Virtual Machines
single series all timeline

Search Result: lab (112 results)

Our resident ROP ninja barrebas recently gave the team a bootcamp on Return Oriented Programming. The presentation was followed by a demo walkthrough on writing a ROP exploit on a vulnerable application. Since the presentation was well received, he’s decided to make the slides available to everyone. You can view them at https://speakerdeck.com/barrebas/rop-primer.

We hope you enjoy it!

Username: root
Password: toor

Username: level0
Password: warmup

ROP Primer
----------

This VM is meant as a small introduction to 32-bit return-oriented-programming on Linux. It contains three vulnerable binaries, that must be exploited using ROP.

The machine is built and tested in VirtualBox 4.3.20. It's an Ubuntu 32 bit VM, with ASLR disabled. Useful tools like gdb-peda are installed. A description of the levels, including instructions, can be found on the webserver.

A big shout-out to my team mates of the Vulnhub CTF Team!

@barrebas, March 2015 & June 2015

rop-primer-v0.2.ova:
---------------
MD5:  840c75497f54578497a6e44df2f96047
SHA1: 2cb14d78fd1ff7b5a7895447969fde8ca9c06ef3
more...
ROP Primer: 0.2
13 Jun 2015
 by 
Bas
ellipsis

Main

The Broken Web Applications (BWA) Project produces a Virtual Machine running a variety of applications with known vulnerabilities for those interested in:

  • learning about web application security
  • testing manual assessment techniques
  • testing automated tools
  • testing source code analysis tools
  • observing web attacks
  • testing WAFs and similar code technologies

all the while saving people interested in doing either learning or testing the pain of having to compile, configure, and catalog all of the things normally involved in doing this process from scratch.

Source: http://owasp.com/index.php/OWASP_Broken_Web_Applications_Project

Release notes for the Open Web Application Security Project (OWASP) Broken Web Applications Project, a collection of vulnerable web applications that is distributed on a Virtual Machine in VMware format compatible with their no-cost and commercial VMware products.

More information about the project can be found at http://www.owaspbwa.org/.

The VM can be downloaded as a .zip file or as a much smaller .7z 7-zip Archive. BOTH FILES CONTAIN THE EXACT SAME VM! We recommend that you download the .7z archive if possible to save bandwidth (and time). 7-zip is available for Windows, Mac, Linux, and other Operating Systems.

!!! This VM has many serious security issues. We strongly recommend that you run it only on the "host only" or "NAT" network in the virtual machine settings !!!

Version 1.2 - 2015-08-03

  • Updated Mutillidae
  • Other miscellaneous, minor updates

Version 1.2rc1 - 2015-06-24

  • Updated Mutillidae and WAVSEP
  • Removed IP address restrictions on Mutillidae
  • Added script to rebuild WAVSEP
  • Added bWAPP application and script to automatically update bWAPP
  • Added OWASP Security Shepherd application and supporting scripts.
  • Likely updated other applications

Version 1.1.1 - 2013-09-27

  • Updated Mutillidae and transitioned to use its new Git repository
  • Fixed issue with Tomcat not starting in some circumstances

Version 1.1 - 2013-07-30

  • Updated Mutillidae, Cyclone, and WAVSEP
  • Updated OWASP Bricks and configured it to pull from SVN
  • Fixed ModSecurity CRS blocking and rebuilt ModSecurity to include Lua support
  • Increased VM's RAM allocation to 1Gb
  • Set Tomcat to run as root (to allow some traversal issues tested by WAVSEP)
  • Updated landing page for OWASP 1-Liner to reflect that the application is not fully functional

Version 1.1beta1 - 2013-07-10

  • Added new applications: OWASP 1-liner, OWASP RailsGoat, OWASP Bricks, SpiderLabs "Magical Code Injection Rainbow", Cyclone
  • Updated Mutillidae (name, version, and to use new SVN repository)
  • Updated DVWA to new Git repository
  • Added SSL support to web server
  • Updated ModSecurity and updated Core Rule Set to current in Git
  • Known issues:
  • ModSecurity CRS blocking does not work
  • OWASP 1-liner application appears to have functional issues (it was heavily modified to run on the VM through Apache)
  • Other new applications have not been fully tested
  • User Guide has not been updated

Version 1.0 - 2012-07-24

  • Added new application: WIVET (http://code.google.com/p/wivet/)
  • Updated WAVSEP, Mutillidae, Vicnum
  • Created new category for "Applications for Testing Tools", containing OWASP ZAP WAVE, WIVET, and WAVSEP
  • Major update to User Guide at http://code.google.com/p/owaspbwa/wiki/UserGuide. Removed some other project Wiki pages that were incorporated into User Guide.
  • More improvements to index.html

Version 1.0rc2 - 2012-07-14

  • Added new application: WAVSEP (http://code.google.com/p/wavsep/)
  • Updated WebGoat.NET, WebGoat (Java), and other applications from source repositories. Updated Mutillidae.
  • Removed links to OWASP ESAPI SwingSet (non-Interactive). That application has been deprecated and replaced by the SwingSet Interactive.
  • Changed version numbers in index.html to better indicate applications that are updated from public SVN or GIT repositories.
  • Layout improvements to index.html file (layout could still use some work).
  • Fixed bugs in Yazd (may have been present in 1.0rc1 or before)
  • Changes MySQL configuration to store database and table names as lower case (facilitates use of software written on Windows that may not strictly adhere to one case for identifiers)

Version 1.0rc1 - 2012-04-04

  • Added new applications:
  • Added OWASP WebGoat.NET (https://www.owasp.org/index.php/Category:OWASP_WebGoat.NET)
  • Added OWASP ESAPI SwingSet (https://www.owasp.org/index.php/ESAPI_Swingset)
  • Added OWASP ESAPI SwingSet Interactive (https://www.owasp.org/index.php/ESAPI_Swingset)
  • Added Jotto (from OWASP Vicnum project - http://www.owasp.org/index.php/Category:OWASP_Vicnum_Project)
  • Updated applications: Mutillidae, WebGoat (Java), ModSecurity, ModSecurity Core Rule Set, BodgeIt, OWASP ZAP WAVE, Damn Vulnerable Web Application, WackoPicko
  • Added owaspbwa-*-rebuild.sh scripts to build and deploy applications from source (WebGoat, Yazd, CSRFGuard Test Apps, SwingSet Apps)
  • Added owaspbwa-update-*.sh scripts to automatically pull updates from source repositories (OWASP BWA only and for all applications)
  • Cleaned up installations of WebGoat and Yazd
  • Fixed issue with PHP configuration to allow Remote File Include (RFI) vulnerabilities.
  • Created User Guide at http://code.google.com/p/owaspbwa/wiki/UserGuide (not yet complete).

Version 0.94 - 2011-07-24

  • No changes from 0.94rc3.

Version 0.94rc3 - 2011-07-14

  • More fixes to hackxor applications (thanks again to Albino Wax).

Version 0.94rc2 - 2011-07-13

  • Fixes to hackxor applications (thanks to Albino Wax for fixes).

Version 0.94rc1 - 2011-07-11

  • Added a number of new applications, including Gruyere, Hackxor, WackoPicko, BodgeIt, TikiWiki, Joomla, Gallery2, WebCalendar, AWStats, and ZAP-Wave (thanks to Mike Cyr for lots of work in this area).
  • New and improved "home" page in the VM (thanks again to Mike Cyr).

Version 0.93rc1 - 2011-01-19

  • Rebuilt OrangeHRM database to fix login issue (thanks to Dave van Stein for reporting this)
  • Configured mod_proxy on Apache web server to reverse proxy applications running on Tomcat web server. Disabled direct access to Tomcat server
  • Installed ModSecurity to 2.5.13 from source (needed by Core Rule Set)
  • Configured the ModSecurity Core Rule Set. It is disabled by default, but can be enabled through the use of new shell scripts in /usr/local/bin
  • Adjusted Samba shares to follow symlinks
  • Removed some miscellaneous old / duplicate files
  • Attempted to fix phpBB issues, but was unsuccessful. That application is broken for this release and marked as such in the index.html file (thanks to Dave van Stein for reporting this issue)

Version 0.92rc2 - 2010-11-15

  • Fixed bug with MySQL databases not starting properly (thanks to Tom Neaves for reporting this)

Version 0.92rc1 - 2010-11-10

  • Developed method for tracking known issues in the applications at http://sourceforge.net/apps/trac/owaspbwa/report/1.
  • Updated base OS to Ubuntu 10.04 LTS
  • Updated DVWA to SVN version > 1.07
  • Updated Mutillidae to version 1.5
  • Updated WebGoat to SVN version > 5.3
  • Added and configured three "real" applications suggested by Matt Tesauro:
  • Added application: GetBoo version 1.04 (http://sourceforge.net/projects/getboo/files/)
  • Added application: GTD-PHP version 0.7 (http://sourceforge.net/projects/gtd-php/files/)
  • Added application: OrangeHRM version 2.4.2 (http://www.orangehrm.com/)
  • Fixed bug in DVWA database permissions that was preventing stored XSS from working (thanks to Owen Wright for reporting this)

Version 0.91rc1 - 2010-03-24

  • Updated OWASP Vicnum to version 1.4 (http://www.owasp.org/index.php/Category:OWASP_Vicnum_Project)
  • Added application: Ghost (http://webdevelopmentsolutions.org/)
  • Added application: Peruggia version 1.2 (http://peruggia.sourceforge.net/)
  • Added application: OWASP AppSensor Demo (http://www.owasp.org/index.php/Category:OWASP_AppSensor_Project)
  • Fixed bug where VM would sometimes not get an address from DHCP on boot
  • Fixed bug where PHP magic quotes were enabled for some applications, preventing SQL Injection
  • Changed password for some applications to match standard users named 'admin' and 'user' with the password the same as the username
  • Moved databases, applications that run on Apache web server, some configuration files, and some applications that run on Tomcat web server into SVN with symlinks to the SVN directory in the normal file system.
  • Fixed bug in where permissions on /var/www/dvwa were not set properly (thanks to Dale Castle for reporting this)

Version 0.9 - 2009-11-11

  • Initial Release
more...
OWASP Broken Web Applications Project: 1.2
3 Aug 2015
 by 
OWASP
ellipsis

The Challenge:

You are looking for two flags. Using discovered pointers in various elements of the running web application you can deduce the first flag (a downloadable file) which is required to find the second flag (a text file). Look, read and maybe even listen. You will need to use basic web application recon skills as well as some forensics to find both flags.

Level: Intermediate

Description:

The virtual machine comes in an OVA format, and is a generic 32 bit CentOS Linux build with a single available service (HTTP) where the challenge resides. Feel free to enable bridged networking to have the VM automatically be assigned a DHCP address. This VM has been tested in VMware Workstation 12 Player (choose "Retry" if needed), and VirtualBox 4.3.

SHA1: f60f497f3f8fda0d0aeccfc84dad8e19ad164f55 Challenge.ova

Twitter: @SpyderSec

more...
SpyderSec: Challenge
4 Sep 2015
 by 
SpyderSec
ellipsis

About Release

Name........: SickOs1.1
Date Release: 11 Dec 2015
Author......: D4rk
Series......: SickOs
Objective...: Get /root/a0216ea4d51874464078c618298b1367.txt
Tester(s)...: h1tch1
Twitter.....: https://twitter.com/D4rk36

Description:

This CTF gives a clear analogy how hacking strategies can be performed on a network to compromise it in a safe environment. This vm is very similar to labs I faced in OSCP. The objective being to compromise the network/machine and gain Administrative/root privileges on them.

File Information:

FileName: sick0s1.1.7z
File Size: 652.52 MB
MD5: 396e46897c54da6ded6604b861c806b7
SHA1: 3578a10ba92f860c2f0d8934ec5a9bbffc4c7859

Virtual Machine:

Format: 7z
Operating System: Ubuntu
Tested: VMware Workstation 11.0.0 build-2305329

Networking:

DHCP service: Enabled
IP address: Automatically assign

Flag(s):

Yes
more...
SickOs: 1.1
11 Dec 2015
 by 
D4rk
ellipsis

The CsharpVulnSoap virtual appliance is a purposefully vulnerable SOAP service, focusing on using XML, which is a core feature of APIs implemented using SOAP. The web application, listening on port 80, allows you to list, create, and delete users in the PostgreSQL database. The web application is written in the C# programming language and uses apache+mod_mono to run. The main focus of intentional vulnerabilities was SQL injections.

The vulnerable SOAP service is available on http://<ip>/Vulnerable.asmx, and by appending ?WSDL to the URL, you can get an XML document detailing the functions exposed by the service. Using this document, you can automatically fuzz the endpoint for any vulnerabilities by parsing the document and creating the HTTP requests expected programmatically.

The SQL injections yield a variety of potential exploit techniques since different SQL verbs are used to perform actions against the server. For instance, a SQL injection in an INSERT statement may not be exploitable in the same ways the DELETE or SELECT statements will be. Using a tool like sqlmap will help you learn how to exploit each SQL injection vulnerability using a variety of techniques.

If you are curious how sqlmap is performing the checks for, and ultimately exploiting, the vulnerabilities in the web application, you can use the --proxy option for sqlmap and pass the HTTP requests through Burpsuite. You can then see in the HTTP history tab the raw HTTP requests made by sqlmap.

more...
Csharp: VulnSoap
4 Jan 2016
 by 
Brandon Perry
ellipsis 
         _         _            _        _   _        _            _
        /\ \      /\ \         /\ \     /\_\/\_\ _   /\ \         /\ \
       /  \ \    /  \ \        \ \ \   / / / / //\_\/  \ \       /  \ \
      / /\ \ \  / /\ \ \       /\ \_\ /\ \/ \ \/ / / /\ \ \     / /\ \ \
     / / /\ \_\/ / /\ \_\     / /\/_//  \____\__/ / / /\ \_\   / / /\ \_\
    / / /_/ / / / /_/ / /    / / /  / /\/________/ /_/_ \/_/  / / /_/ / /
   / / /__\/ / / /__\/ /    / / /  / / /\/_// / / /____/\    / / /__\/ /
  / / /_____/ / /_____/    / / /  / / /    / / / /\____\/   / / /_____/
 / / /     / / /\ \ \  ___/ / /__/ / /    / / / / /______  / / /\ \ \
/ / /     / / /  \ \ \/\__\/_/___\/_/    / / / / /_______\/ / /  \ \ \
\/_/      \/_/    \_\/\/_________/       \/_/\/__________/\/_/    \_\/

Installation

1) Run the OVA in a VM and connect to the webserver 2) Have Fun!

Made by

couchsofa

Thanks to

morbidick einball sarah

I would probably have never finished', this project without you guys ;)',

mostley

For hinting me to Erik Österberg's Terminal.js

0xBEEF

For providing fuel in the form of fudge and premium grilled goods

More information: http://wiki.fablab-karlsruhe.de/doku.php?id=projekte:primer

Motivation

A friend wanted to get into some simple exploits. I suggested starting out with web security, she was all for it. But when I started browsing vulnhub and the likes I couldn't find anything like I had in mind. So I wrote my own.

Concept

This is a story based challenge written in a style heavily inspired by Neil Stephensons Snow Crash and William Gibsons Sprawl Trilogy. Each chapter is unlocked by solving the puzzle. From hardcoded clear text javascript password checks, SQL-injections and cracking hashes to a simulated terminal. You only need to start the VM, a webserver will come up and you can connect with your browser. In fact you never have to leave the browser.

Goal

Teach some basic well known techniques and attacks. Spark some curiosity, make the user look at the source code and try to figure out what's going on behind the scenes. The main goal is to give a nice welcoming intro to the scene and hopefully also teach something about ethics and responsibility.

Change log

v1.0.1 - 2016-01-15: https://twitter.com/CouchSofa/status/688129147848138752 v1.0.0 - 2015-10-27: https://twitter.com/CouchSofa/status/659148660152909824

more...
PRIMER: 1.0.1
15 Jan 2016
 by 
Arne Rick
ellipsis

6Days Lab

Boot2root machine for educational purposes

Our first boot2root machine, execute /flag to complete the game.

Try your skills against an environment protected by IDS and sandboxes!

“Our product Rashomon IPS is so good, even we use it!” they claim.

Hope you enjoy.

v1.0 - 2016-07-12

v1.1 - 2016-07-25

more...
6Days Lab: 1.1
25 Jul 2016
 by 
CanYouPwn.Me
ellipsis

Description

Wellcome to "PwnLab: init", my first Boot2Root virtual machine. Meant to be easy, I hope you enjoy it and maybe learn something. The purpose of this CTF is to get root and read de flag.

Can contact me at: [email protected] or on Twitter: @Chronicoder

  • Difficulty: Low
  • Flag: /root/flag.txt

File Information

  • Filename: pwnlab_init.ova
  • File size: 784 MB
  • MD5: CE8AB26DE76E5883E67D6DE04C0F6E43
  • SHA1: 575F19216A3FA3E377EFE69D5BF715913F294A3B

Virtual Machine

  • Format: Virtual Machine (Virtualbox - OVA)
  • Operating System: Debian

Networking

  • DHCP service: Enabled
  • IP address: Automatically assign
more...
PwnLab: init
1 Aug 2016
 by 
Claor
ellipsis

NETinVM

A tool for teaching and learning about systems, networks and security

Authors: Carlos Perez & David Perez Date: 2016-11-03

Introduction

NETinVM is a VMware virtual machine image that provides the user with a complete computer network. For this reason, NETinVM can be used for learning about operating systems, computer networks and system and network security.

In addition, since NETinVM is a VMware image, it can be used for demonstrations (i.e. in classrooms) that can be reproduced by students either in a laboratory or on their own laptop and thus, at home, at the library... For these reasons we present NETinVM as an educational tool.

Description of NETinVM

NETinVM is a VMware virtual machine image that contains, ready to run, a series of User-mode Linux (UML) virtual machines. When started, the UML virtual machines create a whole computer network; hence the name NETinVM, an acronym for NETwork in Virtual Machine. This virtual network has been called 'example.net' and has fully qualified domain names defined for the systems: 'base.example.net', 'fw.example.net', etc.

All of the virtual machines use the Linux operating system. The VMware virtual machine is called 'base' and it runs openSUSE 13.2. User-mode Linux machines use Debian 6.0 and they have different names depending on their network location, because they are grouped into three different subnets: corporate, perimeter and external. The subnetworks are named 'int' (for internal network), 'dmz' (for DMZ or demilitarized zone, usually used as a synonym for perimeter network) and 'ext' (for external network).

One of the UML machines, 'fw', interconnects the three networks ('int, 'dmz' and 'ext'), allowing for communication and packet filtering. The rest of the UML machines have only one network interface, connected to the network they are named after:

int<X> + UMLs connected to the internal network. can take values from 'a' to 'f', both inclusive. These machines only offer SSH service by default.

dmz<X> + UMLs connected to the perimeter network (DMZ). They are supposed to be bastion nodes. Two preconfigured bastion nodes are provided, each one with its appropriate alias: + 'dmza' is aliased as 'www.example.net' and it offers HTTP and HTTPS services. + 'dmzb' is aliased as 'ftp.example.net' and it offers FTP.

ext<X> + UMLs connected to the external network (ie: Internet). Because a picture paints a thousand words, or so they say, the following figure shows NETinVM with all of the virtual machines running inside.

General view of NETinVM in VMware. The document example-net.pdf offers a detailed view.

All of the elements referenced before are shown in the image with their IP and ethernet addresses. The following rules have been used for assigning addresses:

  • IP addresses are of the form 10.5.., where is either 0 ('ext'), 1 ('dmz') or 2 ('int'), and is either 10 for 'exta', 'dmza' or 'inta', 11 for 'b' and so on up to 15 for 'f'.
  • Network masks are 24 bits (255.255.255.0).
  • Ethernet addresses are CA:FE:00:00:0:0, where is either 0, 1 or 2 (following the same domain rule as IP addressing) and is either a, b, c, d, e or f.
  • The interfaces of 'fw' use 254 for IP and FE for ethernet.
  • The interfaces of 'base' use 1 for IP and 01 for ethernet.

In addition to the computers and networks already described, the figure also shows the real computer where NETinVM runs ('REAL COMPUTER') and VMware Player's typical network interface ('vmnet8'), which optionally interconnects NETinVM's networks with the external word.

When they boot, all UML virtual machines get their network configuration from 'base', which provides DHCP and DNS services to the three NETinVM networks through its interfaces 'tap0', 'tap1' and 'tap2'.

Routing works as follows:

  • The default gateway for the internal and perimeter networks (machines 'int' and 'dmz') is 'fw' (more specifically, the IP address of 'fw' in the corresponding internal or perimeter subnet).
  • The default gateway for 'fw' is 'base' (its external network address). 'base' (its external network address) is also the default gateway for machines in the external network ('ext'), but they are configured to use 'fw' (external network address) as the gateway for accessing machines in the perimeter and internal networks.
  • 'fw' applies NAT (SNAT, Masquerading) to all network traffic coming into it from the internal and perimeter networks and going out through its interface in the external network. So, these packets get to the external network with a source IP address of 10.5.0.254 (fw's IP address in the external network)
  • Thus, IP traffic exchanged among the three networks goes through 'fw', while traffic going out from NETinVM to the external world goes through 'fw' if (and only if) it comes from the internal or perimeter networks. All traffic going to the real world (outside NETinVM) exits through 'base' which, as 'fw' does, applies IP forwarding and NAT to this outgoing traffic.

Communication between 'base' and any UML machine, in both directions, is direct, without going through 'fw'. (When the communication is started from a UML machine, the IP address of the interface of 'base' in the corresponding network must be used.) This configuration permits access from 'base' to all UML machines using SSH independently of the packet filtering configuration at 'fw'.

As an additional consideration, please note that the SNAT configuration in 'fw' described above is necessary for responses to outgoing connections to the Internet originating from the internal or perimeter networks to come back through 'fw'. Otherwise they would be routed directly from 'base' to the UML machine through 'tap1' or 'tap2' without traversing 'fw'.

more...
NETinVM: November 3, 2016
3 Nov 2016
 by 
Carlos Perez & David Perez
ellipsis

This course details the exploitation of a weakness in the authentication of a PHP website. The website uses Cipher Block Chaining (CBC) to encrypt information provided by users and use this information to ensure authentication. The application also leaks if the padding is valid when decrypting the information. We will see how this behaviour can impact the authentication and how it can be exploited.

Source: https://pentesterlab.com/exercises/padding_oracle/course

more...
Pentester Lab: Padding Oracle
9 Dec 2016
 by 
Pentester Lab
ellipsis

Difficulty: Beginner/Intermediate

Instructions: The CTF is a virtual machine and has been tested in Virtual Box. It has all required drivers if you want it to run on VMware or KVM (virtio). The network interface of the virtual machine will take it`s IP settings from DHCP.

Flags: There are 7 flags that should be discovered in form of: Country_name Flag: [md5 hash]. In CTF platform of the CTF-USV competition there was a hint available for each flag, but accessing it would imply a penalty. If you need any of those hints to solve the challenge, send me a message on Twitter @gusu_oana and I will be glad to help.

About: CTF-USV 2016 was the first International Students Contest in Information Security organized in Romania by Suceava University. Security challenges creation, evaluation of results and building of CTF environment was provided by Safetech Tech Team: Oana Stoian (@gusu_oana), Teodor Lupan (@theologu) and Ionut Georgescu (@ionutge1)

SHA1: f401e4e9084f937a674356dd4fa2144e10b8471a

more...
USV: 2016 (v1.0.1)
9 Dec 2016
 by 
Suceava University
ellipsis

This is my first boot2root machine. It's begginer-intermediate level.

It's been tested in VBox and VMware and seems to work without issues in both.

A tip, anything can be a vector, really think things through here based on how the machine works. Make a wrong move though and some stuff gets moved around and makes the machine more difficult!

This is part one in a two part series. I was inspired by several vms I found on vulnhub and added a bit of a twist to the machine.

Good luck and I hope you guys enjoy!

This is my first CTF/Vulnerable VM ever. I created it both for educational purposes and so people can have a little fun testing their skills in a legal, pentest lab environment.

Some notes before you download!

  • Try to use a Host-Only Adapter. This is an intentionally vulnerable machine and leaving it open on your network can have bad results.
  • It should work with Vmware flawlessly. I've tested it with vbox and had one other friend test it on Vbox as well so I think it should work just fine on anything else.

This is a Boot2Root machine. The goal is for you to attempt to attempt to gain root privileges in the VM. Do not try to get the root flag through a recovery iso etc, this is essentially cheating! The idea is to get through by pretending this machine is being attacked over a network with no physical access.

I themed this machine to make it feel a bit more realistic. You are breaking into a fictional characters server (named Wallaby) and trying to gain root without him noticing, or else the difficulty level will increase if you make the wrong move! Good luck and I hope you guys enjoy!

more...
Wallaby's: Nightmare (v1.0.2)
22 Dec 2016
 by 
Waldo
ellipsis
This website uses 'cookies' to give you the best, most relevant experience. Using this website means you're happy with this. You can find out more about the cookies used by clicking this link (or by clicking the 'Privacy Policy' link at the top of any page).