I’ve recently had some problems with Octopress breaking on my old Kali 1.0 box. And since the Kali 1.0 reached its end of life, figured this might be a good time to jump ship and install the 2.0 version, and set up a fresh Octopress there. So in this post I will quickly overview the steps needed to clone an already existing Octopress blog on a new machine and resume blogging from there.

The next step in difficulty for the OverTheWire wargames is Leviathan. From the description:

This wargame doesn’t require any knowledge about programming – just a bit of common sense and some knowledge about basic *nix commands.

Leviathan’s levels are called leviathan0, leviathan1, … etc. and can be accessed on leviathan.labs.overthewire.org through SSH.

To login to the first level use:

Username: leviathan0

Password: leviathan0

Data for the levels can be found in the homedirectories.

I’ve completed this and some other wargames before starting a blog, but I thought I should revisit them and do a proper walkthrough, and that would also help me organize my notes beyond one-liners that I no longer know what they were for :D So, going to start with Bandit, which is the most basic and beginner friendly of the OverTheWire wargames. You can look at each level’s page for a list of commands that you may need to solve it and some additional reading material that might help in better understanding what’s going on. I will also give man pages descriptions for the commands I’ll use to complete the levels.

It’s been a while since I’ve last polished my web hacking skills, and I recently found out about these CTF challenges. Too late for the bounty though..

You can access the labs at http://ctf.infosecinstitute.com/index.php

BeEF XSS Framework

beef

BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser.

Amid growing concerns about web-borne attacks against clients, including mobile clients, BeEF allows the professional penetration tester to assess the actual security posture of a target environment by using client-side attack vectors. Unlike other security frameworks, BeEF looks past the hardened network perimeter and client system, and examines exploitability within the context of the one open door: the web browser. BeEF will hook one or more web browsers and use them as beachheads for launching directed command modules and further attacks against the system from within the browser context.

I selected the Relativity VM from Vulnhub as my next home lab target. The objective is to read /root/flag.txt. Let’s get started!

802.11 Wireless Tools

aircrack-ng

aircrack-ng is an 802.11 WEP and WPA/WPA2-PSK key cracking program. It can recover the WEP key once enough encrypted packets have been captured with airodump-ng. This part of the aircrack-ng suite determines the WEP key using two fundamental methods. The first method is via the PTW approach (Pyshkin, Tews, Weinmann). The main advantage of the PTW approach is that very few data packets are required to crack the WEP key. The second method is the FMS/KoreK method. The FMS/KoreK method incorporates various statistical attacks to discover the WEP key and uses these in combination with brute forcing.

Tools for password related attacks

The next challenge I’m going for from the myriad of options on VulnHub will be Flick, by Leonjza!

Welcome to the flick boot2root!

• Where is the flag?
• What do you need to flick to find it?

Completing “flick” will require some sound thinking, good enumeration skills & time! The objective is to find and read the flag that lives /root/

As a bonus, can you get root command execution?

SecOS is a web based VM created by PaulSec. Here is the briefing:

Not too tired after BSides London? Still want to solve challenges? Here is the VM I told about during my talk where you’ll have to practice some of your skills to retrieve the precious flag located here: /root/flag.txt. This VM is an entry-level boot2root and is web based.