Back

Exploit-Exercises: Nebula (v5)

About Release

Back to the Top

Download

Back to the Top
Please remember that VulnHub is a free community resource so we are unable to check the machines that are provided to us. Before you download, please read our FAQs sections dealing with the dangers of running unknown VMs and our suggestions for “protecting yourself and your network. If you understand the risks, please download!

Description

Back to the Top

About

Nebula takes the participant through a variety of common (and less than common) weaknesses and vulnerabilities in Linux. It takes a look at + SUID files + Permissions + Race conditions + Shell meta-variables + $PATH weaknesses + Scripting language weaknesses + Binary compilation failures At the end of Nebula, the user will have a reasonably thorough understanding of local attacks against Linux systems, and a cursory look at some of the remote attacks that are possible.

Levels

Have a look at the levels available on the side bar, and log into the virtual machine as the username "levelXX" with a password of "levelXX" (without quotes), where XX is the level number.

Some levels can be done purely remotely.

Getting root

In case you need root access to change stuff (such as key mappings, etc), you can do the following:

Log in as the "nebula" user account with the password "nebula" (both without quotes), followed by "sudo -s" with the password "nebula". You'll then have root privileges in order to change whatever needs to be changed.

Source: http://exploit-exercises.com/nebula

From v4 to v5 - Moved from OVA to bootable CD format. Reduces issues with importing OVA files.

File Information

Back to the Top

Virtual Machine

Back to the Top

Networking

Back to the Top

Screenshots

Back to the Top

Walkthrough

Back to the Top