webdevil Posted August 1, 2009 Share Posted August 1, 2009 Test out your skills VirtualBox Image 7426ecca6beaa1c0310ee00fc1086cc5 http://krash.in/wD-Wargame-new.rar This includes some common sense, brute forcing, sql injections, writing exploits etc. Basically you start of with a web page and go about being the owner ;) . Should be good for people at all levels and it based on some live environments that I found, good for experience. Quote Link to comment Share on other sites More sharing options...
digininja Posted August 1, 2009 Share Posted August 1, 2009 I am in no way implying you would do this but looking at this I've just had a thought, does anyone check these kinds of images for nastyness before starting them up? How easy would it be to create some custom malware and install it in a VM then offer it up as a nice give away. A VM trojan, I see a blog post coming on here! Sorry to have hijacked your thread, and again, not implying you've done this but asking, do people check? Quote Link to comment Share on other sites More sharing options...
webdevil Posted August 2, 2009 Author Share Posted August 2, 2009 You would need to find a vulnerability in the VirtualBox server that handles the images to exploit it. And if you are referring to VM Trojans, they are alot different. They are supposed to build their own Environment, so that AV's fail in scanning it. No offense taken ;) Oh, and if you are referring to the image itself as trojan then it wouldn't make a difference as it is powered on for a while until you complete the game. Quote Link to comment Share on other sites More sharing options...
digininja Posted August 2, 2009 Share Posted August 2, 2009 I was thinking about installing nasty software on the OS of the VM so when you started it up it, for example created a reverse shell home. If the guest was set up so it had full network access then you'd have just opened a hole in your network. Or just have it automatically attack the host through the network (i.e. not jail break) and if it compromises that then pivot and attack other machines or then open the shell. As you control the guest OS you could easily rootkit it so any AV installed after it is loaded into the VM player wouldn't find anything and the attacks would be hidden from standard tools. As an extreme example I'm thinking it is similar to allowing an attacker to send you their laptop and ask you to plug it into your network. You could segment it off but who does as they need to give it at least access from their test attack machine and you can bet that that is on the net so the user can do online research while doing the testing. Quote Link to comment Share on other sites More sharing options...
webdevil Posted August 2, 2009 Author Share Posted August 2, 2009 yeah, you have a point there. lol. I would term it Social Engineering at its best! Make 'em download 500MB of a rootkit. Quote Link to comment Share on other sites More sharing options...
digininja Posted August 3, 2009 Share Posted August 3, 2009 I bet that could be easily done by someone with a good enough reputation or who was a good salesman. "I've invented a great new hacking distro full of really cool tools, just download this VM" Could also work with a live CD, who unplugs their hdd when using an untrusted live cd? Quote Link to comment Share on other sites More sharing options...
ArkNinja Posted August 3, 2009 Share Posted August 3, 2009 Live CDs would work really well because no AV to deal with, and you would get full privileges. Quote Link to comment Share on other sites More sharing options...
digininja Posted August 4, 2009 Share Posted August 4, 2009 I've just written a blog post on this - Blindly Installing VMs and Using Live CDs Quote Link to comment Share on other sites More sharing options...
Netshroud Posted August 4, 2009 Share Posted August 4, 2009 Cant you just mount the VHD in windows and scan it first? Quote Link to comment Share on other sites More sharing options...
digininja Posted August 4, 2009 Share Posted August 4, 2009 What if it is a linux guest machine? What if the attacker writes custom attack scripts? It would be really easy for me to write a shell/batch script to scan networks and call home and as it was custom written then no AV scanner would find it. Throw on top of that a little customised rootkit technology so that even when you'd booted the machine you couldn't see the bad things running. This negates scanning with AV/spyware tools useless either with the disk mounted, installing the tools on the running machine or scanning from an external machine once the VM is started. Quote Link to comment Share on other sites More sharing options...
webdevil Posted August 4, 2009 Author Share Posted August 4, 2009 Cant you just mount the VHD in windows and scan it first? You must understand, that in a wargame you must get access to the machine. It's not that you have the username/password to login and scan. In another scenario, it could also come to a stage where unkowingly the created VM gets infected by a worm while it was being created. So, basically you have a VM on your network which propogates it... ;) Quote Link to comment Share on other sites More sharing options...
digininja Posted August 4, 2009 Share Posted August 4, 2009 I almost wish I hadn't thought about this because I'd never been paranoid about this kind of thing before but now I've got a little niggle that will probably never go away. Along a similar line to this, a friend of mine at college wrote a firmware for a Archimedes hard drive controller card and accidentally infected that with a virus. The firmware was used by a pretty major hardware supplier and Everyone who used the card got automatically infected. It was before user flashable firmware became popular so the only way to fix it was to remove the chip and put in a new one. He wasn't popular for a while! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.