Exploit-Exercises: Fusion (v2)

  • Name: Exploit-Exercises: Fusion (v2)
  • Date release: 8 Apr 2012


(Size: 794 MB)


Fusion is the next step from the protostar setup, and covers more advanced styles of exploitation, and covers a variety of anti-exploitation mechanisms such as: + Address Space Layout Randomisation + Position Independent Executables + Non-executable Memory + Source Code Fortification (_DFORTIFY_SOURCE=) + Stack Smashing Protection (ProPolice / SSP)

In addition to the above, there are a variety of other challenges and things to explore, such as: + Cryptographic issues + Timing attacks + Variety of network protocols (such as Protocol Buffers and Sun RPC) + At the end of Fusion, the participant will have a through understanding of exploit prevention strategies, associated weaknesses, various cryptographic weaknesses, numerous heap implementations.

Getting started

Have a look at the levels available on the side bar, and pick which ones interest you the most. If in doubt, begin at the start. You can log into the virtual machine with the username of "fusion" (without quotes), and password "godmode" (again, without quotes).

To get root for debugging purposes, do "sudo -s" with the password of "godmode".

Source: http://exploit-exercises.com/fusion

From v1 (Alpha?) to v2 - Moved from OVA to bootable CD format. Reduces issues with importing OVA files.

  • Filename: exploit-exercises-fusion-2.iso
  • File size: 794 MB
  • MD5: 62E504AD9A19FE1974568904673DB9C9
  • SHA1: B89ABCDDA58EDF68465F36B4F7A94FE34F0050F1

  • Format: Disk Image (.ISO)
  • Operating System: Linux

  • DHCP service: Enabled
  • IP address: Automatically assign

  • Apache

  • Local Challenge