Seven Layers delivers comprehensive, dependable, and cost-effective solutions tailored to our clients’ needs and budgets. We offer cutting edge defensive security strategies to provide you with the ability to protect key systems and information – and can pair those with traditional information technology services to keep your business up and running, so you can focus on the business that is important to you.

    We provide penetration testing services and vulnerability assessments for peace of mind, risk management, and regulatory compliance. And because your employees are often your first line of defense - or weakness – we offer employee education in computer security and corporate security policies.

    Our support services cover your full suite of end user desktops, in-house servers, cloud-based servers, and cloud services. This includes seamless support for employees in all locations, whether they are in corporate offices, or are remote users. We will manage and develop content management systems, customized software and web applications, as well as working with off the shelf applications.


    You can't judge a book by its cover.  When I saw that the description was empty, I thought this box was going to be hard.  Again, as always, your definition of hard and mine may differ but this box has few moving parts and in my opinion, it's not hard.  In fact, this box is perfect for a friend who I'm guiding into penetration testing.  He just learned a new skill the other day and there's a component to this box that's right up his alley.  

    Moving on, we kick off with Nmap:

    SSH and FTP.  According to Nmap, we have anonymous FTP access....

    We find a backup file, we download it, and we open it:

    Hashes!  This is where my friend will be thrilled.  He's been learning how to crack hashes with Hashcat.  And that's where we're sending these:

    I use a small list and not long, we get a couple of hits.  I attempt to SSH using the sunset account:

    We get the first flag:

    When we check out our sudo privileges, we see we can run the command ed and I see my path to root:

    The man pages on the system don't show it but if we look online, here's what just happened:

    Since we're running ed as root, commands executed are on behalf of root.  #GameOver

    We go for the root flag:

    I like that there are boxes for people of all levels.  I was talking to someone the other day who joined HTB and was overwhelmed by the level of difficulty.  Beginners need a place to start and this box is perfect.

    Cybersecurity solutions for small businesses.

    © 2021 Seven Layer Networks, Inc. | All rights reserved.