Virtual Machines
single series all timeline

Search Result: network (146 results)

About Release

Name........: SickOs1.1
Date Release: 11 Dec 2015
Author......: D4rk
Series......: SickOs
Objective...: Get /root/a0216ea4d51874464078c618298b1367.txt
Tester(s)...: h1tch1
Twitter.....: https://twitter.com/D4rk36

Description:

This CTF gives a clear analogy how hacking strategies can be performed on a network to compromise it in a safe environment. This vm is very similar to labs I faced in OSCP. The objective being to compromise the network/machine and gain Administrative/root privileges on them.

File Information:

FileName: sick0s1.1.7z
File Size: 652.52 MB
MD5: 396e46897c54da6ded6604b861c806b7
SHA1: 3578a10ba92f860c2f0d8934ec5a9bbffc4c7859

Virtual Machine:

Format: 7z
Operating System: Ubuntu
Tested: VMware Workstation 11.0.0 build-2305329

Networking:

DHCP service: Enabled
IP address: Automatically assign

Flag(s):

Yes
more...
SickOs: 1.1
11 Dec 2015
 by 
D4rk
ellipsis

About Release

Name........: SickOs1.2
Date Release: 26 Apr 2016
Author......: D4rk
Series......: SickOs
Objective...: Get /root/7d03aaa2bf93d80040f3f22ec6ad9d5a.txt
Tester(s)...: h1tch1, Eagle11
Twitter.....: https://twitter.com/D4rk36

Description:-

This is second in following series from SickOs and is independent of the prior releases, scope of challenge is to gain highest privileges on the system.

File Information:-

Filename: Sick0s1.2.zip
File size: 696.2 MB
MD5: b013ba76f50c15890554632a40b697bd
SHA1: 9f45f7c060e15dc6bb93c1cf39efdd75125e30a0

Virtual Machine

Format: OVF
Operating System: Ubuntu
Tested on: VMWare workstation Pro 12.1.0 build-3272444

Networking

DHCP service: Enabled
IP address: Automatically assign

Flag(s):

Yes
more...
SickOs: 1.2
27 Apr 2016
 by 
D4rk
ellipsis

Welcome to 1989!

And welcome to Germany!

This VM is inspired by a book! There should be plenty of hints which one it is, if you havent read it.

This is a simple VM, so dont fear any advanced exploitation, reverse engineering or other advanced techniques!

Just a solid and simple advanced persistent threat (admins) ;)

So the level is clearly: beginner (as intended).

For some it may teach a solid (old) new Privesc technique that together with the above mentioned book inspired me to this VM.

I made the effort to throw some very basic story/polish into it.

Also if everythin runs smoothly the VM should show its IP adress in the Login screen on the console!

-No, I dont consider finding the VM in your own network a real challenge ;)-

If you should encounter any problems or want to drop me a line use #milet and @teh_warriar on twitter or chat me up in #vulnhub!

Hope you enjoy this VM!

Gonna enjoy reading some writeups and hope you might find other ways then the intended ones!

Best Regards

Warrior

more...
Milnet: 1
1 Jun 2016
 by 
Warrior
ellipsis 

+---------------------------------------------------------+
|                                                         |
|                                  __..--''\              |
|                          __..--''         \             |
|                  __..--''          __..--''             |
|          __..--''          __..--''       |             |
|          \ o        __..--''____....----""              |
|           \__..--''\                                    |
|           |         \                                   |
|          +----------------------------------+           |
|          +----------------------------------+           |
|                                                         |
+- - - - - - - - - - - - - -|- - - - - - - - - - - - - - -+
|   Name: Stapler           |          IP: DHCP           |
|   Date: 2016-June-08      |        Goal: Get Root!      |
| Author: g0tmi1k           | Difficultly: ??? ;)         |
+- - - - - - - - - - - - - -|- - - - - - - - - - - - - - -+
|                                                         |
| + Average beginner/intermediate VM, only a few twists   |
|   + May find it easy/hard (depends on YOUR background)  |
|   + ...also which way you attack the box                |
|                                                         |
| + It SHOULD work on both VMware and Virtualbox          |
|   + REBOOT the VM if you CHANGE network modes           |
|   + Fusion users, you'll need to retry when importing   |
|                                                         |
| + There are multiple methods to-do this machine         |
|   + At least two (2) paths to get a limited shell       |
|   + At least three (3) ways to get a root access        |
|                                                         |
| + Made for BsidesLondon 2016                            |
|   + Slides: https://download.vulnhub.com/media/stapler/ |
|                                                         |
| + Thanks g0tmi1k, nullmode, rasta_mouse & superkojiman  |
|   + ...and shout-outs to the VulnHub-CTF Team =)        |
|                                                         |
+- - - - - - - - - - - - - - - - - - - - - - - - - - - - -+
|                                                         |
|       --[[~~Enjoy. Have fun. Happy Hacking.~~]]--       |
|                                                         |
+---------------------------------------------------------+
more...
Stapler: 1
8 Jun 2016
 by 
g0tmi1k
ellipsis

Title: The Necromancer

File: necromancer.ova

md5sum: 6c4cbb7776acac8c3fba27a0c4c8c98f

sha1sum: 712d4cfc19199dea92792e64a43ae7ac59b1dd05

Size: 345MB

Hypervisor: Created with VirtualBox 5.0.20. Tested with virtualbox and vmware player.

Author: @xerubus

Test Bunnies: @dooktwit and @RobertWinkel

Difficulty: Beginner

Description

The Necromancer boot2root box was created for a recent SecTalks Brisbane CTF competition.

There are 11 flags to collect on your way to solving the challenging, and the difficulty level is considered as beginner.

The end goal is simple... destroy The Necromancer!

Notes

  • DHCP (Automatically assigned)
  • IMPORTANT: The vm IS working as intended if you receive a successful DHCP lease as seen in the boot up sequence.
  • The Necromancer VM MUST be on the same subnet as the attacking machine. Ideally both the boot2root VM and the attacking machine should be on the same HostOnly network. If you choose to use a physical box as the attacking machine, the boot2root VM must exist on the same network via a bridged interface.
more...
The Necromancer: 1
6 Jul 2016
 by 
Xerubus
ellipsis

Description

Wellcome to "PwnLab: init", my first Boot2Root virtual machine. Meant to be easy, I hope you enjoy it and maybe learn something. The purpose of this CTF is to get root and read de flag.

Can contact me at: [email protected] or on Twitter: @Chronicoder

  • Difficulty: Low
  • Flag: /root/flag.txt

File Information

  • Filename: pwnlab_init.ova
  • File size: 784 MB
  • MD5: CE8AB26DE76E5883E67D6DE04C0F6E43
  • SHA1: 575F19216A3FA3E377EFE69D5BF715913F294A3B

Virtual Machine

  • Format: Virtual Machine (Virtualbox - OVA)
  • Operating System: Debian

Networking

  • DHCP service: Enabled
  • IP address: Automatically assign
more...
PwnLab: init
1 Aug 2016
 by 
Claor
ellipsis

IMPORTANT NOTE: do not use host-only mode, as issues have been discovered. Set the Billy Madison VM to "auto-detect" to get a regular DHCP address off your network.

Plot: Help Billy Madison stop Eric from taking over Madison Hotels!

Sneaky Eric Gordon has installed malware on Billy's computer right before the two of them are set to face off in an academic decathlon. Unless Billy can regain control of his machine and decrypt his 12th grade final project, he will not graduate from high school. Plus, it means Eric wins, and he takes over as head of Madison Hotels!

Objective: The primary objective of the VM is to figure out how Eric took over the machine and then undo his changes so you can recover Billy's 12th grade final project. You will probably need to root the box to complete this objective.

Download:

  • BillyMadison1dot0.zip - https://dl.dropboxusercontent.com/u/5473387/BillyMadison1dot0.zip
  • MD5 = afcb926608d6d7b2471e4de6c367afb4
  • SHA1 = 4933ca408fcb2e88e6388fe4ea321f758b133d72

Other Information:

  • Size: 1.68GB
  • Hypervisor: Created with VMWare ESXi 6.0.0
  • Difficulty: Beginner/Moderate

Special Thanks To:

  • @rand0mbytez and @mrb3n813 for their tenacious help in beta testing, ironing out the bugs, suggesting better ways to do things, battling trolls and just generally being awesome.
  • @g0tmi1k, @_RastaMouse and the VulnHub crew for hosting VMs, encouraging VM creators/testers and being a tremendous resource to the infosec community.
  • @ReverseBrain for helping and testing with Vbox
  • My wife. She rules.
more...
Billy Madison: 1.1
14 Sep 2016
 by 
Brian Johnson
ellipsis

NETinVM

A tool for teaching and learning about systems, networks and security

Authors: Carlos Perez & David Perez Date: 2016-11-03

Introduction

NETinVM is a VMware virtual machine image that provides the user with a complete computer network. For this reason, NETinVM can be used for learning about operating systems, computer networks and system and network security.

In addition, since NETinVM is a VMware image, it can be used for demonstrations (i.e. in classrooms) that can be reproduced by students either in a laboratory or on their own laptop and thus, at home, at the library... For these reasons we present NETinVM as an educational tool.

Description of NETinVM

NETinVM is a VMware virtual machine image that contains, ready to run, a series of User-mode Linux (UML) virtual machines. When started, the UML virtual machines create a whole computer network; hence the name NETinVM, an acronym for NETwork in Virtual Machine. This virtual network has been called 'example.net' and has fully qualified domain names defined for the systems: 'base.example.net', 'fw.example.net', etc.

All of the virtual machines use the Linux operating system. The VMware virtual machine is called 'base' and it runs openSUSE 13.2. User-mode Linux machines use Debian 6.0 and they have different names depending on their network location, because they are grouped into three different subnets: corporate, perimeter and external. The subnetworks are named 'int' (for internal network), 'dmz' (for DMZ or demilitarized zone, usually used as a synonym for perimeter network) and 'ext' (for external network).

One of the UML machines, 'fw', interconnects the three networks ('int, 'dmz' and 'ext'), allowing for communication and packet filtering. The rest of the UML machines have only one network interface, connected to the network they are named after:

int<X> + UMLs connected to the internal network. can take values from 'a' to 'f', both inclusive. These machines only offer SSH service by default.

dmz<X> + UMLs connected to the perimeter network (DMZ). They are supposed to be bastion nodes. Two preconfigured bastion nodes are provided, each one with its appropriate alias: + 'dmza' is aliased as 'www.example.net' and it offers HTTP and HTTPS services. + 'dmzb' is aliased as 'ftp.example.net' and it offers FTP.

ext<X> + UMLs connected to the external network (ie: Internet). Because a picture paints a thousand words, or so they say, the following figure shows NETinVM with all of the virtual machines running inside.

General view of NETinVM in VMware. The document example-net.pdf offers a detailed view.

All of the elements referenced before are shown in the image with their IP and ethernet addresses. The following rules have been used for assigning addresses:

  • IP addresses are of the form 10.5.., where is either 0 ('ext'), 1 ('dmz') or 2 ('int'), and is either 10 for 'exta', 'dmza' or 'inta', 11 for 'b' and so on up to 15 for 'f'.
  • Network masks are 24 bits (255.255.255.0).
  • Ethernet addresses are CA:FE:00:00:0:0, where is either 0, 1 or 2 (following the same domain rule as IP addressing) and is either a, b, c, d, e or f.
  • The interfaces of 'fw' use 254 for IP and FE for ethernet.
  • The interfaces of 'base' use 1 for IP and 01 for ethernet.

In addition to the computers and networks already described, the figure also shows the real computer where NETinVM runs ('REAL COMPUTER') and VMware Player's typical network interface ('vmnet8'), which optionally interconnects NETinVM's networks with the external word.

When they boot, all UML virtual machines get their network configuration from 'base', which provides DHCP and DNS services to the three NETinVM networks through its interfaces 'tap0', 'tap1' and 'tap2'.

Routing works as follows:

  • The default gateway for the internal and perimeter networks (machines 'int' and 'dmz') is 'fw' (more specifically, the IP address of 'fw' in the corresponding internal or perimeter subnet).
  • The default gateway for 'fw' is 'base' (its external network address). 'base' (its external network address) is also the default gateway for machines in the external network ('ext'), but they are configured to use 'fw' (external network address) as the gateway for accessing machines in the perimeter and internal networks.
  • 'fw' applies NAT (SNAT, Masquerading) to all network traffic coming into it from the internal and perimeter networks and going out through its interface in the external network. So, these packets get to the external network with a source IP address of 10.5.0.254 (fw's IP address in the external network)
  • Thus, IP traffic exchanged among the three networks goes through 'fw', while traffic going out from NETinVM to the external world goes through 'fw' if (and only if) it comes from the internal or perimeter networks. All traffic going to the real world (outside NETinVM) exits through 'base' which, as 'fw' does, applies IP forwarding and NAT to this outgoing traffic.

Communication between 'base' and any UML machine, in both directions, is direct, without going through 'fw'. (When the communication is started from a UML machine, the IP address of the interface of 'base' in the corresponding network must be used.) This configuration permits access from 'base' to all UML machines using SSH independently of the packet filtering configuration at 'fw'.

As an additional consideration, please note that the SNAT configuration in 'fw' described above is necessary for responses to outgoing connections to the Internet originating from the internal or perimeter networks to come back through 'fw'. Otherwise they would be routed directly from 'base' to the UML machine through 'tap1' or 'tap2' without traversing 'fw'.

more...
NETinVM: November 3, 2016
3 Nov 2016
 by 
Carlos Perez & David Perez
ellipsis

SkyDog Con CTF 2016 - Catch Me If You Can

Difficulty: Beginner/Intermediate

Instructions: The CTF is a virtual machine and works best in Virtual Box. Download the OVA file open up Virtual Box and then select File –> Import Appliance. Choose the OVA file from where you downloaded it. After importing the OVA file above make sure that USB 2.0 is disabled before booting up the VM. The networking is setup for a Host-Only Adapter by default but you can change this before booting up depending on your networking setup. The Virtual Machine Server is configured for DHCP. If you have any questions please send me a message on Twitter @jamesbower and I’ll be happy to help.

Flags

The eight flags are in the form of flag{MD5 Hash} such as flag{1a79a4d60de6718e8e5b326e338ae533

Flag #1 Don’t go Home Frank! There’s a Hex on Your House.

Flag #2 Obscurity or Security?

Flag #3 Be Careful Agent, Frank Has Been Known to Intercept Traffic Our Traffic.

Flag #4 A Good Agent is Hard to Find.

Flag #5 The Devil is in the Details - Or is it Dialogue? Either Way, if it’s Simple, Guessable, or Personal it Goes Against Best Practices

Flag #6 Where in the World is Frank?

Flag #7 Frank Was Caught on Camera Cashing Checks and Yelling - I’m The Fastest Man Alive!

Flag #8 Franks Lost His Mind or Maybe it’s His Memory. He’s Locked Himself Inside the Building. Find the Code to Unlock the Door Before He Gets Himself Killed!

more...
SkyDog: 2016 - Catch Me If You Can
9 Nov 2016
 by 
James Bower
ellipsis

This was used in HackDay Albania's 2016 CTF.

The level is beginner to intermediate .

It uses DHCP.

more...
HackDay: Albania
18 Nov 2016
 by 
R-73eN
ellipsis

Difficulty: Beginner/Intermediate

Instructions: The CTF is a virtual machine and has been tested in Virtual Box. It has all required drivers if you want it to run on VMware or KVM (virtio). The network interface of the virtual machine will take it`s IP settings from DHCP.

Flags: There are 7 flags that should be discovered in form of: Country_name Flag: [md5 hash]. In CTF platform of the CTF-USV competition there was a hint available for each flag, but accessing it would imply a penalty. If you need any of those hints to solve the challenge, send me a message on Twitter @gusu_oana and I will be glad to help.

About: CTF-USV 2016 was the first International Students Contest in Information Security organized in Romania by Suceava University. Security challenges creation, evaluation of results and building of CTF environment was provided by Safetech Tech Team: Oana Stoian (@gusu_oana), Teodor Lupan (@theologu) and Ionut Georgescu (@ionutge1)

SHA1: f401e4e9084f937a674356dd4fa2144e10b8471a

more...
USV: 2016 (v1.0.1)
9 Dec 2016
 by 
Suceava University
ellipsis

This is my first boot2root machine. It's begginer-intermediate level.

It's been tested in VBox and VMware and seems to work without issues in both.

A tip, anything can be a vector, really think things through here based on how the machine works. Make a wrong move though and some stuff gets moved around and makes the machine more difficult!

This is part one in a two part series. I was inspired by several vms I found on vulnhub and added a bit of a twist to the machine.

Good luck and I hope you guys enjoy!

This is my first CTF/Vulnerable VM ever. I created it both for educational purposes and so people can have a little fun testing their skills in a legal, pentest lab environment.

Some notes before you download!

  • Try to use a Host-Only Adapter. This is an intentionally vulnerable machine and leaving it open on your network can have bad results.
  • It should work with Vmware flawlessly. I've tested it with vbox and had one other friend test it on Vbox as well so I think it should work just fine on anything else.

This is a Boot2Root machine. The goal is for you to attempt to attempt to gain root privileges in the VM. Do not try to get the root flag through a recovery iso etc, this is essentially cheating! The idea is to get through by pretending this machine is being attacked over a network with no physical access.

I themed this machine to make it feel a bit more realistic. You are breaking into a fictional characters server (named Wallaby) and trying to gain root without him noticing, or else the difficulty level will increase if you make the wrong move! Good luck and I hope you guys enjoy!

more...
Wallaby's: Nightmare (v1.0.2)
22 Dec 2016
 by 
Waldo
ellipsis
This website uses 'cookies' to give you the best, most relevant experience. Using this website means you're happy with this. You can find out more about the cookies used by clicking this link (or by clicking the 'Privacy Policy' link at the top of any page).