Privilege Escalation

*********** [ADIGA]
10 years ago

0

How about you open a box on vmware or what ever, have a buggy linux distro in it, give shell access for a reguler user, have a file with a pass that can only be read by root with the password in it, the aim is to exploit the box it self to read the file and pass the level, the image in the vmware can be reset every 3 hours, and the pass of the level can change with each reset :)

14replies
6voices
290views
Alien [StRe1cHeR]
10 years ago

0

Good idea , feasible

daMage
10 years ago

0

As a level, this might be interesting! But if I had to run it on my server, I wouldn’t do it because such a vulnerability could be easily exploited automatically, thus leaving the box open for real exploitation… I bet that it would soon fall into spammers hands or it would be used to spread malware… :(

*********** [ADIGA]
10 years ago

0

how about an application to be downloaded that would simulate that, the catch would be different pass for each user, maybe if the app authenticates with the user/pass of the website it can be done, also the app needs to be cross platform (windows - linux), so as app in C or C++ could do it :)

0xDC
10 years ago

0

@daMage: Unless the VM is re-installed / restored every night. That’s how other sites that do offer this kind of hackme’s…..

Pete Maynard [Osaka]
10 years ago | edited 10 years ago

0

@ADIGA yes, I’ve been wanting to set something like this up for a long time, after playing around with the De-ICE Pentest images.

What would be nice is to have our own HT VPN, which would be running VMs of various types, and difficulty level. To help reduce spam and noise, we can grant access to users who have completed all levels or show a genuine interest.

The downside of this is that we would require a dedicated box with a good pipe.

*********** [ADIGA]
10 years ago

0

hmmm….
this could be ran on a vps (around 4-5 $ a month).
100mb connection, full root access … bla bla bla.
another thing that can be added for such a mission is for the one who roots the box fixes his way in and try to hold the box for as long as possible (a max of 1 week will give full points) or something like that.
users can be auto added to the server from the site database when they finish a % of the levels or what ever.

now this is just an idea… so do not ask me how to make it possible … :P

0xDC
10 years ago

0

I like your idea a lot ADIGA! :)

Pete Maynard [Osaka]
10 years ago

0

I think it would be better to have a dedicated box, as we would have more control over how to reset the VMs and, will be able to monitor it from above. Where as if we only had a VPS we would not be able to have so much control over the system.

I do like the idea of a capture the flag style game. We could setup a VM with a load of services running, all vulnerable and leave them to fight it out.

The added advantage of having the VMs inside a VPN is that we can disallow/manage communication out onto the web, which, in theory, should reduce the amount of potential spam.

*********** [ADIGA]
10 years ago

0

hmmm…. was looking for this post a while ago but i lost it.

any way, regarding “amount of potential spam” …
a hardware firewall can be added that only allows for connections on ports 22,80 to pass through, that way any other service can be stopped from going outside the firewall.

i also assume that after finishing the box setup, an image can be taken of it, incase of it being rooted and the one who rooted it desides to do an “rm -rf /” as root.

loltac
10 years ago

0

Osaka, talking about the capture the flag, you could turn it into a weekly/monthly event to encourage more dialogue between users and for them to help each other. Even offer a point prize for winning? Just a newbies perspective :)

*********** [ADIGA]
10 years ago

0

i do not think this is feasable, too much effort needs to be put in a thing like this, maybe twice a year if some more members worked on it together.
other than that, its really hard.

maybe random challenge that are available for 3 days - 1 week, once a month can be done.

and if so i would recommend programming related challenges.

Pete Maynard [Osaka]
10 years ago

0

@Adiga, yeah we’d be able to re-image them at will. They would all be running on a virtual network, and all traffic will be routed though a gateway, which we’ll be able to monitor.

@loltac, yep a weekly/monthly event would be nice, as it gives people something to look forward to, and time after to discuss. I imagine there will be points and medals for winners :)

Pete Maynard [Osaka]
10 years ago

0

@ADIGA Sorry just missed your post. I think it would be nice to have the service running 24/7, or as near as.

I mean once the initial virtual machines are setup, there should be no reason why they can’t be maintained indefinitely, as they’d get reset every hour or so to prevent any persistent thread.

*********** [ADIGA]
10 years ago

0

a reset every hour?! is not that too much, besides, if we can keep them up for 1 week, it would be some sort of capture and hold … not only to break in, but also try to fix and secure …. more fun and learning for all.

You must be logged in to reply to this discussion. Login
1 of 15

This site only uses cookies that are essential for the functionality of this website. Cookies are not used for tracking or marketing purposes.

By using our site, you acknowledge that you have read and understand our Privacy Policy, and Terms of Service.

Dismiss