EH-Net
May 22, 2013, 11:57:17 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
EH-Net > Ethical Hacking Discussions and Related Certifications > General Certification (Moderator: don) > Virtualbox images for us to secure/hack/analyze?
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Virtualbox images for us to secure/hack/analyze?  (Read 4285 times)
0 Members and 1 Guest are viewing this topic.
Eleven
Full Member
***
Offline Offline

Posts: 120


View Profile
« on: November 15, 2011, 07:41:20 AM »
I was thinking it could be fun if we had someone studying for something like GCUX secure an Ubuntu Virtualbox image while leaving a vulnerability or two, then post a torrent of the image somewhere for the Network Pen Testing forum.  Then people could practice hacking it, and someone could post a new torrent of the image/network traffic for people in the Forensic forum to analyze.  They could analyze it and post the malware for the people in the Malware forum to analyze.

Is anyone interested in this?  If so, I'm more of a forensic guy so is there anyone who would want to kick this off?  If no one wants to secure an image, I supposed we could use metasploitable...
Logged
MaXe
Hero Member
*****
Offline Offline

Posts: 669


I've just upgraded myself to a cyborg muahahaa!!1


View Profile WWW
« Reply #1 on: November 15, 2011, 01:38:32 PM »
You could always hack into the De-Ice ISO's and then secure them: http://www.de-ice.net/

Damn Vulnerable Linux: (The official mirror is down.)
http://forum.intern0t.net/gnu-linux/4118-download-damn-vulnerable-linux-1-5-a.html

Metasploitable:
http://blog.metasploit.com/2010/05/introducing-metasploitable.html
http://www.offensive-security.com/metasploit-unleashed/Metasploitable


You can use all three as targets which you can practice getting into and when you obtain root, secure them to the extend of your best abilities.

That is one of the most oldest ways some types of hackers has worked, enjoy!  Grin
Logged
I'm an InterN0T'er
Eleven
Full Member
***
Offline Offline

Posts: 120


View Profile
« Reply #2 on: November 15, 2011, 02:08:58 PM »
Thanks,  I forgot about DVL.  I'll check it out!

My focus isn't really on hacking though, it's more on analyzing attacks.  I think people would learn more about pentesting by attacking boxes someone else secured, and forensic analysts would learn more about attacks that someone else did, etc.

So if someone created an Linux Virutalbox image and secured it, gave it to a pentester to hack it, who then gave it to a forensic analysts to analyze it the whole forum could benefit rather than someone like me who's into forensics trying to play a hacker and investigate what happened when they already know all the answers.

If no one wants to secure an image and leave a vulnerability or two, would someone be interested in hacking DVL/Metasploitable and posting the Virtualbox image and tcpdump log for the forensic forum to analyze and share the evidence of the attack?
Logged
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines Valid XHTML 1.0! Valid CSS!
Page created in 0.078 seconds with 20 queries.