The scenario for this LiveCD is that a CEO of a small company has tasked you to do more extensive penetration testing of systems within his company. The network administrator has reconfigured systems within his network to meet tougher security requirements and expects you to fail any further penetration attempts. This system is an ftp server used by the network administrator team to create / reload systems on the company intranet. No classified or sensitive information should reside on this server. Through discussion with the administrator, you found out that this server had been used in the past to maintain customer information, but has been sanitized (as opposed to re-built).
Prove to the network administrator that proper system configuration is not the only thing critical in securing a server.
PenTest Lab Disk 1.110:
This LiveCD is configured with an IP address of 192.168.1.110 - no additional configuration is necessary.
Your second system will use the BackTrack (v.2) LiveCD as provided by remote-exploit.org. A copy of the LiveCD can be downloaded from remote-exploit.org. This disk is configured to obtain an IP address through DHCP - thus no additional configuration is required. All tools necessary to exploit Disk 1.110 can be found on the BackTrack Disk. No additional installations will be necessary.
The PenTest Lab system and the PenTest machine must connect to a router that has been configured with the following values:
+ DHCP Server: active
+ Pool Starting Addr.: 192.168.1.2
+ IP Address: 192.168.1.1
+ IP Subnet Mask: 255.255.255.0
-- Level 1
Where to get the current PenTest Lab Level 1 disks:
192.168.1.100 = http://heorot.net/instruction/tutorials/iso/de-ice.net-1.100-1.1.iso
192.168.1.110 = http://heorot.net/instruction/tutorials/iso/de-ice.net-1.110-1.0.iso
The MD5 Hash Values of Each Disk:
Where to get the scenario information for each disk:
192.168.1.100 = http://forums.heorot.net/viewtopic.php?f=16&t=15
192.168.1.110 = http://forums.heorot.net/viewtopic.php?f=16&t=17
Where to get the BackTrack disk:
(NOTE: version "bt20061013.iso" and "BT2_Beta-Nov_19_2006.iso" were used to exploit the PenTest disks. Newer (when released) and older versions may work just as well).
Where to get the network configuration information:
192.168.1.xxx = http://forums.heorot.net/viewtopic.php?f=16&t=15