Virtual Machines
single series all timeline

Some of you may have noticed this new pWnOS forum section. I created pWnOS as a virtual machine and Grendel was nice enough to let me post about it here. Here's a bit of information on pWnOS.

It's a linux virtual machine intentionally configured with exploitable services to provide you with a path to r00t. :) Currently, the virtual machine NIC is configured in bridged networking, so it will obtain a normal IP address on the network you are connected to. You can easily change this to NAT or Host Only if you desire. A quick ping sweep will show the IP address of the virtual machine.

Sorry...no scenario/storyline with this one. I wasn't really planning to release it like this, so maybe for version 2.0 I'll be more creative. :) I'm anxious to get feedback so let me know how it goes or if you have questions. Thanks and good luck!

Source: http://forums.hackingdojo.com/viewtopic.php?f=21&t=149

-- Readme

Thanks for trying pWnOS 1.0. A few things to note before getting started. pWnOS is made using VMware Workstation and can be started by downloading VMware Server or Vmware player...both of which are free! Or VMware Workstation (Windows) or VMware Fusion (OS X), which are not free.

  1. If Vmware asks whether you copied or moved this virtual machine on first boot, click MOVED! Otherwise the network settings could get messed up.
  2. The virtual machine is currently setup to use bridged networking, but you may want to change this to NAT or Host Only...depending on your preferences.
  3. All necessary tools/exploits/whatever can be found at milw0rm.com.
  4. There are multiple paths to get shell access. I created a n00b path and a more advanced path. See if you can get both of them!

I would rate the difficulty of pWnOS approximately the same as De-Ice's level 2 disk...maybe a bit more difficult. See http://www.de-ice.net for information on the De-Ice penetration testing disks.

I hope you enjoy it! If you have any questions or feedback, email me at bond00(at)gmail.com

bond00

Source: pWnOS_v1.0.zip/pWnOS readme.txt

more...

Moth is a downloadable VMWare image based on Ubuntu. It was set up to test the functionality of w3af and it includes various web application vulnerabilities. Most howto's use Moth as an example for a web page under test.

Source: http://sourceforge.net/apps/trac/w3af/wiki/Moth

Moth is a VMware image with a set of vulnerable Web Applications and scripts, that you may use for:

Testing Web Application Security Scanners

Testing Static Code Analysis tools (SCA)

Giving an introductory course to Web Application Security

The motivation for creating this tool came after reading \"anantasec-report.pdf\" which is included in the release file which you are free to download. The main objective of this tool is to give the community a ready to use testbed for web application security tools. For almost every web application vulnerability that exists in the wild, there is a test script available in moth.

There are three different ways to access the web applications and vulnerable scripts included in moth:

Directly

Through mod_security

Through PHP-IDS (only if the web application is written in PHP)

Both mod_security and PHP-IDS have their default configurations and they show a log of the offending request when one is found. This is very useful for testing web application scanners, and teaching students how web application firewalls work. The beauty is that a user may access the same vulnerable script using the three methods; which helps a lot in the learning process.

Source: http://www.bonsai-sec.com/en/research/moth.php

more...

Again a long delay between VMs, but that cannot be helped. Work, family must come first. Blogs and hobbies are pushed down the list. These things aren’t as easy to make as one may think. Time and some planning must be put into these challenges, to make sure that:

1. It’s possible to get root remotely [ Edit: sorry not what I meant ]

1a. It’s possible to remotely compromise the machine

  1. Stays within the target audience of this site

  2. Must be “realistic” (well kinda…)

  3. Should serve as a refresher for me. Be it PHP or MySQL usage etc. Stuff I haven’t done in a while.

I also had lots of troubles exporting this one. So please take the time to read my comments at the end of this post.

Keeping in the spirit of things, this challenge is a bit different than the others but remains in the realm of the easy. Repeating myself I know, but things must always be made clear: These VMs are for the beginner. It’s a place to start.

I’d would love to code some small custom application for people to exploit. But I’m an administrator not a coder. It would take too much time to learn/code such an application. Not saying I’ll never try doing one, but I wouldn’t hold my breath. If someone wants more difficult challenges, I’m sure the Inter-tubes holds them somewhere. Or you can always enroll in Offsec’s PWB course. *shameless plug

-- A few things I must say. I made this image using a new platform. Hoping everything works but I can’t test for everything. Initially the VM had troubles getting an IP on boot-up. For some reason the NIC wouldn’t go up and the machine was left with the loopback interface. I hope that I fixed the problem. Don’t be surprised if it takes a little moment for this one to boot up. It’s trying to get an IP. Be a bit patient. Someone that tested the image for me also reported the VM hung once powered on. Upon restart all was fine. Just one person reported this, so hoping it’s not a major issue. If you plan on running this on vmFusion, you may need to convert the imagine to suit your fusion version.

-- Also adding the VHD file for download, for those using Hyper-V. You guys may need to change the network adapter to “Legacy Network Adapter”. I’ve test the file and this one seems to run fine for me… If you’re having problems, or it’s not working for any reason email comms[=]kioptrix.com

Thanks to @shai_saint from www.n00bpentesting.com for the much needed testing with various VM solutions.

Thanks to Patrick from Hackfest.ca for also running the VM and reporting a few issues. And Swappage & @Tallenz for doing the same. All help is appreciated guys

So I hope you enjoy this one.

The Kioptrix Team

Source: http://www.kioptrix.com/blog/?p=604

more...

It's been a while since the last Kioptrix VM challenge. Life keeps getting the way of these things you know.

After the seeing the number of downloads for the last two, and the numerous videos showing ways to beat these challenges. I felt that 1.2 (or just level 3) needed to come out. Thank you to all that downloaded and played the first two. And thank you to the ones that took the time to produce video solutions of them. Greatly appreciated.

As with the other two, this challenge is geared towards the beginner. It is however different. Added a few more steps and a new skill set is required. Still being the realm of the beginner I must add. The same as the others, there’s more then one way to “pwn” this one. There’s easy and not so easy. Remember… the sense of “easy” or “difficult” is always relative to ones own skill level. I never said these things were exceptionally hard or difficult, but we all need to start somewhere. And let me tell you, making these vulnerable VMs is not as easy as it looks…

Important thing with this challenge. Once you find the IP (DHCP Client) edit your hosts file and point it to kioptrix3.com

Under Windows, you would edit C:\Windows\System32\drivers\etc\hosts to look something like this:

# localhost name resolution is handled within DNS itself.
#   127.0.0.1 localhost
#   ::1 localhost127.0.0.1 static3.cdn.ubi.com
192.168.1.102 kioptrix3.com

Under Linux that would be /etc/hosts

There’s a web application involved, so to have everything nice and properly displayed you really need to this.

Hope you enjoy Kioptrix VM Level 1.2 challenge.

452 Megs

MD5 Hash : d324ffadd8e3efc1f96447eec51901f2

Have fun

Source: http://www.kioptrix.com/blog/?p=358

more...

Kioptrix VM Image Challenges:

This Kioptrix VM Image are easy challenges. The object of the game is to acquire root access via any means possible (except actually hacking the VM server or player). The purpose of these games are to learn the basic tools and techniques in vulnerability assessment and exploitation. There are more ways then one to successfully complete the challenges.

Source: http://www.kioptrix.com/blog/?page_id=135

Source: http://www.kioptrix.com/blog/?p=49

This is the second release of #2. First release had a bug in it with the web application

2012/Feb/09: Re-releases

2011/Feb/11: Original Release

Checksum

  • Original MD5: 987FFB98117BDEB6CA0AAC6EA22E755D
  • Original SHA1: 7A0EA0F414DFA0E05B7DF504F21B325C6D3CC53B
  • Re-release MD5: 987FFB98117BDEB6CA0AAC6EA22E755D
  • Re-release SHA1: 7A0EA0F414DFA0E05B7DF504F21B325C6D3CC53B
more...