Hacker Challenge For Newbs

[cgront]

So I am trying to get ideas on what to do for a hacker challenge I want to have at my University. I have already figured out that I have to run this on a private network, off of my core2quad. And the event is going to be at a LAN party at my University.

I have 2 problems at this point:

1> I don't know what to have the challenge be. Should I have it be like capture the flag with a couple virtual servers running or should I have each person have a virtual machine and some form of a file(flag) on each desktop like the Hak5 hacker challenge?

2>here the bigger issue. The University I am at does not teach a lot of exploitation to students. The students at my University don't have more then a basic knowledge of hacking if even that, we have a lot of students that understand a lot about computers and programming and networks and operating systems, but not everything put together and used for hacking. My plan was to have an information session on metasploit/armitage before the event that way people knew how to use it and at least tried. another thought that i was given by people was to either have teams depending on how many people wanted to do it.

I need some input on this, I am going to be trying to figure out a setup for the cor2quad this weekend and see how much it can even handle and go from there, any input would be greatly appreciated.

[Infiltrator]

1. Set up a couple of virtual machines, make sure they are isolated from the main university network, you don't want trouble. Preferably use your own switch for connecting everything up together.

2. Once you have the VMs running install Windows XP, place some dummy files and then challenge who can break into that box and read whats on the file.

3. As you stated would be good, to share an information session on metasploit and then let them have some practice before the challenge.

4. Later if you want to increase the challenge level, you could set up some wireless access points and let them try to break into them, also make sure they are not interfering with the universities wireless system, if there are any. Use Kismet to find an appropriate channel to use and choose a unique SSID.

[digininja]

Go for an intellectual challenge rather than just exploitation. Something like this is a good challenge:

Bunch of machines

1 has a web site with employee profiles

1 has an ftp server with anonymous access, that contains a file which reveals that there is a web server on a non-standard port

On the hidden web site have a login system, make a username and password on that based on the profiles viewed on the other web site, maybe have a kids name as a password so they have to think a bit.

That gets them logged in and reveals other info, maybe a WPA key which gets them on to another network/machine.....

You can dream up the rest but the idea is to have them think their way through the system rather than just run Metasploit against standard known vulns.

[Infiltrator]

How about a bit of social engineering, hacking a system sometimes can be very challenging, so why not add a bit of social engineering to the game. They are a lot of techniques you can use to gather the information you are after, making the job a lot easier.

Edited February 12, 2011 by Infiltrator

[cgront]

1. Set up a couple of virtual machines, make sure they are isolated from the main university network, you don't want trouble. Preferably use your own switch for connecting everything up together.

2. Once you have the VMs running install Windows XP, place some dummy files and then challenge who can break into that box and read whats on the file.

3. As you stated would be good, to share an information session on metasploit and then let them have some practice before the challenge.

4. Later if you want to increase the challenge level, you could set up some wireless access points and let them try to break into them, also make sure they are not interfering with the universities wireless system, if there are any. Use Kismet to find an appropriate channel to use and choose a unique SSID.

It was also suggested to my by another source to use this idea, but to have like 4 or 5 VM's, each one progressively harder to hack and each one holding a file which is part of a puzzle, first person to get all files and put answer puzzle wins. So it takes Infiltrator's idea to a little bit of a further Idea. My issue now is what kind of operating systems should I have as the Vm's. I have right now an XP and a Vista VM. I am thinking about windows server 2003, and 2008. And if there are any other ideas that would be great.

@digininja your idea is interesting but I think that would take me a longer time to set up and I dont think i would have the time.

@Infiltrator your second idea about social engineering may be useful for this, i may look into trying to incorporate this but If time does not allow me to, as long as I first focus on the VM's and network setup to begin with I should be fine.

[digininja]

How do you define harder to hack for the progressive machines? That will take some work to setup.

[Infiltrator]

Setting up virtual machines is very straight forward, what you need is to download VMware workstation from www.vmware.com.

Once downloaded, install this software on a machine that is already running an OS like Windows XP or Win7 (that's what I have at home).

Once installed you can follow this tutorial on how to create each individual VMs.

http://www.vmware.com/pdf/ws6_manual.pdf

[digininja]

The VM setup is easy, the hard bit would be creating vulnerable machines with some harder to exploit than others. If you are looking at beginners then you'd expect them to be using Metasploit and in that an exploit is an exploit really

[Infiltrator]

The VM setup is easy, the hard bit would be creating vulnerable machines with some harder to exploit than others. If you are looking at beginners then you'd expect them to be using Metasploit and in that an exploit is an exploit really

That's very much true, I've had a hard time trying to exploit my VM boxes and only had luck once. After hours of painstaking attempts and trying different exploits and payloads.

Something you want to keep in mind.

[tbstuntz]

Why not just use promox like darren did in recent episodes.

Setup some virtual machines and let them have some fun.

I would make the main objective relativity simple , like some xp machines, but hide harder stuff for people to prove they are the sh*t.

[Infiltrator]

Why not just use promox like darren did in recent episodes.

Setup some virtual machines and let them have some fun.

I would make the main objective relativity simple , like some xp machines, but hide harder stuff for people to prove they are the sh*t.

You can still use VMware and its not the VMware that makes the VMs secure its just the OS itself that needs to be made vulnerable, which is the challenging part.

Edited February 15, 2011 by Infiltrator

[cgront]

At this point I have an xp machine set up, I am going to duplicate it a couple of times. and make each copy different, depending on updates, and firewall settings and such. I am Still trying to figure this all out. My only fear is that people will get over whelmed an decide not to do it.

[cgront]

Also at this point i am using virtual box, because that is just what i had installed, if someone can also give me a good reason to switch to proxmox or VMware that is fine.