I need some advice. I am new to penetration testing and ethical hacking, and am currently trying to wrap my head around the servers in the free area. I know it's quite a problem to discuss the solutions to the puzzles here, so if you don't want to be spoilered stop reading here. But every expert in hacking and everyone who completed the free area already: I need some help where I have gone wrong.
So far I wasn't be able to hack one server. I focused on 10.195.0.2, on which I identified the service
dnsmasq 2.66 running on port 53. A Google search discovered that this service is vulnerable to a heap-buffer-overflow which enables me to execute arbitrary code via a crafted IPv6 router advertisement request on the machine.
The CVE to this flaw is CVE-2017-14492, with which I was able to find a PoC from the Google sec-team who found the vulnerability.
My Problem is - afaik there is now way to get further from this point, because what stops me from exploiting the vulnerability is, that IPv6 isn't supported in the CTF365-VPN - or it just doesn't work for me, I am using Kali Linux as a VM in Virtualbox on Arch Linux-host.
Since all other ports on 10.195.0.2 are filtered and this is, from my point of view, the only flaw that can be exploited I am a bit clueless what to do now. Since the purpose of the free area is to have broken-by-default-machines I still believe the server is exploitable, but I really don't know anymore what to do - I am working two days on this.
Please, can anyone point me in the right direction?