Virtual Machines
single series all timeline

Search Result: port (137 results)

Again a long delay between VMs, but that cannot be helped. Work, family must come first. Blogs and hobbies are pushed down the list. These things aren’t as easy to make as one may think. Time and some planning must be put into these challenges, to make sure that:

1. It’s possible to get root remotely [ Edit: sorry not what I meant ]

1a. It’s possible to remotely compromise the machine

  1. Stays within the target audience of this site

  2. Must be “realistic” (well kinda…)

  3. Should serve as a refresher for me. Be it PHP or MySQL usage etc. Stuff I haven’t done in a while.

I also had lots of troubles exporting this one. So please take the time to read my comments at the end of this post.

Keeping in the spirit of things, this challenge is a bit different than the others but remains in the realm of the easy. Repeating myself I know, but things must always be made clear: These VMs are for the beginner. It’s a place to start.

I’d would love to code some small custom application for people to exploit. But I’m an administrator not a coder. It would take too much time to learn/code such an application. Not saying I’ll never try doing one, but I wouldn’t hold my breath. If someone wants more difficult challenges, I’m sure the Inter-tubes holds them somewhere. Or you can always enroll in Offsec’s PWB course. *shameless plug

-- A few things I must say. I made this image using a new platform. Hoping everything works but I can’t test for everything. Initially the VM had troubles getting an IP on boot-up. For some reason the NIC wouldn’t go up and the machine was left with the loopback interface. I hope that I fixed the problem. Don’t be surprised if it takes a little moment for this one to boot up. It’s trying to get an IP. Be a bit patient. Someone that tested the image for me also reported the VM hung once powered on. Upon restart all was fine. Just one person reported this, so hoping it’s not a major issue. If you plan on running this on vmFusion, you may need to convert the imagine to suit your fusion version.

-- Also adding the VHD file for download, for those using Hyper-V. You guys may need to change the network adapter to “Legacy Network Adapter”. I’ve test the file and this one seems to run fine for me… If you’re having problems, or it’s not working for any reason email comms[=]kioptrix.com

Thanks to @shai_saint from www.n00bpentesting.com for the much needed testing with various VM solutions.

Thanks to Patrick from Hackfest.ca for also running the VM and reporting a few issues. And Swappage & @Tallenz for doing the same. All help is appreciated guys

So I hope you enjoy this one.

The Kioptrix Team

Source: http://www.kioptrix.com/blog/?p=604

more...

A free open-source self-contained training environment for Web Application Security penetration testing. Tools + Targets = Dojo

What?

Various web application security testing tools and vulnerable web applications were added to a clean install of Ubuntu v10.04.2, which is patched with the appropriate updates and VM additions for easy use.

Why?

The Web Security Dojo is for learning and practicing web app security testing techniques. It is ideal for self-teaching and skill assessment, as well as training classes and conferences since it does not need a network connection. The Dojo contains everything needed to get started – tools, targets, and documentation.

Where?

Download Web Security Dojo from http://sourceforge.net/projects/websecuritydojo/files/ .

How?

To install Dojo you first install and run VirtualBox 3.2 or later, then “Import Appliance” using the Dojo’s OVF file. We have PDF or YouTube for instructions for Virtualbox. As of version 1.0 a VMware version is also provided, as well as video install instructions

Who?

Sponsored by Maven Security Consulting Inc (performing web app security testing & training since 1996). Also, could be you! Web Security Dojo is an open source and fully transparent project, with public build scripts and bug trackers on Sourceforge .

More?

Look for Dojo videos on our YouTube channel at http://www.youtube.com/user/MavenSecurity Hack your way to fame and glory 1 with our security challenges posted at Reddit (http://www.reddit.com/r/WebSecChallenges/). [1. Fame and glory not included; void where prohibited by law]

more...

About hackxor

Hackxor is a webapp hacking game where players must locate and exploit vulnerabilities to progress through the story. Think WebGoat but with a plot and a focus on realism&difficulty. Contains XSS, CSRF, SQLi, ReDoS, DOR, command injection, etc

Features:

  • Client attack simulation using HtmlUnit; no alert('xss') here.
  • Smooth difficulty gradient from moderately easy to fiendishly tricky.
  • Realistic vulnerabilities modelled from Google, Mozilla, etc (No rot13!)
  • Open ended play; progress by any means possible.

Download & install instructions

  • Download the full version of hackxor (700mb)
  • Install VMWare Player (This involves creating a free account with vmware)
  • Extract hackxor1.7z, run the image using VMware player.
  • Work out what the IP of hackxor is ((try 172.16.93.129)|| logging into the VM with username:root pass:hackxor and typing ifconfig)
  • Configure your hosts file (/etc/hosts on linux) to redirect the following domains to the IP of hackxor: wraithmail, wraithbox, cloaknet, GGHB, hub71, utrack.
  • Browse to http://wraithmail:8080 and login with username:algo password:smurf

If you can't edit the hosts file for some reason, you could use the 'Override hostname resolution' option in Burp proxy

Troubleshooting the installation:

  • If http://wraithmail:8080 loads everything is probably working.
  • First: Try 'nmap wraithmail' in a shell to see if port 8080 is open. If it is open, contact me! Otherwise:
  • Second: Try nmap . If that succeeds, fix your hosts file. Otherwise:
  • Third: If you really can't get any network contact with the VM, check the VM settings in the VM manager
  • (this does not involve logging into the virtual machine). Make sure it is set to NAT. If that doesn't fix it:
  • Fourth: Try changing the VM network setting to 'Bridged'. This will mean other people on the LAN can access it.
  • Fifth: If all else fails, contact me on twitter.

The scene

You play a professional blackhat hacker hired to track down another hacker by any means possible. Start by checking your email on wraithmail, and see how far down the rabbit hole you can get. The key websites in this game are http://wraithmail:8080 http://cloaknet:8080 http://gghb:8080 and http://hub71:8080 so if you don't feel like tracking down your target you may hack them in any order. Each website will be properly introduced through the plot.

Changes since 1.0

  • Fixed a potential-lose bug in hub71

Changes since the beta

  • Made cloaknet (second level) harder/better/more realistic
  • Added stealth ranking system
  • Fixed 2 unintentional XSS vulns in rentnet(hub71)
  • Enhanced rentnet(hub71) session security (You'll see)
  • Added online demo (first 2 levels)
  • Improved names/other fluff
  • Added clear ending
  • Made VM IP static-ish for easier installation
  • Made VM only accessible from the host machine by default
  • Linked sites together better
  • Added anti-bruteforce protection
  • Removed numerous bits of test code
  • Removed a few obscenities
  • Fixed some inaccuracies&minor bugs

Source: http://hackxor.sourceforge.net/cgi-bin/index.pl

more...

The idea behind VulnVPN is to exploit the VPN service to gain access to the sever and ‘internal’ services. Once you have an internal client address there are a number of ways of gaining root (some easier than others).

Client VPN Configuration

I have created/uploaded the relevant files which can be obtained from the compressed file here. You’ll need to configure Openswan/xl2tpd on your system, if you’re using an Ubuntu based Linux variant you can follow the below steps – please note that I’ve used Backtrack 5r3 for all client testing (mentioned as I know it works well):

  1. apt-get install openswan xl2tpd ppp

  2. Copy the downloaded client files into the following locations:

    /etc/ipsec.conf

    /etc/ipsec.secrets

    /etc/ppp/options.l2tpd.client

    /etc/xl2tpd/xl2tpd.conf

  3. VulnVPN is located at 192.168.0.10 and the client configuration files state that the client IP address is 192.168.0.11. If you want your client to have a different address ensure you change the relevant settings in /etc/ipsec.conf.

  4. To establish a VPN connection run the following command: ipsec auto –up vpn (that’s two hyphens before up, they get lost in the post formatting). If you’re viewing the logs you should see something along the lines of ‘IPsec SA established’.

  5. If the connection succeeds (remember you’ll need to obtain the PSK before this is possible) you can run the ‘start-vpn.sh’ script (included with client config files download) or run the following command to initialise the PPP adaptor: echo “c vpn” > /var/run/xl2tpd/l2tp-control

  6. Run ip list or ifconfig and you should see that a new PPP adapter has been created and assigned an IP address (this may not be instant, give it a few seconds). If the adaptor fails to come up run the script/command again – I’ve come across this issue a few times.

Note: If you change your configuration/IP settings etc you’ll need to reload the relevant configuration files i.e. /etc/init.d/ipsec restart and/or /etc/init.d/xl2tpd restart

Troubleshooting

I realise that VPN’s can be very troublesome (setting this challenge up was bad enough), so I have allowed access to auth and ufw logs. These should help highlight issues you may be experiencing and can be found at http://192.168.0.10:81 (note port 81). Please note that hacking this page and associated scripts are not part of the challenge, rather they have been provided for assistance.

A useful config reference can also be found here: https://wiki.archlinux.org/index.php/L2TP/IPsec_VPN_client_setup

Download Information

Architecture: x86 Format: VMware (vmx & vmdk) compatibility with version 4 onwards RAM: 1GB Network: NAT – Static IP 192.168.0.10 (no G/W or DNS configured) Extracted size: 1.57GB Compressed (download size): 368MB – 7zip format – 7zip can be obtained from here Download VulnVPN from -HERE-

MD5 Hash of VulnVPN.7z: 9568aa4c94bf0b5809cb0a282fffa5c2

Download Client files from -HERE-

MD5 Hash of client.7z: e598887f2e4b18cd415ea747606644f6

As per usual, I shall add a related solutions post shortly. Until then, enjoy

Source: http://www.rebootuser.com/?p=1307

more...