Vulnerable by Design by g0tm1k blog’s


Hi again folks,reading my feeds i found a interesting post with the most important enviroments for practice your skills hacking, i wait that you like :

Pentest lab. “Hacker” training. Deliberately insecure applications challenge thingys.

Call it what you will, but what happens when you want to try out your new set of skills? Do you want to be compare results from a tool when it’s used in different environments? What if you want to explore a system (that is legal to do so!) that you have no knowledge about (because you didn’t set it up!)
If any of that sounds helpful, below is a small collection of different environments, so if you want to go from “boot to root”, “capture the flag” or just to dig around as much as you want to try out the odd thing here and there. These will allow you to do so and without getting in trouble for doing it!

The idea isn’t to cheat, the aim is to learn a thing or two 😉
I’m sure there are a lot more out there, if you want to recommend any others – please so do! =)

Complete Operating System. The idea of going from boot to root via any which way you can. Most of them have multiple entry points (some are easier than others) so you can keep using it 😉  They are all Linux OS (either in ISO or VM form) with vulnerable/configured software installed. (If you haven’t got any VM software, VMware Playeris free and will do the trick)

(Offline) Web based. Most of them you’ll need to download, copy and load the files yourself on your own web server (if you haven’t already got one, xampp is great). A few of them are VM images that can be loaded in to Virtual machines as they come with all the software & settings needed.

(Online) Web based. Same as above, however if you don’t want the hassle of setting it all up or to be able to do it where ever you have a Internet connection…

Complete Operating System
Name: Damn Vulnerable Linux

Homepagehttp://www.damnvulnerablelinux.org/
Brief descriptionDamn Vulnerable Linux (DVL) is everything a good Linux distribution isn’t. Its developers have spent hours stuffing it with broken, ill-configured, outdated, and exploitable software that makes it vulnerable to attacks. DVL isn’t built to run on your desktop – it’s a learning tool for security students.
Version/Levels: 1
Support/Walk-throughBrochure

Name: De-ICE

Homepagehttp://heorot.net/livecds/ or http://www.de-ice.net
Brief descriptionThe PenTest LiveCDs are the creation of Thomas Wilhelm, who was transferred to a penetration test team at the company he worked for. Needing to learn as much about penetration testing as quickly as possible, Thomas began looking for both tools and targets. He found a number of tools, but no usable targets to practice against. Eventually, in an attempt to narrow the learning gap, Thomas created PenTest scenarios using LiveCDs.
Version/LevelsLevel 1 – Disk 1Level 1 – Disk 2Level 2 – Disk 1
Support/Walk-throughForumsWiki,  Level 1 – Disk 1Level 1 – Disk 2Level 2 – Disk 1

Name: Holynix

Homepagehttp://pynstrom.net/holynix.php
Brief descriptionHolynix is a Linux distribution that was deliberately built to have security holes for the purposes of penetration testing.
Version/Levels:2
Support/Walk-throughForumSourceForge

Name: Kioptrix

Homepagehttp://www.kioptrix.com
Brief descriptionThis Kioptrix VM Image are easy challenges. The object of the game is to acquire
root access via any means possible (except actually hacking the VM server or player).
The purpose of these games are to learn the basic tools and techniques in vulnerability
assessment and exploitation. There are more ways then one to successfully complete the challenges.

Version/Levels: 2
Support/Walk-throughBlogLevel 1 – mod_sslLevel 2 – Injection

Name: Metasploitable

Homepagehttp://blog.metasploit.com/2010/05/introducing-metasploitable.html
Brief descriptionOne of the questions that we often hear is “What systems can i use to test against?” Based on this, we thought it would be a good idea throw together an exploitable VM that you can use for testing purposes.
Version/Levels: 1
Support/Walk-throughBlogDistCCMySQLPostgreSQLTikiWikiTomCat

Name: NETinVM

Homepagehttp://informatica.uv.es/~carlos/docencia/netinvm/#id7
Brief descriptionNETinVM is a single VMware virtual machine image that contains, ready to run, a series ofUser-mode Linux (UML) virtual machines which, when started, conform a whole computer network inside theVMware virtual machine. Hence the name NETinVM, an acronym for NETwork in Virtual Machine. NETinVM has been conceived mainly as an educational tool for teaching and learning about operating systems, computer networks and system and network security, but other uses are certainly possible.
Version/Levels: 3 (2010-12-01)
Support/Walk-throughBlog

Name: pWnOS

Homepagehttp://forums.heorot.net/viewtopic.php?f=21&t=149
Brief descriptionIt’s a linux virtual machine intentionally configured with exploitable services to provide you with a path to r00t. 🙂 Currently, the virtual machine NIC is configured in bridged networking, so it will obtain a normal IP address on the network you are connected to. You can easily change this to NAT or Host Only if you desire. A quick ping sweep will show the IP address of the virtual machine.
Version/Levels: 1
Support/Walk-throughForumsLevel 1

(Offline) Web Based
Name: BadStore

Homepagehttp://www.badstore.net/
Brief descriptionBadstore.net is dedicated to helping you understand how hackers prey on Web application vulnerabilities, and to showing you how to reduce your exposure. Our Badstore demonstration software is designed to show you common hacking techniques.
Version/Levels: 1 (v1.2)
Support/Walk-throughPDF

Name: Damn Vulnerable Web App

Homepagehttp://www.dvwa.co.uk/
Brief descriptionDamn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a class room environment.
Version/Levels: 1 (v1.0.7)
Support/Walk-throughPDF

Name: Hacking-Lab

Homepagehttp://www.hacking-lab.com/
Brief descriptionThis ist the LiveCD project of Hacking-Lab (www.hacking-lab.com). It gives you OpenVPN access into Hacking-Labs Remote Security Lab. The LiveCD iso image runs very good natively on a host OS, or within a virtual environment (VMware, VirtualBox).
The LiveCD gives you OpenVPN access into Hacking-Lab Remote.You will gain VPN access if both of the two pre-requirements are fulfilled.
Version/Levels: 1 (v5.30)
Support/Walk-throughDownload

Name: HackUS HackFest Web CTF

Homepagehttp://hackus.org/en/media/training/
Brief descriptionThe Hackfest is an annual event held in Quebec city. For each event, a competition is held where participants competed at solving challenges related to security. For the 2010 edition, I got involved in the competition by creating the web portion of the competition.
Version/Levels: 1 (2010)
Support/Walk-throughBlogSolutionnaire (English)

Name: Hacme

Homepagehttp://www.mcafee.com/us/downloads/free-tools/index.aspx
Brief descriptionFoundstone Hacme Casino™ is a learning platform for secure software development and is targeted at software developers, application penetration testers, software architects, and anyone with an interest in application security.
Version/Levels: 5 (2006)
Support/Walk-throughBankBookCasinoShippingTravel

Name: LAMPSecurity

Homepagehttp://sourceforge.net/projects/lampsecurity/
Brief descriptionFoundstone Hacme Casino™ is a learning platform for secure software development and is targeted at software developers, application penetration testers, software architects, and anyone with an interest in application security.
Version/Levels: v6 (4x)
Support/Walk-throughSourceForge

Name: Moth

Homepagehttp://www.bonsai-sec.com/en/research/moth.php
Brief descriptionMoth is a VMware image with a set of vulnerable Web Applications and scripts, that you may use for:

  1. Testing Web Application Security Scanners
  2. Testing Static Code Analysis tools (SCA)
  3. Giving an introductory course to Web Application Security

Version/Levels: v6
Support/Walk-throughSourceForge

Name: Mutillidae

Homepagehttp://www.irongeek.com/i.php?page=security/mutillidae-deliberately-vulnerable-php-owasp-top-10
Brief descriptionMutillidae: A Deliberately Vulnerable Set Of PHP Scripts That Implement The OWASP Top 10
Version/Levels: v1.5
Support/Walk-through: N/A

Name: Open Web Application Security Project (OWASP) Broken Web Applications Project

Homepagehttps://code.google.com/p/owaspbwa/
Brief descriptionThis project includes applications from various sources (listed in no particular order).
Intentionally Vulnerable Applications:

Old Versions of Real Applications:

  • WordPress 2.0.0 (PHP, released December 31, 2005, downloaded from www.oldapps.com)
  • phpBB 2.0.0 (PHP, released April 4, 2002, downloaded from www.oldapps.com)
  • Yazd version 1.0 (Java, released February 20, 2002)
  • gtd-php version 0.7 (PHP, released September 30, 2006)
  • OrangeHRM version 2.4.2 (PHP, released May 7, 2009)
  • GetBoo version 1.04 (PHP, released April 7, 2008)

Version/Levels: v0.92rc1
Support/Walk-through: N/A

Name: SecuriBench

Homepagehttp://suif.stanford.edu/~livshits/securibench/
Brief descriptionStanford SecuriBench is a set of open source real-life programs to be used as a testing ground for static and dynamic security tools. Release .91a focuses on Web-based applications written in Java.
These applications suffer from a variety of vulnerabilities including

  • SQL injection attacks
  • Cross-site scripting attacks
  • HTTP splitting attacks
  • Path traversal attacks

Version/Levels: v0.91a
Support/Walk-through: N/A

Name: UltimateLAMP

Homepagehttp://ronaldbradford.com/blog/ultimatelamp-2006-05-19/
Brief descriptionUltimateLAMP is a fully functional environment allowing you to easily try and evaluate a number of LAMP stack software products without requiring any specific setup or configuration of these products. UltimateLAMP runs as a Virtual Machine with VMware Player (FREE). This demonstration package also enables the recording of all user entered information for later reference, indeed you will find a wealth of information already available within a number of the Product Recommendations starting with the supplied Documentation.
Version/Levels: v0.2
Support/Walk-throughPasswords

Name: Virtual Hacking Lab

Homepagehttp://virtualhacking.sourceforge.net/
Brief descriptionA mirror of deliberately insecure applications and old softwares with known vulnerabilities. Used for proof-of-concept /security training/learning purposes. Available in either virtual images or live iso or standalone formats
Version/Levels: 1 (2009)
Support/Walk-throughSourceForge

Name: WackoPicko

Homepagehttps://github.com/adamdoupe/WackoPicko
Brief descriptionWackoPicko is a vulnerable web application used to test web application vulnerability scanners.
Version/Levels: 1
Support/Walk-through: N/A

Name: WebGoat

Homepagehttp://www.owasp.org/index.php/Category:OWASP_WebGoat_Project
Brief descriptionWebGoat is a deliberately insecure J2EE web application maintained by OWASP designed to teach web application security lessons. In each lesson, users must demonstrate their understanding of a security issue by exploiting a real vulnerability in the WebGoat application.
Version/Levels: 1
Support/Walk-throughUser GuideGoogleCodeSourceForge

Name: WebMaven

Homepagehttp://www.mavensecurity.com/WebMaven/
Brief descriptionWebMaven (better known as Buggy Bank) was an interactive learning environment for web application security. It emulated various security flaws for the user to find. This enabled users to safely & legally practice web application vulnerability assessment techniques. In addition, users could benchmark their security audit tools to ensure they perform as advertised.
Version/Levels: 1.0.1
Support/Walk-throughDownload

Name: Web Security Dojo

Homepagehttp://www.mavensecurity.com/web_security_dojo/
Brief descriptionA free open-source self-contained training environment for Web Application Security penetration testing. Tools + Targets = Dojo
Various web application security testing tools and vulnerable web applications were added to a clean install of Ubuntu v10.04.1, which is patched with the appropriate updates and VM additions for easy use.
Version 1.1 includes an exclusive speed-enhanced version of Burp Suite Free. Special thanks to PortSwigger .
Version/Levels: 1
Support/Walk-throughSourceForge

(Online) Web Based
Name: Gruyere / jarlsberg

Homepagehttp://google-gruyere.appspot.com/
Brief descriptionThis codelab shows how web application vulnerabilities can be exploited and how to defend against these attacks. The best way to learn things is by doing, so you’ll get a chance to do some real penetration testing, actually exploiting a real application
Version/Levels: 1 (v1.0.7)
Support/Walk-throughPDFDownload offline

Name: HackThis

Homepagehttp://www.hackthis.co.uk/
Brief descriptionWelcome to HackThis!!, this site was set up over 2 years ago as a safe place for internet users to learn the art of hacking in a controlled environment, teaching the most common flaws in internet security.
Version/Levels: 32 (40?)
Support/Walk-through: N/A

Name: HackThisSite

Homepagehttp://www.hackthissite.org/
Brief descriptionHack This Site is a free, safe and legal training ground for hackers to test and expand their hacking skills. More than just another hacker wargames site, we are a living, breathing community with many active projects in development, with a vast selection of hacking articles and a huge forum where users can discuss hacking, network security, and just about everything. Tune in to the hacker underground and get involved with the project.
Version/Levels: Lots
Support/Walk-through: N/A

Name: Vicnum

Homepagehttp://vicnum.ciphertechs.com/
Brief descriptionA mirror of deliberately insecure applications and old softwares with known vulnerabilities. Used for proof-of-concept /security training/learning purposes. Available in either virtual images or live iso or standalone formats
Version/Levels: 1.4 (2009)
Support/Walk-throughSourceForge (Download)

Taken from :http://g0tmi1k.blogspot.com ©

Anuncios

Conociendo Nmap Scripting Engine (NSE)


Desde Hace Mucho tiempo Nmap es una de las herramientas favoritas que e tenido para realizar mis pentest y mis experimentos en redes,Nmap es sencillo y  es muy modular a la hora de practicar con el,la facilidad con reportes y mezcla con otras herramientas (metasploit…)en fin una herramienta que no debe faltar en nuestro garage ,Algunas personas se preguntara me da mucha pereza escribir ese sin fin de opciones que tiene nmap,pues os tengo la solucion Nmap Scripting Engine

The Nmap Scripting Engine (NSE) is one of Nmap’s most powerful and flexible features. It allows users to write (and share) simple scripts to automate a wide variety of networking tasks. Those scripts are then executed in parallel with the speed and efficiency you expect from Nmap. Users can rely on the growing and diverse set of scripts distributed with Nmap, or write their own to meet custom needs.

Basicamente con nse podras escribir todos tus scripts…pero eso si tendras que empezar desde el principio como todo buen cerrajero !Practicando ! asi que os dejo los siguientes links :

http://nmap.org/book/nse.html

Mastering the Nmap Scripting Engine – Fyodor & David Fifield – Defcon 18 from Gordon Fyodor Lyon on Vimeo.

 

 

History: by Daren’s Rant 1: “Fairy Godfather”


i was reading this week when  review  the website of Adrian Crenshaw (http://www.irongeek.com) see a link ,specificly  “Humor ” and i would like to share this history :

nce upon a time in a land not so far away lived a young man not so different than you or I. He was twenty-two and of sound body and mind. We will call the boy John and he was at home on a Saturday night. John sat looking out his window to the streets below. They were filled with people going to and from. John saw young men and women walking hand-in-hand with smiles upon their faces. He could see their breath in the cool, fall air.

John sighed to himself and looked over at his phone. Nobody would be calling him this night because his friends all had dates. “Oh,” bewailed John, “what about me? Am I so horrid that I am to sit alone?” He looked out the window again and clutched the windowsill. “Am I so different from those below that I can not be one of them? Am I not to know the sweet laughter of a woman? To feel her warm embrace or to hold her hand? Am I to sit here all my weekend nights while listening to mom and dad watch Cops in the next room? Oh, cruel fate avenge me!”

Little did John know his prayer would be answered. For at that very moment Fate set into motion events that would alter the mortal’s life forever. Answered prayers come in many shapes and John’s came in the shape of a fat man in a Nascar T-shirt. But not just any fat man; it was his fairy godfather.

John heard a knock at his door and answered it to find his savior floating in the hallway. He was a middle-aged looking man barely floating off the ground with his fairy wings. He wore beat-up shoes and blue jeans and was in need of a shave. Upon his head sat a Budweiser hat and he carried a magic wand in his hand.

“Are you John?” the man asked with a Bronx accent.

“Yes, yes I am,” John replied. “And you are?”

“I’m your fairy godfather, Ralph” The man bowed. “I’ve come to grant your wish.”

“Sorry, but I asked for a woman.”

“Yeah, I’ve come to help you with that, you half-wit.”

“Really? You’re to give me a woman? Oh, what joy! At long last my lonely nights will be over. I will have a woman of my very own to take to the movies, take long walks with. Where is she?”

Ralph floated into the room. He was so heavy that his wings no longer gave him true flight but only let him hover a foot off the ground at all times.

“Not so fast. I didn’t say I was here to get you a woman, but to get you laid.”

“I don’t understand,” John replied in shock. “I thought you came to grant me a girlfriend.”

“Sorry, but I don’t work miracles. Don’t get me wrong kid, you’re a good guy. And that’s the problem.”

“Huh?”

“Look, you’re a nice guy and a girl won’t stay with you for long. You don’t have it in your heart to abuse or neglect a woman so therefore one won’t stay with you. But I’m here to get you laid, which in my opinion is better.”

“I suppose you’re right,” John shrugged. “What must I do?”

“Nothing,” Ralph smiled, “let me take care of that.” He hovered over to John and tapped him on the head with his magic wand. Magic dust of different colors burst forth from his wand upon striking John’s head.

“There. You are now irresistible to women.”

“Now what?” John asked. He couldn’t contain his smile.

“Go to work tomorrow at Megamart like you always do. You will be the center of attention. From the sea of women that will drown you pick one you like the best. We will go from there.”

“Thank you, Ralph. Surely there is something you want from me?”

“Whatever gave you that idea?” Ralph asked.

“Nothing is free and a gift of this sorts must require some kind of price.”

“Don’t worry about it. Just doing my job.”

“What am I to give? My soul? Surely, I’m to give something..”

Ralph laughed out loud. “No, I’d want something useful. “Now if you excuse me I must be off. Lockdown at the fairy prison is within the hour and if I’m late they will send the fairy taser-guards after me again.” And with a bow and a burp Ralph hovered away leaving John with his glee. For soon the touch of a beautiful woman was to be his.

John awoke the next morning with a renewed vigor for life. He showered and put on his uniform for work. He pulled into the Megamart parking lot and entered the huge corporate-owned building before him. He took his place at his appointed station, which was selling TV’s and other electronic forms of entertainment. It wasn’t long before some of his female co-workers began talking to him, some even spending their lunch hour behind the counter with him. Before long he had a fistful of phone numbers and all the paper barely fit into his pocket.

John got home that night and began sorting through the numbers. It was then that Ralph knocked at his door.

“And how was your day?” Ralph asked with a smile.

“It was great! I got so many phone numbers.”

“Good. Now go over and choose one.”

John looked through the pile trying to find the number of any girl he considered perfection. But just then his smile turned to a frown.

“What’s wrong?”

“All these phone numbers are from minors! All these girls are 16 or 17!”

“So?”

“I’m over 18! This would be illegal. You put a spell on me that only lets minors notice me! What kind of a joke is this?”

“Sorry kid, but my powers are just developing. But don’t worry I’ll still get you laid.”

John sighed. He then saw a number for a 17 year old girl who we will call Beth. She was to be 18 in a week.

“Here,” John said with a smile returning. “I pick her. She will be 18 soon. I can wait until then.”

“Sorry again kid, but you have to lay her before she is 18. In fact, you have to do it on the day before her birthday before the clock strikes midnight.”

“What? What kind of fairy godfather are you? What kind of a spell is that?” John shrieked.

“Hey, I didn’t write that spell so don’t blame me,” Ralph said with an air of indignation. “I said I was here to get you laid and that’s that.”

“Alright then,” John sighed. “Now what?”

“Tell Beth you want to take her out for her birthday. We will go from there.”

John did as he was told. The next Saturday night the two were to go on a date. Under Ralph’s spell Beth would be willing for sex. When John got home from work that Saturday afternoon he found Ralph in his room waiting for him.

“Ready?” Ralph asked.

“Yes.”

Ralph stood up and surveyed John. “Looks like you are wearing the clothes I instructed. Good.”

John was wearing a cheap T-shirt, blue jeans and shoes that were on clearance at Megamart. Ralph tapped him on the head with his magic wand and his clothes turned into an Armani suit. His shoes changed appropriately as well. “Need to keep track of time too. Hold out your wrist.” John held out his wrist that had on the specific watch Ralph instructed. With a tap of the magic wand, the Star Wars watch turned into a Rolex.

“Now for your ride,” Ralph said.

The two went outside to the parking lot. “Place the pumpkin in the parking space,” Ralph instructed.

John did as he was told and Ralph tapped it with his magic wand. The pumpkin turned into a new Lexus. Ralph handed John the keys. “Go forth and conquer, but do it before midnight.”

“What happens at midnight?”

“If you must know, everything reverts back to normal.”

“What about the girl?”

“She will no longer desire you and instead be filled with disgust. That and the fact you are trying to nail her on top of a squished pumpkin doesn’t help.”

“Alright, wish me luck!” John shouted.

“Make me proud!” Ralph yelled with a tear in his eye.

John sped off to pick up his date. The two had a typical first date of dinner and a movie. Finally, the time was drawing near for John to make his move. He pulled into the parking lot behind Megamart where nobody could see them. After a few minutes of obligatory small-talk the two climbed in the back seat.

The couple laughed with excitement as they tore off their clothes and began to kiss. The two were now completely nude and John was about to go for the kill.

Just then Beth’s eyes widened in horror. “What are you doing?” she gasped. She smacked John in the face. “What’s going on?” John yelled. Just then everything reverted back to normal just as Ralph said it would.

“Get off me, you pervert!” Beth yelled as she reached for her clothes. John looked down at his watch, which read 12 A.M. “I don’t get it,” he said. “It was just 11:45 a few seconds ago…”

“Why the hell are we out here in the parking lot on top of this pumpkin?” Beth shrieked with digust.

“I…umm…well…”

“Forget it!” Beth yelled. She picked up her clothes and began putting them on as she walked away.

“Beth, wait!” John pleaded. “Please.”

Beth ignored him and now took to a jog. John lowered his head and sighed. He knew he would never hear the end of this.

John walked home that night carrying his pumpkin and wearing his Clearance! clothes. The next day he got a call from Beth’s parents. A few months later John was sentenced to prison For attempting statutory rape. But through a twist of Fate a special request was sent asking that John be sent to Fairy prison. John arrived and was given his cell. Across the hall he saw Ralph.

“Hey!” John yelled. “What happened? That Rolex you gave me had the wrong time. I was too late in making my move!”

“Oh man, I’m sorry,” Ralph said. “Wait a minute though…what kind of Star Wars watch did you have?”

“It had C3PO on it.”

Ralph shook his head. “Sorry kid, but that was it. I specifically told you to get one with Lando on it.”

“So?”

“Hey, spells are really picky when it comes to these things. You had the wrong kind of Star Wars watch and it botched the spell.”

John sighed and placed his head against the bars. “So close…”

“Cheer up,” Ralph said. “Not only will you get plenty of “attention” here but you will also be given a new mission in life.”

****

Once upon a time in a land not so far away lived a young man not so different than you or I. He was twenty-two and of sound body and mind. We will call the boy Adam and he was at home on a Saturday night. Adam sat looking out his window to the streets below. They were filled with people going to and from. Adam saw young men and women walking hand-in-hand with smiles upon their faces. He could see their breath in the cool, fall air.

Adam sighed to himself and looked over at his phone. Nobody would be calling him this night because his friends all had dates. “Oh,” bewailed Adam, “what about me? Am I so horrid that I am to sit alone?” He looked out the window again and clutched the windowsill. “Am I so different from those below that I can not be one of them? Am I not to know the sweet laughter of a woman? To feel her warm embrace or to hold her hand? Am I to sit here all my weekend nights while listening to mom and dad watch Everybody Loves Raymond in the next room? Oh, cruel fate avenge me!”

Just then Adam heard a knock at his door. He opened it to discover a young man with fairy wings floating in his hallway. He wore old tennis shoes and blue jeans. He was wearing a Metallica shirt and a cigarette dangled from his mouth.

“Are you Adam?”

“Yes, yes I am,” Adam replied. “Who are you?”

“The name’s John and I’m your fairy godcousin.” John floated into the room. “Oh, and before I forget, take this.” He handed Adam a Star Wars watch with Lando on it.

“What’s this for?” Adam asked.

“To keep your ass out of fairy prison.”

Hope you like ;-d

taken from  :http://www.irongeek.com ,so you can follow the admin of this website  @irongeek_adc