De-ICE: S1.110


  • Name: De-ICE: S1.110
  • Date release: 20 Mar 2007



De-ICE_S1.110.iso

(Size: 235 MB)


-- S1.110

SCENARIO

The scenario for this LiveCD is that a CEO of a small company has tasked you to do more extensive penetration testing of systems within his company. The network administrator has reconfigured systems within his network to meet tougher security requirements and expects you to fail any further penetration attempts. This system is an ftp server used by the network administrator team to create / reload systems on the company intranet. No classified or sensitive information should reside on this server. Through discussion with the administrator, you found out that this server had been used in the past to maintain customer information, but has been sanitized (as opposed to re-built).

Prove to the network administrator that proper system configuration is not the only thing critical in securing a server.

CONFIGURATION

PenTest Lab Disk 1.110:

This LiveCD is configured with an IP address of 192.168.1.110 - no additional configuration is necessary.

Pentest Machine:

Your second system will use the BackTrack (v.2) LiveCD as provided by remote-exploit.org. A copy of the LiveCD can be downloaded from remote-exploit.org. This disk is configured to obtain an IP address through DHCP - thus no additional configuration is required. All tools necessary to exploit Disk 1.110 can be found on the BackTrack Disk. No additional installations will be necessary.

Router Configuration:

The PenTest Lab system and the PenTest machine must connect to a router that has been configured with the following values: + DHCP Server: active + Pool Starting Addr.: 192.168.1.2

LAN TCP/IP: + IP Address: 192.168.1.1 + IP Subnet Mask: 255.255.255.0

Source: http://forums.hackingdojo.com/viewtopic.php?f=16&t=17

-- Level 1

Where to get the current PenTest Lab Level 1 disks:

192.168.1.100 = http://heorot.net/instruction/tutorials/iso/de-ice.net-1.100-1.1.iso 192.168.1.110 = http://heorot.net/instruction/tutorials/iso/de-ice.net-1.110-1.0.iso

The MD5 Hash Values of Each Disk:

a3341316ca9860b3a0acb06bdc58bbc1 ==>de-ice.net-1.100-1.1.iso a626d884148c63bfc9df36f2743d7242 ==>de-ice.net-1.110-1.0.iso

Where to get the scenario information for each disk:

192.168.1.100 = http://forums.heorot.net/viewtopic.php?f=16&t=15 192.168.1.110 = http://forums.heorot.net/viewtopic.php?f=16&t=17

Where to get the BackTrack disk:

http://remote-exploit.org/backtrack_download.html (NOTE: version "bt20061013.iso" and "BT2_Beta-Nov_19_2006.iso" were used to exploit the PenTest disks. Newer (when released) and older versions may work just as well).

Where to get the network configuration information:

Network configuration: 192.168.1.xxx = http://forums.heorot.net/viewtopic.php?f=16&t=15

Source: http://forums.hackingdojo.com/viewtopic.php?f=16&t=13


Original filename: de-ice.net-1.110-1.0.iso Also known as 'De-ICE Level 1 - Disk 2'


  • Filename: De-ICE_S1.110.iso
  • File size: 235 MB
  • MD5: A626D884148C63BFC9DF36F2743D7242
  • SHA1: 9E090F548B1048647C98F7ED36FA5FCE637B4C64


  • Format: Disk Image (.ISO)
  • Operating System: Linux


  • DHCP service: Disabled
  • IP address: 192.168.1.110


  • Apache
  • CUPS
  • OpenSSH
  • vsFTPd




Encrypted customer information


  • Insecure File Handling
  • Weak Credentials