# **VENGEANCE**

### ⬇️​ **DOWNLOAD**

To download CTF machine use the following [link](https://www.swisstransfer.com/d/62d14aac-587e-40fc-a56f-8ab6bad84910).

---

### 🎮 **CONNECTION**

#### SSH :
```
ssh vengeance@ip-machine

password : vengeance
```

#### Virtual Machine :
```
user : vengeance

pasword : vengeance
```
---

### 🕵️ **INTRODUCTION**

You are an agent in the French secret service. Your mission: to infiltrate the system of a dangerous and elusive high-level hacker. The individual is operating in the shadows, covering his tracks at every turn. So far, no one has managed to trace him. But now you have a rare opportunity.

Thanks to a security flaw, you've gained access to a secondary account on his system: the user named “player”. This is your entry point. The point of no return.

---

### 🥇 **OBJECTIVE**

Your goal is clear :

Get the administrator password to the hacker's ultra-secure system.
But the path will be strewn with pitfalls. You'll have to progress through several levels of security, each more complex than the last. Each level contains fragments of truth, traps, encrypted data and lies.

Your investigation will have to lead you to the hacker's true identity, using all the elements gathered along the way.

---

### **🧠 BACKGROUND**

As you enter the system, you notice that a large proportion of the files have been deleted. But not everything has disappeared. Residual digital traces remain. These fragments are like pieces of a jigsaw puzzle that you have to piece together.

#### Each level can hide :

🏁 Flags 

💡 Clues or coded phrases

🔐 Hidden or encrypted files

🎯 Hints with the command : 
```
badplayer
```

⚠️ 
Some paths are optional, the game can be finished in many different ways. Some details may seem unnecessary... until they become essential. 
Take notes Player! Every word counts, every detail is important, so pay attention ^^.

---

### **🗒️ USEFUL INFORMATION**

To start your mission, open a terminal and enter the following command :

```
command : su - level0

password : Baguette
```


📓 
Tip : Use a text editor (such as Notepad++) to keep track of all the important elements: passwords, suspicious phrases, paths explored, ideas... You'll need it.

🖥️ 
Immersion recommended : Keep your terminal in windowed mode, not full screen. This mission is more than a game. It's a digital investigation.


Good luck to you, Player.

---
---

# ***LEVEL 0 : 👻 The ghost of the terminal 👻***

#### Difficulty : 🌟 

#### Number of Flag : 1 🏁

## **Level0 Context** : 
You are now connected to the pc's user session. You can access the terminal, it's the start of the game !

#### Sentence of "banner_level0.sh" :
The terminal looks normal during the day, but at night, some paths lead to fantastic secrets.

#### Tip :
Uses a command to view all the files, folders and documents in the level.

## **Level0 Configuration :️**

#### File "true_flag.txt"
```
touch /level0/true_flag.txt
echo "Well no, it's not here !" > /level0/true_flag.txt
```

#### File "flag.txt"
```
touch /level0/flag.txt
echo "You're exactly where I wanted you to be ahahah !" > /level0/flag.txt
```

#### File "first_flag.txt"
```
touch /level0/first_flag.txt
echo "It's so easy..." > /level0/first_flag.txt
```

#### File "fake_flag.txt"
```
touch /level0/fake_flag.txt
echo "Are you aware that this is only level 0 ?" > /level0/fake_flag.txt
```

#### File ".secret_message.txt"
```
touch /level0/.secret_message.txt
echo "..." > /level0/.secret_message.txt
```

#### Help level0 "badplayer"
```
nano .bashrc
badplayer() { echo "🎯 0 : The most beautiful things are hidden   where you can't see them."
}
source .bashrc
  
```

#### Banner level0 "banner_level0.sh"
```
cd /
mkdir /scripts
cd /scriptss
touch banner_level0.sh
echo "..." banner_level0.sh

cd /
cd /home/level0
nano .bashrc
/scripts/banner_level0.sh
source .bashrc
```
---
---
# ***LEVEL 1 : 💻 OS Unknown 💻***

#### Difficulty : 🌟 🌟 

#### Numer of Flag : 2 🏁

## **Level1 Context** :

Well done ! After finding the flag, you've just gone to the "Documents" folder. Dig around for clues that will help you find the level's flag.

#### Sentence of "banner_level1.sh" :
Browses the desktop and tries to gather clues.

#### Tip :
I could repeat the password 64 times ^^ !

## **Level1 Configuration** :

#### Folder "Administrative"
```
mkdir /level1/Administrative

touch /Administrative/Log/file.txt
echo "..." > Administrative/Log/file.txt

touch /level1/Paperwork/file.txt
echo "..." > Administrative/Paperwork/file.txt

touch /level/Explanation/file.txt
echo "..." > Administrative/Explanation/file.txt
```

#### Folder "Deskop"
```
mkdir /level1/Deskop

touch /Deskop/Log/file.txt
echo "..." > Deskop/Log/file.txt

touch /Deskop/Paperwork/file.txt
echo "..." > Deskop/Paperwork/file.txt

touch /Deskop/Explanation/file.txt
echo "..." > Deskop/Explanation/file.txt
```

#### Folder "Economy"
```
mkdir /level1/Economy

touch /Economy/Log/file.txt
echo "..." > Economy/Log/file.txt

touch /Economy/Paperwork/file.txt
echo "..." > Economy/Paperwork/file.txt

touch /Economy/Explanation/file.txt
echo "..." > Economy/Explanation/file.txt
```

#### Folder "Politic"
```
mkdir /level1/Politic

touch /Politic/Log/file.txt
echo "..." > Politic/Log/file.txt

touch /Politic/Paperwork/file.txt
echo "..." > Politic/Paperwork/file.txt

touch /Politic/Explanation/file.txt
echo "..." > Politic/Explanation/file.txt
```

#### Folder ".Justice"
```
mkdir /level1/.Justice

touch /.Justice/Log/file.txt
echo "..." > .Justice/Log/file.txt

touch /.Justice/Paperwork/file.txt
echo "..." > .Justice/.Paperwork/hint.txt

touch /.Justice/Explanation/file.txt
echo "..." > .Justice/.Explanation/file.txt
```


#### Help level1 "badplayer"
```
nano .bashrc
badplayer() {
    echo "🎯 1 : 64 reasons to tell you why it's not so hard."
}
source .bashrc

```

#### Banner level1 "banner_level1.sh"
```
cd /scripts
touch banner_level1.sh
nano banner_level1.sh

cd /
cd /home/level1
nano .bashrc
/scripts/banner_level1.sh
source .bashrc
```
---
---
# ***LEVEL 2 :📄 The Cursed Archive 📄***

#### Difficulty : 🌟 🌟

#### Number of Flag : 1 🏁

## **Level2 Context** :
Superb, you're making pretty good progress ! By digging around, you've managed to get into the hacker's type 2 hypervisor.

#### Sentence of "banner_level2.sh" :
Here you are, introduced into the hacker's type 2 hypervisor. He may have left some traces. 

#### Tip :
To extract the hidden file, unzip it.

## **Level2 Configuration** :

```
mkdir Bsd MacOS Unix Windows Solaris
```

#### Folder "Bsd"
```
mkdir FreeBSD  GhostBSD  MidnightBSD  NetBSD  OpenBSD
touch file.txt (X6)
```

#### Folder "MacOS"
```
touch file.txt
```

#### Folder "Unix"
```
mkdir AlmaLinux CentOS Fedora Manjaro RockyLinux ArchLinux Debian KaliLinux Rhel .Ubuntu

touch file.txt (x9)
touch .file.txt (X1)
tar -czf file.tar.gz .file.txt
rm .file.txt
```

#### Folder "Windows"
```
mkdir Windows_10 Windows_11 Windows_Server

touch file.txt (X3)
```

#### Folder Solaris
```
touch file.txt
```
#### Help level2 "badplayer"
```
nano .bashrc
badplayer() {
    echo "🎯 2 : Zip, Zip ? What are you holding ?"
}
source .bashrc

```

#### Banner level2 "banner_level2.sh"
```
cd /scripts
touch banner_level2.sh
nano banner_level2.sh

cd /
cd /home/level2
nano .bashrc
/scripts/banner_level2.sh
source .bashrc
```
---
---
# ***LEVEL 3 : 💾 At the heart of the D 💾***

#### Difficulty : 🌟 🌟 🌟

#### Number of Flag : 1 🏁

## **Level3 Context** :
You're doing pretty well. Now you're entering the pc's D drive. 

#### Sentence of "banner_level3.sh" :
You continue your search and now move on to disc D.

#### Tip :
Use the visible clues to find the combination to the digital safe.

## **Level3 Configuration** :

#### Folder ".hidden"
```
mkdir /level3/.hidden
touch /.hidden/.code_decrypt.txt
echo "..." > /.hidden/.code_decrypt.txt
```

#### File "file.txt"
```
touch /level3/file.txt
echo "..." > file.txt
```

#### Folder "Secure_disk"

Part 1 :
```
mkdir /level3/Secure_disk
touch /Secure_disk/secret_key.txt
echo "..." > /Secure_disk/secret_key.txt
```
Part 2 :
```
tar -czf secret_key.txt.tar.gz /Secure_disk/secret_key.txt
```
Part 3 :
```
gpg --batch --yes --passphrase "HelloLoser" -o /Secure_disk/secret_key.txt.tar.gz.gpg -c /Secure_disk/secret_key.txt.tar.gz
```
Part 4 :
```
rm secret_key.txt secret_key.txt.tar.gz
```

#### Folder "Safe-deposit_box"

Part 1 :
```
mkdir /level3/Safe-deposit_box
touch /Safe-deposit_box/Strongbox.txt
echo "..." > /Safe-deposit_box/Strongbox.txt
```
Part 2 :
```
gpg --batch --yes --passphrase "AES256KEY" -o /Safe-deposit_box/Strongbox.txt.gpg -c /Safe-deposit_box/Strongbox.txt
```
Part 3 :
```
rm -rf Strongbox.txt 
```

#### Help level3 "badplayer"
```
nano .bashrc
badplayer() {
    echo "🎯 3 : Player, follow the path ! "
}
sources .bashrc

```

#### Banner level3 "banner_level3.sh"
```
cd /scripts
touch banner_level3.sh
nano banner_level3.sh

cd /
cd /home/level3
nano .bashrc
/scripts/banner_level3.sh
source .bashrc
```
---
---

# ***LEVEL 4 : 📸 Out of the Picture 📸***

#### Difficulty : 🌟 

#### Number of Flag : 1 🏁

## **Level4 Context** :
Here you are in the computer photo gallery. Open the images, what do you see ?

#### Sentence of "banner_level4.sh" :
Indeed, why not the photo gallery... Admire the landscape and take in the view. 

#### Tip :
Opens images with "cacaview" (pixel) or "chafa" (pixel and net) installed on the hacker's pc.

## **Level4 Configuration** :

#### Folder "Pictures" 
```
mkdir /level4/Pictures
save images in /level4/Pictures
```

#### Folder ".Deskop"
```
mkdir .Deskop
touch /.Deskop/file.txt
echo "..." > /.Deskop/file.txt
```
#### Help level4 "badplayer"
```
nano .bashrc
badplayer() {
    echo "🎯 4 : The images aren't there just to look pretty ^^."
}
source .bashrc

```
#### Banner level4 "banner_level4.sh"
```
cd /scripts
touch banner_level4.sh
nano banner_level4.sh

cd /
cd /home/level4
nano .bashrc
/scripts/banner_level4.sh
source .bashrc
```
---
---

# ***LEVEL 5 : 1️⃣  Binary Bloodbath 0️⃣***

#### Difficulty : 🌟 🌟

#### Number of Flag : 2 🏁

## **Level5 Context** :
Congratulations ! You're about to search our hacker's KeePass.

#### Sentence of "banner_level5.sh" :
You've just entered Keepass, one of the passwords is still present. 

#### Tip :
Take a sheet of paper or automate the algorithm ^^ !

## **Level5 Configuration** :

#### Folder "Connection"
```
mkdir /level5/Connection
touch /Connection/hint.txt
echo "..." > /Connexion/hint.txt
```

#### Folder "Money"
```
mkdir /level5/Money
mkdir /Money Bank Bank2 Bank3 Bank4 .Licence
touch file.txt (X5)
echo "..." > file.txt (X5)
```

#### Folder "Personal"
```
mkdir /level5/Personal
mkdir /Personal/ McDO Microsoft Personnal_Key
touch file.txt (X3)
echo "..." > file.txt (X3)
touch Connection_File (X1)
echo "..." > Connection_File (X1)
```

#### Folder "Trade"
```
mkdir /level5/Trade
mkdir /Trade/Coinbase 
touch /Coinbase/hint.txt
echo "..." > /Coinbase/hint.txt
```

#### Folder ".Deskop"
```
mkdir /level5/.Deskop
mkdir /.Deskop/.Deskop1
mkdir /.Deskop/.Deskop1/.Deskop2
mkdir /.Deskop/.Deskop1/.Deskop2/.Deskop3
mkdir /.Deskop/.Deskop1/.Deskop2/.Deskop3/.Deskop4
touch file.txt
echo "..." > file.txt
```
#### Help level5 "badplayer"
```
nano .bashrc
badplayer() {
    echo "🎯 5 : The hexadecimal results must be in the form xxxx.xxxx.xxxx.xxxx (the dots are part of the password)."
}
source .bashrc

```
#### Banner level5 "banner_level5.sh"
```
cd /scripts
touch banner_level5.sh
nano banner_level5.sh

cd /
cd /home/level5
nano .bashrc
/scripts/banner_level5.sh
source .bashrc
```
---
---

# ***LEVEL 6 : 🧮 The Labyrinth 🧮***

#### Difficulty : 🌟 

#### Number of Flag : 1 🏁

## **Level6 Context** :
You have now searched our hacker's entire computer. Check one last time in the various remaining files, the hacker has covered his tracks ...

#### Sentence of "banner_level6.sh" :
Weave your way through the folders and look at every nook and cranny, maybe things have taken root there.

#### Tip :
Be meticulous, fussy and intelligent.

## **Level6 Configuration** :
```
mkdir first
touch fake_file1.txt
[...]
touch fake_file200.txt


[...]

mkdir fortieth
touch fake_file1.txt
[...]
touch fake_file200.txt


touch /ninth/.fake_file0.txt
echo "..." > /ninth/.fake_file0.txt
```

#### Help level6 "badplayer"
```
nano .bashrc
badplayer() {
    echo "🎯 6 : You've got to be meticulous !"
}
source .bashrc

```
#### Banner level6 "banner_level6.sh"
```
cd /scripts
touch banner_level6.sh
nano banner_level6.sh

cd /
cd /home/level6
nano .bashrc
/scripts/banner_level6.sh
source .bashrc
```
---
---

# ***LEVEL 7 : 🔒 Connection 🔒***

#### Difficulty : 🌟 🌟

#### Number oh Flag : 1 🏁

## **Level7 Context** :
You've arrived at the gates of the connection. Gather all the clues from each level to unlock the "administrator" user. And if you need a helping hand, there are 2 clues from previous levels, completed and hidden in this level7.


#### Sentence of "banner_level7.sh" :
Here's the last level ! Reconstitute the various clues found during the search of the hacker's PC. You'll find 2 extra hidden clues if you still haven't figured it out.  

#### Tip :
Help yourself to any notes you may have taken during the game.


## **Level7 Configuration** :

Part 1 :
```
mkdir /level7/.Index
touch /.Index/file.txt
echo "..." > /.Index/file.txt
```
Part 2 :
```
tar -czf hint.txt.tar.gz hint.txt
rm -rf hint.txt
```
#### Help level7 "badplayer"
```
nano .bashrc
badplayer() {
    echo "🎯 7 : No, no, no, no, it's easy !"
}
source .bashrc

```
#### Banner level7 "banner_level7.sh"
```
cd /scripts
touch banner_level7.sh
nano banner_level7.sh

cd /
cd /home/level7
nano .bashrc
/scripts/banner_level7.sh
source .bashrc
```
---
---

# ***Administrator***

## **Administrator Context** :
Well done to you! Great mission, you can be proud of yourself.
The game is over. Don't hesitate to give me feedback or suggest new themes or tips!

#### Banner Administrator "banner_administrator.sh"
```
cd /scripts
touch banner_administrator.sh
nano banner_administrator.sh

cd /
cd /home/administrator
nano .bashrc
/scripts/banner_administrator.sh
source .bashrc
```
---
---