Machine Synopsis

Cap is an easy difficulty Linux machine running an HTTP server thus allowing users to capture the non-enrypted traffic. Improper controls result in Insecure Direct Object Reference (IDOR) giving access to another user's capture. The capture contains plaintext credentials and can be used to gain foothold. A Linux capability is then leveraged to get root.