Presentation is loading. Please wait.

Presentation is loading. Please wait.

CTF Rules WiFi SSID: HackInTheRack

Published byBasil Shelton Modified over 6 years ago

Similar presentations

Presentation on theme: "CTF Rules WiFi SSID: HackInTheRack"— Presentation transcript:

1 CTF Rules WiFi SSID: HackInTheRack
Your USB key contains a bootable BackTrack 5r3 distribution. There is no Internet access through the HackInTheRack SSID. Do not scan or connect to IP addresses other than the listed victim addresses. There are two identically configured Windows victim machines to hack. There are two identically configured Linux victim machines to hack. There are probably multiple ways to solve each challenge. Hacking can make the victim machines unstable. If this happens, they may be rebooted or rolled back to a previous snapshot.

2 IPs and Flags Windows flags Linux flags Identify the Windows version
Victim OS Victim IP #1 Victim IP #2 Windows Linux Windows flags Linux flags Identify the Windows version Identify the service pack level Identify the workgroup\domain Gain administrator\system access Retrieve password hashes for local accounts Identify the kernel version Identify the SSH version Identify the web server and version Identify the Samba version Gain root access Retrieve the contents of /etc/passwd

3

4 Vulnerable Distributions and Projects
URL Kioptrix Hacking-Lab pwnOS pwnos.com Metasploitable DVL (Damn Vulnerable Linux) De-ICE.net Hackerdemia sourceforge.net/projects/virtualhacking OWASP WebGoat Project OWASP Broken Web Applications Project NOWASP (Mutillidae) sourceforge.net/projects/mutillidae Samurai Web Testing Framework samurai.inguardians.com Tweeter jmchilton.net/sqlinject/create.php Google Gruyere google-gruyere.appspot.com Huge List of Deliberately Vulnerable Applications

Download ppt "CTF Rules WiFi SSID: HackInTheRack"

Similar presentations

What to expect.  Linux  Windows Server (2008 or 2012)

What to expect.  Linux  Windows Server (2008 or 2012)
Offensive Security Part 1 Basics of Penetration Testing

Offensive Security Part 1 Basics of Penetration Testing
Network Performance Toolkit (NPToolkit) A Knoppix Live-CD Rich Carlson Tools Tutorial 12/4/06.

Network Performance Toolkit (NPToolkit) A Knoppix Live-CD Rich Carlson Tools Tutorial 12/4/06.
Remote Accessing Your Home Computer Using VNC and a Dynamic DNS Name.

Remote Accessing Your Home Computer Using VNC and a Dynamic DNS Name.
NOWASP Mutillidae 2.3.x An open-source web pen-testing environment for security training, practice, instruction, and you Jeremy Druin Information Security.

NOWASP Mutillidae 2.3.x An open-source web pen-testing environment for security training, practice, instruction, and you Jeremy Druin Information Security.
N ETWORKED & D ISTRIBUTED COMPUTING S YSTEMS L AB Programming Assignments EE323 Computer Networks.

N ETWORKED & D ISTRIBUTED COMPUTING S YSTEMS L AB Programming Assignments EE323 Computer Networks.
MIS 5212.001 Week 5 Site:

MIS Week 5 Site:
bWAPP – Bee Bug – Installation

bWAPP – Bee Bug – Installation
I-Hack’08 International Hacking Competition “Details”

I-Hack’08 International Hacking Competition “Details”
CANVAS REPORT/rvispute 16/4/2016 CANVAS Report for CTF Event at USAFA on 4/25/2007 Subject :Penetration Tools for Front Range Pen Test Exercise By Rajshri.

CANVAS REPORT/rvispute 16/4/2016 CANVAS Report for CTF Event at USAFA on 4/25/2007 Subject :Penetration Tools for Front Range Pen Test Exercise By Rajshri.
Topics Network topology Virtual LAN Port scanners and utilities Packet sniffers Weak protocols Practical exercise.

Topics Network topology Virtual LAN Port scanners and utilities Packet sniffers Weak protocols Practical exercise.
Linux Exercise. Download and Install the latest CentOS version and latest Ubuntu/Fedora OS. Configure a unique Host Name and a permanent IP Address for.

Linux Exercise. Download and Install the latest CentOS version and latest Ubuntu/Fedora OS. Configure a unique Host Name and a permanent IP Address for.
Mark Shtern.  Secure your infrastructure using IDS, application firewalls, or honeypots  Plant your flag on opponent’s machine  Prevent intruders from.

Mark Shtern.  Secure your infrastructure using IDS, application firewalls, or honeypots  Plant your flag on opponent’s machine  Prevent intruders from.
General rules 1. Rule: 2. Rule: 3. Rule: 10. Rule: Ask questions ……………………. 11. Rule: I do not know your skill. If I tell you things you know, please stop.

General rules 1. Rule: 2. Rule: 3. Rule: 10. Rule: Ask questions ……………………. 11. Rule: I do not know your skill. If I tell you things you know, please stop.
Copyright © 2004 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
Retina Network Security Scanner

Retina Network Security Scanner
Remote Access Usages. Remote Desktop Remote desktop technology makes it possible to view another computer's desktop on your computer. This means you can.

Remote Access Usages. Remote Desktop Remote desktop technology makes it possible to view another computer's desktop on your computer. This means you can.
Students will: Learn about the complexity of sending messages over the Internet Translate URLs into IP Addresses Practice creative problem solving.

Students will: Learn about the complexity of sending messages over the Internet Translate URLs into IP Addresses Practice creative problem solving.
JMU GenCyber Boot Camp Summer, 2015. “Canned” Exploits For many known vulnerabilities attackers do not have to write their own exploit code Many repositories.

JMU GenCyber Boot Camp Summer, “Canned” Exploits For many known vulnerabilities attackers do not have to write their own exploit code Many repositories.
1. ---------------------- Integrity Check ---------------------- As You Well Know, It Is A Violation Of Academic Integrity To Fake The Results On Any.

Integrity Check As You Well Know, It Is A Violation Of Academic Integrity To Fake The Results On Any.

Similar presentations

Ads by Google