Damn Vulnerable Linux (DVL) Strychnine+E605 (1.4):
Added more tools. Now Reverse Code Engineering tools is 99%, added Truecrypt, Eclipse IDE for Java and C++, added Mono for .NET vulnerability. Rearranged the menu, minor bug fixes ( :grin: ). We close tool addition with this and focus on bug fix and training material only from now on.
[Application Development] Add Motor IDE
[Application Development] Update HLA to 1.98 and StdLib to 2.3
DVL 1.4 final is ready to go and is uploaded at the moment. We hit the 1.6 GB size, including all necessary to train software development, IT security and Reverse Code Engineering. During the next time the mirrors will be informed. After this we post the links. As well we do a short intro video to show all features and on how to use DVL.
DVL Strychnine + E605 is final! I just remastered the ISO and we land at 1050 MB size which fits perfectly on a 2 GB USB stick (and gives us more free space to add additional stuff). I will upload the ISO today and inform the mirrors. Finally after all this installation part I can play myself with it :)
0000014: [Shellcode / Exploitation] Splint static code analyzer should be added
0000045: [Reverse Code Engineering] Add BIEW
0000040: [Reverse Code Engineering] LDasm should be added
0000063: [Application Development] Add BASIC-256
0000028: [Web Exploitation] A vulnerable PHP.ini should be used
0000058: [Application Development] PHPmyAdmin should be installed
0000065: [Application Development] Add GAS
0000064: [Bugs] HLA does not work under Konsole
0000059: [Documentation] Define Directory Structure for Documentation
0000060: [Tutorials] Define Directory Structure for Tutorials
0000004: [Documentation] DVL needs a concept on how to hold documentation
0000019: [Reverse Code Engineering] ht-2.0.2 should be added
0000020: [Cryptography] stegdetect-0.6 should be added
0000022: [Reverse Code Engineering] STAN 0.4.1 Stream Analyzer should be added
0000024: [Cryptography] Outguess 0.2 should be added
0000038: [Reverse Code Engineering] memgrep should be installed
0000039: [Reverse Code Engineering] ALD Assembly Language Debugger should be added
0000049: [Reverse Code Engineering] Add REVDump
0000061: [Tutorials] Define Directory Structure for exercises
0000010: [Shellcode / Exploitation] SudoEdit 1.6.8 should be added (Local Exploit)
0000013: [Reverse Code Engineering] LIDA disassembler needs to be installed and linked in menues
0000017: [Reverse Code Engineering] GDBINIT colorized by Mammon should be added.
0000018: [Application Development] HLA Assembly Language should be added
0000023: [Reverse Code Engineering] Sandmark should be added
0000031: [Application Development] jEdit should be installed
0000041: [Reverse Code Engineering] The Examiner should be added
0000050: [Reverse Code Engineering] Add RADARE
0000057: [Reverse Code Engineering] Add Sinister
0000029: [Application Development] MySQL should be installed
0000037: [Application Development] Jed Editor should be added
0000030: [Application Development] Wine Windows Emulator needs to be installed
0000027: [Requirements] Apache with PHP 4 and 5 included
0000054: [Reverse Code Engineering] Add MemFetch
0000052: [Reverse Code Engineering] Add STRACE
0000056: [Reverse Code Engineering] Add lsof
DVL Strychnine is finally final. The last pre-compilation is running at the moment, then the final compilation of the remaster will follow. Some nasty bugs fixed such as permissions problems of the pre-installed MySQL database containing first vulnerabe web examples. Click on the link below to see the current changelog. This shows you which additions have been added to the â€œclassicâ€ BT 2.0 release to build the base of the new era of Damn Vulnerable Linux. Some more minor unimportant features are left to install, however I believe it is time to go with the release to concentrate finally on the production of the most important: training lessons!
DVL Strychnine will be available via BitTorrent this weekend (never published before using BitTorrent! let's see if I run into problems!) - Later I place it on the mirrors. File size at the moment 822 MB, sorry for that but let the community decide what to kill!
A short intro video will follow soon, maybe I can make it this weekend.
The following important files have been added (minor tool additions not listed):
Metsploit 3.0 Framework. The Metasploit Framework is a development platform for creating security tools and exploits. The framework is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby. programming language and includes components written in C and assembler.
Web Exploitation Package 02. Includes 4 real life web targets.
Crackme Package 01. Includes 61 Linux crackmes for reverse code engineering challenges.
Debug Contest Package Windows. Includes 11 compiled Windows targets for analysis challenges.
Binary Exploitation Package 01. Includes 24 compiled targets for binary exploitation.
Binary Exploitation Package 02. Includes 40 compiled targets by Gera for binary exploitation.
Binary Exploitation Package 03. Includes 6 compiled targets by Juliano for binary exploitation.
Binary Exploitation Package 04. Includes 5 compiled targets by IITAC for binary exploitation.
Pre-Configured vulnerable PHP.ini.
Adapted .bashrc for HLA Assembly Language integration.
All collectable sources code examples for HLA Assembly Language programming.
Wine for Windows target analysis.
VIM (VI Improved).
A comprehensive collection of core utils.
Scite Editor for many languages including Assembly.
The links below are community submitted 'solutions' showing hints/nudges or possibly a complete walkthrough* of how they solved the puzzle.
Please note, there could be (many) more methods of completing this, they just haven't, either been discovered, or submitted. If you know something that isn't listed, please submit it or get in touch and we would be glad to add it.
* This is a spoiler. It could possibly show you a way of completely solving it.
Here you can download the mentioned files using various methods.
We have listed the original source, from the author's page. However, after time these links 'break', for example: either the files are moved, they have reached their maximum bandwidth limit, or, their hosting/domain has expired.
For these reasons, we have been in touch with each author asking for permission to mirror the files. If the author has agreed, we have created mirrors. These are untouched copies of the listed files. (You can check for yourself via the MD5 & SHA1 checksums which are individually displayed on their entry page. See how here).
We also offer the download via BitTorrent. We prefer that people use BitTorrent, however, we do understand that it is not as straight forward as clicking on a direct link.
To make sure everyone using VulnHub has the best experience possible using the site, we have had to
limit the amount of simultaneous direct download files to two files, with a max speed of 3mb
This is because the average file size is currently about 700mb, which causes our bandwidth to be high (couple of terabytes each month!). As this is a privately funded project, we believe we have chosen the best hosting provider for the limited budget.
If would you like to be able to download a mass, and at quicker speed, please use torrents as these will be seeded 24/7. For a guide on how to setup and use torrents, see here.
If you're the owner of a listed file or believe that we are unlawfully distributing files without permission, please get in touch here.