Mission
Exfiltrate /opt/vault/classified.db through DNS (port 53) or HTTPS (port 443). iptables is enforcing a REJECT-by-default OUTPUT policy with only DNS + 443 allowed, so anything else is silently dropped.
Why this matters in 2026
The objective of every operation is data, not root. Real egress controls force quiet, protocol-shaped exfiltration.
Mitigation era: 2026-04 · rotation policy: levels may be refreshed as CVEs are patched out of distro defaults.
Connection Terminal
Use the password forphantom28 that you captured on the previous level, then:ssh [email protected] -p 2223SSH command copied to clipboard!
Flag Submission
Log in to submit flags and track progress.
🩸
ACTIVE RECORDFirst Blood captured by