CySCA2014-in-a-Box is a Virtual Machine that contains most of the challenges faced by players during CySCA2014. It allows players to complete challenges in their own time, to learn and develop their cyber security skills. The VM includes a static version of the scoring panel with all challenges, required files and flags.

To use CySCA2014 in a box virtual machines, players will need to have either Oracle VirtualBox or VMWare Player installed on their machines. Additionally we recommend players have at least 4GB of RAM. If you have less RAM, you can reduce the amount of RAM available to the VM down to 512MB, however it may adversely affect the speed of some of the challenges.

CAUTION The VM contains software that is deliberately vulnerable. We advise that you do not attach it to a critical network. Consider using your virtualisation softwares host-only network functionality.

I always enjoy creating and releasing vulnerable virtual machines so readers can get a first hand feel of attacking these command and control panels without doing anything illegal. The objective of this vulnerable virtual machine is to get a root shell. The root credentials (for network configuration purposes) are root:password. These credentials are not part of a solution and it is intended that the vulnerable virtual machine be attacked remotely. You can download the LoBOTomy vulnerable virtual machine here.

  • Brian Wallace AKA @botnet_hunter

SecOS: 1

PaulSec 12 May 2014

Not too tired after BSides London? Still want to solve challenges? Here is the VM I told about during my talk where you'll have to practice some of your skills to retrieve the precious flag located here: /root/flag.txt. This VM is an entry-level boot2root and is web based.

This VM is the first of a series which I'm currently creating where there will be links between all of them. Basically, each machine in the series will rely/depend on each other, so keep the flags for the next VMs.

This has been tested on VirtualBox and gets its IP from the DHCP server. Moreover, if you find yourself bruteforcing, you're doing something wrong. It is not needed and it wasn't designed to be done this way. Instead, focus on exploiting web bugs!

If you have any questions, feel free to ask me on Twitter @PaulWebSec or throw me a mail: paulwebsec(at)gmail(dot)com

ctf8.zip contains the compressed virtual machine target (ctf8.vmdk) as well as the PDF walk through instructions.

The latest release fixes some issues with the user cron jobs that check their mail. Earlier versions were prone to memory leaks that would cause the virtualmachine to crash unexpectedly.

This is the latest of several releases that are part of the LAMP Security project. The other exercises can be found under the 'Capture the Flag' folder. Note the PDF doesn't include the target image. Download the CTF7plusDocs.zip to get the target image as well as the documentation (in PDF format).

The LAMPSecurity project is an effort to produce training and benchmarking tools that can be used to educate information security professionals and test products. Please note there are other capture the flag exercises (not just the latest one). Check the SourceForge site to find other exercises available (http://sourceforge.net/projects/lampsecurity/files/CaptureTheFlag/).

These exercises can be used for training purposes by following this documentation. Alternatively you may wish to test new tools, using the CTF virtual machines as targets. This is especially helpful in evaluating the effectiveness of vulnerability discovery or penetration testing tools.

This is the fifth capture the flag exercise. It includes the target virtual virutal machine image as well as a PDF of instructions. The username and password for the targer are deliberately not provided! The idea of the exercise is to compromise the target WITHOUT knowing the username and password. Note that there are other capture the flag exercises. If you like this one, download and try out the others. If you have any questions e-mail me at justin AT madirish DOT net


The LAMPSecurity project is an effort to produce training and benchmarking tools that can be used to educate information security professionals and test products. Please note there are other capture the flag exercises (not just the latest one). Check the SourceForge site to find other exercises available (http://sourceforge.net/projects/lampsecurity/files/CaptureTheFlag/).

These exercises can be used for training purposes by following this documentation. Alternatively you may wish to test new tools, using the CTF virtual machines as targets. This is especially helpful in evaluating the effectiveness of vulnerability discovery or penetration testing tools.

Updated to set default runlevel to 3 (no X windows) and fixed DHCP.

This is the fourth capture the flag exercise. It includes the target virtual virutal machine image as well as a PDF of instructions. The username and password for the targer are deliberately not provided! The idea of the exercise is to compromise the target WITHOUT knowing the username and password. Note that there are other capture the flag exercises. If you like this one, download and try out the others. If you have any questions e-mail me at justin AT madirish DOT net.


The LAMPSecurity project is an effort to produce training and benchmarking tools that can be used to educate information security professionals and test products. Please note there are other capture the flag exercises (not just the latest one). Check the SourceForge site to find other exercises available (http://sourceforge.net/projects/lampsecurity/files/CaptureTheFlag/).

These exercises can be used for training purposes by following this documentation. Alternatively you may wish to test new tools, using the CTF virtual machines as targets. This is especially helpful in evaluating the effectiveness of vulnerability discovery or penetration testing tools.

Difficulty

Beginner

Details

This exercise covers the exploitation of CVE-2008-1760. This vulnerability allows an attacker to gain access to unaccessible pages using crafted requests. This is a common trick that a lot of testers miss.

What you will learn?

  • Tomcat
  • Java WebShell
  • Exploitation of CVE-2008-1760

We've packaged 10 real world applications into an Ubuntu Desktop based ISO. These applications are vulnerable to command injection attacks which you will need to find and exploit. Please note that not all applications are on port 80 :)

All the best!