Ayham-Megdadi/Zero-Day-Legacy

GitHub: Ayham-Megdadi/Zero-Day-Legacy

一台模拟医院环境的 Boot-to-Root CTF 实验靶机,内置涵盖 Web 漏洞利用到内核提权的 17 步完整攻击链,用于渗透测试教学与实战练习。

Stars: 1 | Forks: 0

Typing SVG
![CTF](https://img.shields.io/badge/Type-Boot--to--Root%20CTF-red?style=for-the-badge&logo=hackthebox&logoColor=white) ![Platform](https://img.shields.io/badge/Platform-VirtualBox-blue?style=for-the-badge&logo=virtualbox&logoColor=white) ![OS](https://img.shields.io/badge/OS-Ubuntu%2020.04%20LTS-orange?style=for-the-badge&logo=ubuntu&logoColor=white) ![Stack](https://img.shields.io/badge/Stack-Apache%20%2B%20PHP%20%2B%20MySQL-4F5D95?style=for-the-badge&logo=php&logoColor=white) ![Grade](https://img.shields.io/badge/Grade-97%25%20%F0%9F%8F%86-FFD700?style=for-the-badge) ![Bilingual](https://img.shields.io/badge/Bilingual-Arabic%20%2F%20English-teal?style=for-the-badge) ![Difficulty](https://img.shields.io/badge/Difficulty-Intermediate-yellow?style=for-the-badge) ![Ethical](https://img.shields.io/badge/Use-Educational%20Only-lightgrey?style=for-the-badge)
## 📖 概述 **Zero-Day Legacy** 是一台贴近现实、刻意设计的易受攻击的 **Boot-to-Root CTF (夺旗赛)** 实验靶机,作为 **Ajloun National University** 的毕业设计项目而构建。它模拟了一个完整的医院管理系统 —— **Royal Health Hospital**,其中包含了跨越多种漏洞类型的完整真实攻击链。 攻击者扮演一名**无力支付医院账单的患者**,并决定从内部网络黑掉该系统。从基本的侦察开始,攻击者必须将 17 个步骤串联起来,从最初的 Web 访问一直到完全获取 root 权限 —— 这模拟了一次真实的渗透测试过程。 ## ⬇️ 下载靶机
[![下载 VM](https://img.shields.io/badge/⬇️%20Download%20VM%20(.ova)%20—%20Google%20Drive-4285F4?style=for-the-badge&logo=google-drive&logoColor=white)](https://drive.google.com/file/d/1l3ycTob6W0LsjWuNfo0qi7RwDJh32q8J/view?usp=sharing)
### 3 步设置 ``` # 1. 导入 VirtualBox File → Import Appliance → select the .ova file # 2. 设置 Network Adapter Settings → Network → Adapter 1 → Bridged Adapter # 3. 从 Kali Linux 发现机器 IP sudo netdiscover ``` ## 🎯 攻击场景 ## 🛠️ 技术栈 | 层级 | 技术 | 版本 | |-------|-----------|---------| | OS | Ubuntu Server LTS (Focal Fossa) | 20.04.6 | | Web 服务器 | Apache | 2.4.x | | 语言 | PHP (无框架 —— 刻意设计) | 7.4 | | 数据库 | MySQL | 8.0.x | | 前端 | HTML / CSS / JS —— 自定义,未使用 Bootstrap | — | | 虚拟机平台 | VirtualBox | — | | 网络模式 | 桥接网卡 (真实局域网 IP) | — | | 双语 | 完整的阿拉伯语 + 英语,支持 RTL | — | ## 🖥️ 虚拟机配置 ``` OS: Ubuntu Server 20.04.6 LTS — kernel 5.4.x (vulnerable to CVE-2021-3493) vCPU: 1 RAM: 1 GB Storage: 2 GB Network: Bridged Adapter — gets real IP from local router Services: Apache (80) · OpenSSH (22) · MySQL (3306 — local only) Bilingual: Arabic + English on all pages ``` ## 📁 文档 | 文档 | 描述 | |----------|-------------| | [`Zero-Day-Legacy-PRD.pdf`](https://github.com/Ayham-Megdadi/Zero-Day-Legacy/blob/main/Documentation/Zero-Day-Legacy-PRD.pdf) | 完整的项目需求文档 —— 攻击链、数据库设计、虚拟机配置、漏洞说明 | | [`Penetration-Test-Report.pdf`](https://github.com/Ayham-Megdadi/Zero-Day-Legacy/blob/main/Documentation/Penetration-Test-Report.pdf) | 由 Cyber Company AIMAS 出具的完整渗透测试报告 —— 包含截图的完整技术发现 | ## 👥 开发团队
| 姓名 | LinkedIn | Instagram | |------|----------|-----------| | **Ayham Megdadi** | [![LinkedIn](https://img.shields.io/badge/LinkedIn-0077B5?style=flat&logo=linkedin&logoColor=white)](https://www.linkedin.com/in/ayham-megdadi) | [![Instagram](https://img.shields.io/badge/Instagram-E4405F?style=flat&logo=instagram&logoColor=white)](https://www.instagram.com/ayham_megdadi) | | **Ibrahim Onizat** | [![LinkedIn](https://img.shields.io/badge/LinkedIn-0077B5?style=flat&logo=linkedin&logoColor=white)](https://www.linkedin.com/in/ibrahim-alonezat-8b4025282) | [![Instagram](https://img.shields.io/badge/Instagram-E4405F?style=flat&logo=instagram&logoColor=white)](https://www.instagram.com/ibr3.m) | | **Manar Hussein** | [![LinkedIn](https://img.shields.io/badge/LinkedIn-0077B5?style=flat&logo=linkedin&logoColor=white)](https://www.linkedin.com/in/manar-hussein-gharaibeh-ab2125351) | [![Instagram](https://img.shields.io/badge/Instagram-E4405F?style=flat&logo=instagram&logoColor=white)](https://www.instagram.com/manar_hussein04) | | **Amira Freihat** | [![LinkedIn](https://img.shields.io/badge/LinkedIn-0077B5?style=flat&logo=linkedin&logoColor=white)](https://www.linkedin.com/in/amira-freihat-735b78350) | [![Instagram](https://img.shields.io/badge/Instagram-E4405F?style=flat&logo=instagram&logoColor=white)](https://www.instagram.com/amira_freihat04) | | **Salsabeel Abu Hawwa** | — | [![Instagram](https://img.shields.io/badge/Instagram-E4405F?style=flat&logo=instagram&logoColor=white)](https://www.instagram.com/slsabeel_mohammad) | **指导教师:** Dr. Mohammad Al-Sawah **大学:** Ajloun National University (ANU) **学院:** 信息技术学院 —— 网络安全与云计算 **学年:** 2025–2026
## 🏆 学术成就
``` ╔═══════════════════════════════════════════════════════════╗ ║ 🏆 HIGHEST GRADE IN THE UNIVERSITY: 97% ║ ║ ║ ║ Ajloun National University — Graduation Project ║ ║ Faculty of IT — Cybersecurity & Cloud Computing ║ ║ Academic Year: 2025–2026 ║ ╚═══════════════════════════════════════════════════════════╝ ```
## ⚖️ 道德与法律免责声明 - 所有漏洞均为**刻意设计并受控** - 仅限在**本地网络的独立 VirtualBox 环境**中运行 - **严禁部署在连接公网的服务器上** - 所有患者数据均为**虚构,专门为 CTF 生成** - 使用此靶机即表示您同意仅将其用于**经授权、受控的教育环境**
标签:CISA项目, CTF靶机, PNNL实验室, Web报告查看器, 协议分析, 教育实验, 权限提升, 模糊测试, 网络安全, 隐私保护, 靶场环境