Capture The Flag Challenge Prep Class

Similar documents
TELE3119 Trusted Networks Lab 1(a),(b) Sniffing wireless traffic

CCNA Cybersecurity Operations 1.1 Scope and Sequence

CCNA Cybersecurity Operations. Program Overview

1. Download the latest version of the Kali Linux 64 bit ISO image:

EXPLORING MOBILE AND API (IN)SECURITY. Pre-Workshop Software Set-up Guide

CSC 4992 Cyber Security Practice

TELE3119 Trusted Networks Lab 1 (a), (b) Sniffing wireless traffic

CIS 76 Ethical Hacking Building an open source Pentest Sandbox, carrying out a Remote Code Execution exploit, and Remediating the RCE vulnerability.

VIRTUAL MACHINES. By Seth Lemanek

How to Install Oracle VM VirtualBox and Create a Virtual Machine

Click on the VM IMAGES drop-down menu and select VirtualBox Images

SECURE WEB ACCESS WITH A "VMWARE" VIRTUAL MACHINE AND A TWO-ROUTER "DE-MILITARIZED ZONE" ("DMZ")

Linux Backtrack 5 R3 Guide

Building a 64-bit CentOS 7 Workstation using Oracle Virtual Box

VMware Workstation 5 Lab. New Features and Capabilities: Multiple Snapshots, Teams, Clones, Video Capture and More

FROM A "WINDOWS" PERSPECTIVE

Modern Day Penetration Testing Distribution Open Source Platform - Kali Linux - Study Paper

VIRTUALBOX UBUNTU EBOOK

How to securely isolate Damn Vulnerable Linux with VirtualBox

VIRTUAL NETWORKING WITH "MICROSOFT VIRTUAL PC 2007"

Uninstalling And Manually Install Vmware Tools Ubuntu Guest

Virtualization Overview NSRC

FusionHub. SpeedFusion Virtual Appliance. Installation Guide Version Peplink

This is Lab Worksheet 7 - not an Assignment

Installation and Setup Guide

VMWare Workstation Installation. Microsoft Windows Server 2008 Enterprise with Service Pack 2

Parallel Programming

Ubuntu Manually Mount Cdrom Drive Command Line Vmware

Written by: Mickey Nguyen

Secure Communications Over a Network

Lab E2: bypassing authentication and resetting passwords

Creating a Virtual Network with Virt-manager

ISA 564 SECURITY LAB. Introduction & Class Mechanics. Angelos Stavrou, George Mason University

This is Lab Worksheet/Installation 7

Lab 4: Metasploit Framework

Unit C - Network Addressing Objectives Purpose of an IP Address and Subnet Mask Purpose of an IP Address and Subnet Mask

Practical Exercises of Computer system security course

Cisco Networking Academy CCNA Cybersecurity Operations 1.1 Curriculum Overview Updated July 2018

FusionHub. Evaluation Guide. SpeedFusion Virtual Appliance. Version Peplink

Training on CREST Practitioner Security Analyst (CPSA)

WA2342 NoSQL Systems Comparison. Lab Server VM Setup Guide. Web Age Solutions Inc. Copyright Web Age Solutions Inc. 1

Lab #5 Guide: Installing Ubuntu as a Virtual Machine

Installation and Setup Guide

Introduction To Kali Linux Wireless Network Penetration Testing Using Kali Linux On...

SQL Server Express 2017 Installation Guide. By Engin Calisir, 06/22/2018

How To Install Rubygems On Windows Xp Sp3 Without Os Cd

CSC 5930/9010 Offensive Security: Lateral Movement

ISDP 2018 Industry Skill Development Program In association with

Setup Lab. A quick guide to infrastructure tools for EPL371

Virtual-Machine-Based Network Exercises for Introductory Computer Networking Courses

Computer Networks Security: intro. CS Computer Systems Security

Cymmetria MazeRunner INSTALLATION GUIDE

How to Install Ubuntu on VirtualBox

n Describe sniffing concepts, including active and passive sniffing n Describe sniffing countermeasures n Describe signature analysis within Snort

Install CPS All In One on VMWare Virtual Player 12

5 Steps Wifi Hacking Cracking WPA2 Password

Lab 0 Getting Started. Sistemas Operativos: Práctica 0 1

Figure 1: Creating new VM in VirtualBox. Please change the parameters and options, and make them exactly like the following figure.

Using a Raspberry Pi to Remote Access a Windows Computer

ISA 564 SECURITY LAB. Introduction & Class Mechanics. Angelos Stavrou, George Mason University

Setting up Ubuntu with VirtualBox

Installation Guide: VirtualBox, Windows 10, and Microsoft Visio (Mac OS)

Virtual Pc Manual Windows 7 64 Bit Guest Os

XD10004: How to Install VMware ESX Server 3.5 on VMware Workstation 6.5 as a VM

Cisco CCNA Cyber Ops

Jackson State University Department of Computer Science CSC 437/539 Computer Security Fall 2013 Instructor: Dr. Natarajan Meghanathan

Mac Os X Snow Leopard Virtualbox Image And Linux Host

User Manual. Virtual and Hardware Appliance User Manual - Version

Getting Started. System Requirements. Installation

Wave 5.0. Wave OpenVPN Server Guide for Wave 5.0

Hardening servers for the modern internet

Network+ Guide to Networks 6 th Edition

Computer Network Vulnerabilities

This material is based on work supported by the National Science Foundation under Grant No

Hackveda Training - Ethical Hacking, Networking & Security

Ubuntu Install Partition Server On. Virtualbox 4.2 >>>CLICK HERE<<<

WatchGuard Dimension v2.1.1 Update 3 Release Notes

Windows Xp Manual Iso Image For Vmware. Workstation >>>CLICK HERE<<<

Descriptions for CIS Classes (Fall 2017)

Configure Static Ip Address Windows 7 Setup Up

Online Intensive Ethical Hacking Training

"WINDOWS 7 ENTERPRISE 90-DAY TRIAL"-- HOW TO TRY "WINDOWS 7" FOR FREE

WA2503 Hadoop Programming on the. Hortonworks Data Platform. Lab Setup Guide. Web Age Solutions Inc. Copyright Web Age Solutions Inc.

Getting Started with VMware Fusion VMware Fusion for Mac OS X Version 1.0

XLink Kai Raspberry Pi Beginners Tutorial

Create a pfsense router for your private lab network template

Virtualization Device Emulator Testing Technology. Speaker: Qinghao Tang Title 360 Marvel Team Leader

6 MILLION AVERAGE PAY. CYBER Security. How many cyber security professionals will be added in 2019? for popular indursty positions are

Manual Mac Os X 10.7 Iso Vmware Image For

Hacker Academy UK. Black Suits, White Hats!

Cisco FindIT Network Probe Administration Guide, Version 1.1.x

1. Install a Virtual Machine Download Ubuntu Create a New Virtual Machine Seamless Operation between Windows an Linux...

Operating Systems Linux 1-2 Measurements Background material

Static Ip Address Problems Windows 7 Setup. Virtual >>>CLICK HERE<<<

CPTE: Certified Penetration Testing Engineer

Private and Public addresses. Real IPs. Lecture (09) Internetwork Layer (3) Agenda. By: Dr. Ahmed ElShafee

ETHICAL HACKING & COMPUTER FORENSIC SECURITY

Entry Level Assessment Blueprint Computer Networking Fundamentals

Upgrading from TrafficShield 3.2.X to Application Security Module 9.2.3

WA2592 Applied Data Science and Big Data Analytics. Classroom Setup Guide. Web Age Solutions Inc. Copyright Web Age Solutions Inc.

Transcription:

Capture The Flag Challenge Prep Class

CTF??? A traditional outdoor game where two teams each have a flag (or other marker) and The objective is to capture the other team's flag, located at the team's "base," and bring it safely back to their own base. -- Wikipedia

Capture the flag in Computer Security Is a competition to capture as many flags. May be played between teams (blue vs. red) or by many against one. Typically requires participants to employ variety of skills in ethical hacking or pen-testing System administration Programming Cryptanalysis Network sniffing Protocol analysis Reverse-engineering, etc. Goal is to identify and carry out attacks against vulnerable systems to find clues that will lead them to additional vulnerabilities or clues.

CTF Preparation Class Today s Goal Build a small, safe environment that can be used for learning and practicing popular techniques and tools for CTF challenges. What we will cover How to install VM software How to install Kali How to install vulnerable virtual machines (VM) as practice targets Additional resources

Required Items Laptop preferably later models with at least 40 GB of free hard drive space Download the following before you come to the class VirtualBox Just because it is free and popular Windows hosts download OS X hosts download Linux distributions Kali - https://www.kali.org/downloads/ Kali 64 bit ISO Kali 32 bit ISO You need only one. And get 32-bit one if you aren t sure which one to get. Practice targets UltimateLAMP - https://sourceforge.net/projects/lampsecurity/ Metasploitable 2 - https://sourceforge.net/projects/metasploitable/ Desire to learn and no shame

Overview of test environment Creation of test lab Installation of virtualization software Installation of Kali Installation of targets Get to know the environment Using Kali Practice with UltimateLAMP Additional resources Flow

Test/Lab Environment Host Windows or Linux system with virtualization software Targets Systems or applications that hide flags Systems running applications or processes with vulnerability Attack system Kali VM Test network Private, isolated network Block traffic to and from outside networks, especially to and from the vulnerable targets But allows the attack system and target nodes to communicate Created using virtualization software

Install VMware / VirtualBox Oracle VirtualBox Installation Details: https://www.virtualbox.org/manual/ch02.html Intro: https://www.virtualbox.org/manual/ch01.html#intro-installing VMware Player Downloading and installing https://kb.vmware.com/selfservice/microsites/search.do?language=e n_us&cmd=displaykc&externalid=2053973

Networking Modes - VirtualBox Network Address Translation (NAT) If all you want is to browse the Web, download files and view e-mail inside the guest, then this default mode should be sufficient for you, and you can safely skip the rest of this section. Please note that there are certain limitations when using Windows file sharing (see Section 6.3.3, NAT limitations for details). NAT Network The NAT network is a new NAT flavour introduced in VirtualBox 4.3. See 6.4 for details. Bridged networking This is for more advanced networking needs such as network simulations and running servers in a guest. When enabled, VirtualBox connects to one of your installed network cards and exchanges network packets directly, circumventing your host operating system's network stack. Internal networking This can be used to create a different kind of software-based network which is visible to selected virtual machines, but not to applications running on the host or to the outside world. Host-only networking This can be used to create a network containing the host and a set of virtual machines, without the need for the host's physical network interface. Instead, a virtual network interface (similar to a loopback interface) is created on the host, providing connectivity among virtual machines and the host.

Networking Modes VirtualBox VM Host VM1 VM2 VM Internet VM Internet Internal + Host-only + + NAT + Port forwarding NAT Network + + Port forwarding Bridged + + + +

Networking Types - VMware Host-only networking Used in isolated test environments where virtual machines do not need to communicate with other environments. Connects virtual machines to a private LAN shared only by their host machine and any other virtual machines also using host-only networking. Other host machines on the host LAN cannot communicate with the virtual machines. The default network adapter interface is vmnet1.

Networking Types - VMware Network Address Translation (NAT) networking Used in environments where virtual machines do not provide services but still need to access a network. Connects virtual machines to an external network using the host machines IP address for external communication. Connects virtual machines to the Internet through their host machines dial-up connection, Ethernet adapter or wireless Ethernet adapter. Connects virtual machines to a non-ethernet network, such as Token Ring or ATM. Establishes a private LAN shared only by your host machine and any other virtual machines also using NAT networking. Other host machines on the host LAN communicate with the virtual machines, however external host machines cannot initiate communication with virtual machines unless NAT port forwarding is also in use. NAT port forwarding causes network traffic destined for a port on a host machine to be forwarded to a specific port on a virtual machine. The default network adapter interface is vmnet8. Bridged networking Used in environments where virtual machines provide services or participate in a real network. Connects virtual machines to the Local Area Network (LAN) of their host machine, whether wired or wireless, and allows them to connect to any other host or virtual machines (if they are also bridged) on the network. Connects the virtual network adapter in a virtual machine to the physical Ethernet adapter in its host machine. You can establish additional virtual bridges to use in custom configurations that require connections to more than one physical Ethernet adapter on the host computer. The default network adapter interface is vmnet0.

Kali Overview The new generation of the industry-leading BackTrack Linux penetration testing and security auditing Linux distribution. Kali is a Linux distribution specifically geared towards professional penetration testing and security auditing. You do not have to install Kali to use the tools. Run it in Live mode You can customize Kali and run it from USB keys. You can install Kali on Chromebook, Raspberry Pi and other ARM devices. Kali Linux Tutorial - https://www.kali.org/category/tutorials/

Install Kali on Oracle VirtualBox Kali Linux Installation Requirements https://docs.kali.org/installation/kali-linux-hard-disk-install

Install UltimateLAMP Uncompress the ctf8.zip file. Create a virtual machine called CTF8. Oracle VirtualBox File -> New Name: CTF8 Type: Linux Version: Other Linux Memory Size: 768 MB Hard drive: Use an existing virtual hard drive file ctf8.vmdk Once the virtual machine is created, ensure the MAC address reads 0800275EA506. Check the network adapter is attached to Internal or Host-only Adapter. VMware Play Open and navigate to the ctf8.vmdk image, then click the Play the virtual machine button. If prompted, choose I moved it.

Install Metasploitable on Oracle VirtualBox Metasploitable VM created to test Metasploit https://information.rapid7.com/metasploitable-download.html Setting Up a Vulnerable Target https://help.rapid7.com/metasploit/content/gettingstarted/setting-up-test-env.html https://metasploit.help.rapid7.com/docs/metasploitable-2- exploitability-guide

CFT Challenge Resources Vulnerable VMs by design - https://www.vulnhub.com/ Root-me.org - https://www.root-me.org/en/challenges/ GhostSec's pentest labs Hackthissite.org Hacking-lab CTF365.com - https://blog.ctf365.com/ Free for 30 days

VMware Tools in a Kali Guest https://docs.kali.org/general-use/install-vmware-tools-kaliguest

Update Kali Change Kali s network type to NAT or Bridged mode Run following commands from command line interface or Terminal apt-get update apt-get upgrade y apt-get dist-upgrade -y

Installing VirtualBox Guest Addition in Kali VM Installing on Kali with rolling updates echo deb http://http.kali.org/kali kali-rolling main contrib non-free >> /etc/apt/sources.list (*)apt-get purge virtualbox-guest-x11 (*)apt-get autoremove --purge (*)reboot apt-get update apt-get dist-upgrade reboot apt-get update apt-get install -y virtualbox-guest-x11 reboot * Only if you previously attempted to install vitualbox guest-addition Installing VirtualBox Guest Additions in Older Kali Versions apt-get update && apt-get install -y linux-headers-$(uname -r) Attach the Guest Additions CD-ROM image. cp /media/cd-rom/vboxlinuxadditions.run /root/ chmod 755 /root/vboxlinuxadditions.run cd /root./vboxlinuxadditions.run reboot

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback