The DC challenges are a series of purposely vulnerable labs for the purpose of gaining experience in the world of penetration testing.
I started creating these vulnerable VMs so that beginners (people like me) can get an idea of what is involved with trying to break into a system (legally).
When I started doing these kind of challenges late last year, I found that quite a few were more like puzzles. While they were fun, I was also a bit disappointed as I wanted to find some challenges that were more...realistic. That isn't to say that they were bad or not challenging, but I did get a bit tired of seeing the same things over and over again.
So, with that in mind, you won't see:
- Any flags that have been base64 encoded
- Any brainfuck encoded flags
- Any "secret" text hidden in images (steganography)
- While DC-1 and DC-2 both have hints/clues as flags, from DC-3 onwards, there are no clues, just one flag that can be obtained with root privileges (directly, or indirectly).
There are 9 DC releases in total, all of which were released in 2019.
While the DC series has come to an official end after the release of DC-9, I have created a new series called Five86.
I hope you enjoy the challenges as much as I enjoyed creating them.