Vulnerable VM with some focus on NoSQL
This vulnerable VM is meant to act as a practice virtual machine for security researchers to start looking at identifying and exploiting vulnerabilities in NoSQL, PHP and the underlying OS (Debian).
100% works with VMware player6, workstation 10 & fusion 6.
May have issues with ViritualBox If this is the case, try this 'fix': http://download.vulnhub.com/kioptrix/kiop2014_fix.zip - Step by Step screenshots for Virtualbox 4.3 & VMware Workstation 9)
As usual, this vulnerable machine is targeted at the beginner. It's not meant for the seasoned pentester or security geek that's been at this sort of stuff for 10 years. Everyone needs a place to start and all I want to do is help in that regard.
Also, before powering on the VM I suggest you remove the network card and re-add it. For some oddball reason it doesn't get its IP (well I do kinda know why but don't want to give any details away). So just add the VM to your virtualization software, remove and then add a network card. Set it to bridge mode and you should be good to go.
This was created using ESX 5.0 and tested on Fusion, but shouldn't be much of a problem on other platforms.
Kioptrix VM 2014 download 825Megs
MD5 (kiop2014.tar.bz2) = 1f802308f7f9f52a7a0d973fbda22c0a
SHA1 (kiop2014.tar.bz2) = 116eb311b91b28731855575a9157043666230432
Waist line 32"
p.s.: Don't forget to read my disclaimer...
Infernal: Hades v1.0.1.
Hades is a new boot2root challenge pitched at the advanced hobbyist. Solving this challenge will require skills in reverse engineering, sploit development and sound computer architecture understanding. If you've never heard of an opaque predicate, you're going to have a hard time of it!
I strongly suggest you don't start this the week before exams, important meetings, deadlines of any sort, marriages, etc.
The aim of this challenge is for you to incrementally increase your access to the box until you can escalate to root. The /root/flag.txt contains, amongst other things, a public PGP key which you can use to demonstrate victory - the private key has been given to the VulnHub.com admins.
By using this virtual machine, you agree that in no event will I be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of or in connection with the use of this software. If something bad happens, it's not my fault. Use at your own risk!
Welcome to VulnOS !
This is my first vulnerable target I made because I want to give back something to the community. Big up for the community that made things possible!!!
Your goal is to get root and find all the vulnerabilities inside the OS ! It is a ubuntu server 10.04 LTS (that's been made very buggy!!!!) DO NOT USE This Box in a production environment!!!!!!! It's a VM thas has been made with Virtualbox 4.3.8 - so it's in the .vdi format.
This box has been made with bridged networking and uses DHCP to get an IP address (was 192.168.1.66 when I built it). So it is best to share the attack OS and the TARGET BOX to IP-Range OF 192.168.1.1/24
Maybe you could set it up with m0n0wall and setup static IP-addresses.
If you cannot find the target's IP ADRERSS, contact me @ blakrat1 AT gmail DOT com I will give you the root user and password to login....
Hope you find this useful !!!
In general, I’ve found that information is much easier to retain if it can be applied in the real world. Not everyone is a self-proclaimed botnet hunter, and it is not suggested (or recommended) that anyone try to exploit live botnets. For these reasons, I have put together another vulnerable virtual machine, which allows for aspiring botnet hunters and security enthusiasts to try their hand at attacking a Dexter command and control panel. It can be downloaded
____ ___ ____ ___ __ ____ ___ ____ ____ `MM( )P' 6MMMMb `MM 6MM `MM( )P' 6MMMMb 6MMMMb\ `MM` ,P 6M' `Mb MM69 " `MM` ,P 6M' `Mb MM' ` `MM,P MM MM MM' `MM,P MM MM YM. `MM. MMMMMMMM MM `MM. MMMMMMMM YMMMMb d`MM. MM MM d`MM. MM `Mb d' `MM. YM d9 MM d' `MM. YM d9 L ,MM _d_ _)MM_ YMMMM9 _MM_ _d_ _)MM_ YMMMM9 MYMMMM9 xerxes v0.1 by @barrebas xerxes.ova md5 4a1b5e1a984d8e01353dd32fd37554bc get root and read /root/flag tested on virtualbox 4.1.12 -- many thanks to TheColonial for testing! please share your thoughts on this vm! if you find any bugs, please let me know on irc (freenode #vulnhub) DISCLAIMER By using this virtual machine, you agree that in no event will I be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of or in connection with the use of this software.
_ _ ___ | | (_) |__ \ | |__ _ __ __ _ _ _ __ _ __ __ _ _ __ ) | | '_ \| '__/ _` | | '_ \| '_ \ / _` | '_ \ / / | |_) | | | (_| | | | | | |_) | (_| | | | | / /_ |_.__/|_| \__,_|_|_| |_| .__/ \__,_|_| |_| |____| | | |_| by superkojiman http://www.techorganic.com
By using this virtual machine, you agree that in no event will I be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of or in connection with the use of this software.
TL;DR: If something bad happens, it's not my fault.
Brainpan has been tested and found to work on the following hypervisors: - VMware Player 6.0.1 - VMWare Fusion 6.0.2 - VirtualBox 4.3.2
Check to make sure brainpan2.ova has following checksums so you know your download is intact:
Import brainpan2.ova into your preferred hypervisor and configure the network settings to your needs. It will get an IP address via DHCP, but it's recommended you run it within a NAT or visible to the host OS only since it is vulnerable to attacks.
__________ .__ __ .__ .__ __ \______ \ ____ | | _____ _/ |_|__|__ _|__|/ |_ ___.__. | _// __ \| | \__ \\ __\ \ \/ / \ __< | | | | \ ___/| |__/ __ \| | | |\ /| || | \___ | |____|_ /\___ >____(____ /__| |__| \_/ |__||__| / ____| ·VM· \/ \/ \/ \/ -v1.0.1- +-----------------------------------------------------------------------+ | cReaTeD....: sagi- | DaTe......: 2013-11-29 | | oS.........: Linux | oBJecTiVe.: Read /root/flag.txt | | | GReeTZ....: g0tmi1k & l0ca1hoSt | +-----------------------------------------------------------------------+
v1.0.1 ~ 2013-11-29 Fixed a few bugs when using VirtualBox (thanks to Bas van den Berg - @barrebas)
v1.0 ~ 2013-11-16 Public release
v0.0 ~ 2013-11-01 Private release - Zacon
v0.0 ~ 2013-06-29 Private release - HackFu
This is a Linux based VM that is intended as a way to get security researchers started with simple botnet research. It also requires the researcher have some ability to assess and exploit vulnerabilities, with the ultimate goal of obtaining root access to the VM. This is the second of many to come, please feel free to supply feedback so I can make future ones more enjoyable and fulfilling.
The network configuration of the VM is set to auto, so it is easiest to run with some sort of DHCP server on the same network(or just select the NAT option in your virtualization software). It is suggested that you use the NAT option along with port forwarding, but as long as you have TCP access to the VM, you should be fine.
There are no supplied credentials, and it is intended that the network services on the VM are the attack vectors.
If you have questions, feel free to ask in #vulnhub on freenode(I'm bwall on there). You can also ask me on Twitter(@botnet_hunter). You can also email me at bwall(at)ballastsecurity.net