Down
Down
Down 666
Down
RETIRED MACHINE

Down

Down - Linux Linux
Down - Easy Easy

4.5

MACHINE RATING

500

USER OWNS

471

SYSTEM OWNS

17/06/2025

RELEASED
Created by jkr & xct

Machine Synopsis

Down is an easy-rated Linux machine that involves exploiting an arbitrary file read by bypassing a protocol-based filter to discover the source code of the running PHP web app, eventually, a remote code execution to gain an initial foothold. The attacker finds a readable `pswm` encrypted file in the user's home directory. The `pwsm` uses Python's `cryptocode` module and a master password to encrypt and decrypt the data. The attacker is supposed to write a small script to decrypt the blob and compromise the user. The compromised user is a member of the `sudo` group, allowing the user to escalate and obtain root access.

Machine Matrix

Ready to start your
hacking journey?