Some folks may already be aware of Metasploitable, an intentionally vulnerable virtual machine designed for training, exploit testing, and general target practice. Unlike other vulnerable virtual machines, Metasploitable focuses on vulnerabilities at the operating system and network services layer instead of custom, vulnerable applications. I am happy to announce the release of Metasploitable 2, an even better punching bag for security tools like Metasploit, and a great way to practice exploiting vulnerabilities that you might find in a production environment.

For download links and a walkthrough of some of the vulnerabilities (and how to exploit them), please take a look at the Metasploitable 2 Exploitability Guide.

Have fun!

Source: https://community.rapid7.com/community/metasploit/blog/2012/06/12/introducing-metasploitable-2

One of the questions that we often hear is "What systems can i use to test against?" Based on this, we thought it would be a good idea throw together an exploitable VM that you can use for testing purposes.

Metasploitable is an Ubuntu 8.04 server install on a VMWare 6.5 image. A number of vulnerable packages are included, including an install of tomcat 5.5 (with weak credentials), distcc, tikiwiki, twiki, and an older mysql.

You can use most VMware products to run it, and you'll want to make sure it's configured for Host-only networking unless it's in your lab - no need to throw another vulnerable machine on the corporate network. It's configured in non-persistent-disk mode, so you can simply reset it if you accidentally 'rm -rf' it.

Source: http://web.archive.org/web/20100525233058/http://blog.metasploit.com/2010/05/introducing-metasploitable.html

Hi everyone!

Recently I've created my own Live CD and would like to get some feedback from you. This Live CD, codename Loophole, is meant to show you how important it is to keep your software up to date and properly configured. There's more than one way into the system and each one of them will teach you different network/computer security related topics.

Scenario for Loophole Live CD:

We suspect that someone inside Rattus labs is working with known terrorist group. Your mission is to infiltrate into their computer network and obtain encrypted document from one of their servers. Our inside source has told us that the document is saved under the name of Private.doc.enc and is encrypted using OpenSSL encryption utility. Obtain the document and decrypt it to complete the mission.

Source: http://forums.hackingdojo.com/viewtopic.php?f=15&t=486

The only pentesting course which gives you the access to the virtual penetration testing lab, where you can train your skills in a real-life situations.

The BackTrack Linux 5r2-PenTesting Edition lab is an all-in-one penetration testing lab environment that includes all of the hosts, network infrastructure, tools, and targets necessary to practice penetration testing. It includes:

  • A master (base) host utilizing BackTrack Linux 5r2
  • A DMZ network with two hosts (targets)
  • An “internal” network with one host (target)
  • A pre-configured firewall

This lab has some of the most popular penetration testing tools pre-installed and a number of vulnerabilities to discover and exploit. This all-in-one solution is the easiest and fastest method of building a full penetration testing lab environment for practicing your skills!

Source: http://pentestlab.org/lab-in-a-box/

Again a long delay between VMs, but that cannot be helped. Work, family must come first. Blogs and hobbies are pushed down the list. These things aren’t as easy to make as one may think. Time and some planning must be put into these challenges, to make sure that:

1. It’s possible to get root remotely [ Edit: sorry not what I meant ]

1a. It’s possible to remotely compromise the machine

  1. Stays within the target audience of this site

  2. Must be “realistic” (well kinda…)

  3. Should serve as a refresher for me. Be it PHP or MySQL usage etc. Stuff I haven’t done in a while.

I also had lots of troubles exporting this one. So please take the time to read my comments at the end of this post.

Keeping in the spirit of things, this challenge is a bit different than the others but remains in the realm of the easy. Repeating myself I know, but things must always be made clear: These VMs are for the beginner. It’s a place to start.

I’d would love to code some small custom application for people to exploit. But I’m an administrator not a coder. It would take too much time to learn/code such an application. Not saying I’ll never try doing one, but I wouldn’t hold my breath. If someone wants more difficult challenges, I’m sure the Inter-tubes holds them somewhere. Or you can always enroll in Offsec’s PWB course. *shameless plug

-- A few things I must say. I made this image using a new platform. Hoping everything works but I can’t test for everything. Initially the VM had troubles getting an IP on boot-up. For some reason the NIC wouldn’t go up and the machine was left with the loopback interface. I hope that I fixed the problem. Don’t be surprised if it takes a little moment for this one to boot up. It’s trying to get an IP. Be a bit patient. Someone that tested the image for me also reported the VM hung once powered on. Upon restart all was fine. Just one person reported this, so hoping it’s not a major issue. If you plan on running this on vmFusion, you may need to convert the imagine to suit your fusion version.

-- Also adding the VHD file for download, for those using Hyper-V. You guys may need to change the network adapter to “Legacy Network Adapter”. I’ve test the file and this one seems to run fine for me… If you’re having problems, or it’s not working for any reason email comms[=]kioptrix.com

Thanks to @shai_saint from www.n00bpentesting.com for the much needed testing with various VM solutions.

Thanks to Patrick from Hackfest.ca for also running the VM and reporting a few issues. And Swappage & @Tallenz for doing the same. All help is appreciated guys

So I hope you enjoy this one.

The Kioptrix Team

Source: http://www.kioptrix.com/blog/?p=604

It's been a while since the last Kioptrix VM challenge. Life keeps getting the way of these things you know.

After the seeing the number of downloads for the last two, and the numerous videos showing ways to beat these challenges. I felt that 1.2 (or just level 3) needed to come out. Thank you to all that downloaded and played the first two. And thank you to the ones that took the time to produce video solutions of them. Greatly appreciated.

As with the other two, this challenge is geared towards the beginner. It is however different. Added a few more steps and a new skill set is required. Still being the realm of the beginner I must add. The same as the others, there’s more then one way to “pwn” this one. There’s easy and not so easy. Remember… the sense of “easy” or “difficult” is always relative to ones own skill level. I never said these things were exceptionally hard or difficult, but we all need to start somewhere. And let me tell you, making these vulnerable VMs is not as easy as it looks…

Important thing with this challenge. Once you find the IP (DHCP Client) edit your hosts file and point it to kioptrix3.com

Under Windows, you would edit C:\Windows\System32\drivers\etc\hosts to look something like this:

# localhost name resolution is handled within DNS itself.
#   127.0.0.1 localhost
#   ::1 localhost127.0.0.1 static3.cdn.ubi.com
192.168.1.102 kioptrix3.com

Under Linux that would be /etc/hosts

There’s a web application involved, so to have everything nice and properly displayed you really need to this.

Hope you enjoy Kioptrix VM Level 1.2 challenge.

452 Megs

MD5 Hash : d324ffadd8e3efc1f96447eec51901f2

Have fun

Source: http://www.kioptrix.com/blog/?p=358

Kioptrix VM Image Challenges:

This Kioptrix VM Image are easy challenges. The object of the game is to acquire root access via any means possible (except actually hacking the VM server or player). The purpose of these games are to learn the basic tools and techniques in vulnerability assessment and exploitation. There are more ways then one to successfully complete the challenges.

Source: http://www.kioptrix.com/blog/?page_id=135

Source: http://www.kioptrix.com/blog/?p=49

This is the second release of #2. First release had a bug in it with the web application

2012/Feb/09: Re-releases

2011/Feb/11: Original Release

Checksum

  • Original MD5: 987FFB98117BDEB6CA0AAC6EA22E755D
  • Original SHA1: 7A0EA0F414DFA0E05B7DF504F21B325C6D3CC53B
  • Re-release MD5: 987FFB98117BDEB6CA0AAC6EA22E755D
  • Re-release SHA1: 7A0EA0F414DFA0E05B7DF504F21B325C6D3CC53B

Kioptrix VM Image Challenges:

This Kioptrix VM Image are easy challenges. The object of the game is to acquire root access via any means possible (except actually hacking the VM server or player). The purpose of these games are to learn the basic tools and techniques in vulnerability assessment and exploitation. There are more ways then one to successfully complete the challenges.

Source: http://www.kioptrix.com/blog/?page_id=135

Source: http://www.kioptrix.com/blog/?p=49

Holynix is a Linux distribution that was deliberately built to have security holes for the purposes of penetration testing. If you're having trouble, or there are any problems, it can be discussed here.

Source: http://pynstrom.com/holynix.php

-- README

Holynix 2.0 Release Notes


Holynix is an Linux distribution that was deliberately built to have security holes for the purposes of penetration testing. The object of the challenge v1 is just to root the box. Register on the forums to receive an email update when a new challenge is released.

Network Configuration


Holynix v2 is set with static ip and requires some network configuration in order to run.

  • Network: 192.168.1.0/24
  • Pool Starting Addr: 192.168.1.2
  • Gateway Addr: 192.168.1.1
  • Subnet Mask: 255.255.255.0

Support


Homepage: http://pynstrom.com/

Project Page: http://pynstrom.com/holynix.php

Forums: http://pynstrom.com/forum/

Bugs


Bugs can be reported using sourceforge's bug tracker located at http://sourceforge.net/projects/holynix/support or reported to me directly at [email protected]

Source: holynix-v2.tar.bz2/README.txt

--Forum

Getting Started w/ Holynix v2

Source: http://pynstrom.com/forum/viewtopic.php?f=8&t=7

Holynix is a Linux distribution that was deliberately built to have security holes for the purposes of penetration testing. If you're having trouble, or there are any problems, it can be discussed here.

Source: http://pynstrom.com/holynix.php

-- README

Holynix 1.0 beta Release Notes


Similar to the de-ice and pWnOS pentest cds, Holynix is an ubuntu server vmware image that was deliberately built to have security holes for the purposes of penetration testing. More of an obstacle course than a real world example. The object of the challenge is to gain root level privileges and access to personal client information.

Support


Homepage: http://pynstrom.com/

Project Page: http://pynstrom.com/holynix.php

Forums: http://pynstrom.com/forum/

Bugs


Bugs or can be reported using sourceforge's bug tracker located at http://sourceforge.net/projects/holynix/support or reported to me directly at pynstrom AT pynstrom DOT com

Source: holynix-v1.tar.bz2/README.txt

README.txt wasn't updated with the release of the final version

-- Forum

Difference between beta and final

  • Set HD to non-persistant so any mistakes will be fixed at reboot.
  • Removed some trash I accidentally left laying around.

Source: http://pynstrom.com/forum/viewtopic.php?f=2&t=5

Getting Started w/ Holynix v1

Source: http://pynstrom.com/forum/viewtopic.php?f=6&t=6

-- Checksums

Beta MD5: D19306C6C2305005C72A7811D2B72B51

Beta SHA1: 0C5B7D37FECD39C52BC2C8C2EE66A617BB576A90

Final MD5: EBB8EF2544559D72A052687497F78341

Final SHA1: 967F3DB6D97CCC615EB5758AC75387D46C3D1199