MAY 2026 – PRESENT
SEVENSINS VULNERABLE VM LAB
Offensive CTF Design & Exploitation Lab
01 // PROJECT_SUMMARY
Designed and built a custom CTF VM with 7 flags hidden across intentionally misconfigured FTP, Samba, MySQL, and Apache2 services. Each flag tied to a distinct vulnerability requiring enumeration, exploitation, or privilege escalation to capture.
LinuxSambaMySQLApache2Privilege EscalationCTF Design
02 // STRIDE_THREAT_MODELING_LOGS
| THREAT_CATEGORY | EXPLOIT_VECTOR | MITIGATION_STRATEGY |
|---|---|---|
| Elevation of Privilege (STRIDE) | Attackers exploit a misconfigured setuid binary or wildcards in root cron jobs to gain root access. | Demonstrate privilege escalation paths to teach secure path management and strict sudoers configuration. |
| Information Disclosure | Unauthenticated Samba shares or anonymous FTP logins expose sensitive user hashes or keys. | Disable anonymous logins in production systems; bind services only to localhost unless strictly required. |
| Insecure Deserialization | Web application running on Apache2 accepts unvalidated inputs, leading to Remote Code Execution (RCE). | Implement strict input validation and run web services under low-privilege service accounts (www-data). |
03 // ARCHITECTURAL_SANDBOX_SCHEMAS
FILE_DUMP // DIAGRAM_NODES.LOG
- Target Host: Ubuntu Server minimal image, stripped of unnecessary modules.
- FTP Service (vsftpd): Configured with writable folders for anonymous users containing hint logs.
- Samba (SMB): Misconfigured shared folder exposing backup scripts.
- Apache2 Web Application: Running a vulnerable PHP panel with local file inclusion (LFI).
- Privilege Escalation Vector: System cron job running a backup script writable by a local developer group.
04 // ARCHITECTURE_LESSONS
- Understanding how system administrators leave trails of misconfiguration during rapid deployments.
- Constructing privilege escalation chains requires exact file-permission tuning (chmod/chown) to prevent unintended shortcuts.
- Documenting the walkthrough (write-up) is as critical as designing the exploit itself to educate security practitioners.
05 // TARGET_OUTCOMES
- Simulated 7 real-world attack vectors in a single laboratory image.
- Utilized by classmates at CHRIST University for hands-on VAPT training.