My first ever vulnerable VM was released on Vulnhub on 3rd of November 2018. It took a few months from the time I created it and submitted it, until the time it appeared on Vulhub, but its there! Since appearing on Vulnhub it has been downloaded a few times and a number of people have cracked it and let me know via Twitter. I am also starting to see a few write ups appear on various blogs which is great.
What I have discovered, is that people are actually not going about this machine in the way I intended. Ultimately that is my fault. Raven was built with a beginner in mind. It was actually designed to be available for a class I was teaching, I spent quite some time crafting these nice methods for people to get in to then realise it was probably a bit hard for a beginner. So I add in a few extra ways for people to get in.
What I love about Hackers is that they often find the path of least resistence. This means everyone attacking Raven is going about it the easy way and ignoring the ways I spent so long crafting. Well…. no more. In Raven 2, Raven Security has discovered they are victim to a number of security breaches. So they have tightened up security to prevent hackers from getting in. Can you still get access to Raven?
Again, there are four flags to capture. If by chance you were someone who did the original Raven the hard way, then you may not get a lot out of Raven 2. However, if you got in the easy way - Give Raven 2 a crack.
I have submitted to Vulnhub, but until it appears on their site, you can Download The VM from my Google Drive.