EH-Net

Does anybody know of a repsotitory for hackable VMWare Appliances or Live-CDs?  I am hoping to find some resources with preconfigured applications that I can use to practice discovery, analysis, and exploitation without spending a great deal of time setting up the different applications. 

I know there are plenty of resources out there for defeating web authentication, SQL Injection, and XSS  but I am trying to find things like a Redhat 7.3 system with a 2.4 kernel and running Apache 1.3.20< or MySQL or have SNMP running with default strings.  Or a Solaris system running a poorly configured version of Gauntlet.  I am aware the finding a Windows image is probably out of the question because of licensing.

Thanks for your help,
Cutaway

Okay, I looked through the forums but didn't see anything that resembled this question before I posted.  Now that I have had a little more time to look around I see all the posts about setting up a lab.  I guess the answer to my question would have come up in these posts. 

Hope I didn't bore you too much.
Thanks anyway,
Cutaway

Have you looked through here (http://www.vmware.com/vmtn/appliances/directory/)? New Virtual Appliances are being added every day, but all the original ones are still there for download too.

Yes, I did look there but now that I go through it again I am seeing more stuff (My GoogleFu is really off the last couple days).

Looking through again I found a Redhat 6.2 (http://www.vmware.com/vmtn/appliances/directory/490) which the developer says has all the latest patches.  I think the key is to use the seach (imagine that).  Once I started seaching I noticed stuff like Fedora 3 systems.  (I need to slow down.)

This should be a great resource once some of the currently new appliances start showing vulnerabilities. Unfortunately I believe that VMWare will start to purge at some point or the developers will just update the current versions with patches and new releases.  Hopefully they will go with an archive so that these will still be available in the future.

Alas, what I was actually looking for, an image that was chalk full of know vulnerable services and OS vulnerabilities specificially developed for evaluation and pentest training is not really there.  The hunt is on, however.

Thanks for the help,
Don

Hey, what about Nepenthes Appliance based on Ubuntu 6.10 Edgy Server. Instead of using this server for malware analysis, use it as a target. Since this server already emulates vulnerabilities, it might be a good candidate for pen testing. Has anybody tried this? I will download Nepenthes Vmware Appliance tonight and include it in my virtual lab for experimentation.

**removed link**
**removed link**

The above Nepenthes Appliance will not work. Apparently the person who created this virtual machine used the Ubuntu 6.10 iso image which was not included in the zipped file. Therefore I removed the links previously posted. Guess, we have to keep looking.

i can tell you from experience of making many many vmware images, the best thing from a learning prospective is to create your own... RH6.2, 7.0, 8.0, 9.0...etc

for windows there are trials floating around but in my experience some exploits dont work with the trials...i have no idea why but just what i have found.