HarborLine Freight: Black-Box Penetration Test
Conduct a realistic external pentest/ethical hacking against HarborLine Freight Logistics infrastructure. Progress from network reconnaissance and web exploitation through credential harvesting, lateral movement, and privilege escalation. Document findings with business impact metrics including exposed customer data and payment information.
By CyberTask Engineer ยท Medium level
23
Tasks
1
Sections
440
Points
1 hr
Duration
What You'll Learn
- Enumerate network services and identify attack surface (HTTP, FTP, SMTP)
- Recover full source code from an exposed .git/ directory
- Exploit Local File Inclusion to read SSH private keys
- Perform lateral movement through reused credentials
- Escalate privileges via tar wildcard injection on a sudo-allowed script
- Quantify data exposure (customer records, manifests, cardholder data) for an executive report
- Map the attack chain to MITRE ATT&CK techniques
Prerequisites
- Basic Linux command line proficiency
- Fundamental networking and port scanning knowledge
- Web application security concepts
- SSH and remote access familiarity
- Basic privilege escalation techniques
Tools & Technologies
Nmap
cURL
ffuf
netcat
git-dumper
FTP client
pdftotext
MySQL client
Ready to Begin?
Sign in or create an account to start this lab and earn points.