team
A05:2021 - Security Misconfiguration
Difficulty
intermediate
Average duration
2 hrs
Technologies
evil-winrm
A01:2021 - Broken Access Control
windows
cybersecurity
A02:2021 - Cryptographic Failures
web fuzzing
red team
A05:2021 - Security Misconfiguration
Difficulty
intermediate
Average duration
2 hrs
Technologies
evil-winrm
A01:2021 - Broken Access Control
windows
cybersecurity
A02:2021 - Cryptographic Failures
web fuzzing
red team
A05:2021 - Security Misconfiguration
Difficulty
intermediate
Average duration
2 hrs
Technologies
evil-winrm
A01:2021 - Broken Access Control
windows
cybersecurity
A02:2021 - Cryptographic Failures
web fuzzing
red team
A05:2021 - Security Misconfiguration
Difficulty
intermediate
Average duration
2 hrs
Technologies
evil-winrm
A01:2021 - Broken Access Control
windows
cybersecurity
A02:2021 - Cryptographic Failures
web fuzzing
red team
A05:2021 - Security Misconfiguration
Difficulty
intermediate
Average duration
2 hrs
Technologies
evil-winrm
A01:2021 - Broken Access Control
windows
cybersecurity
A02:2021 - Cryptographic Failures
web fuzzing
red team
A05:2021 - Security Misconfiguration