Jump to content

How to Misconfigure Ubuntu Server 12.04 ?


Skorpinok Rover

Recommended Posts

Hi,

Just a N00B..... question. Installed a latest version of vulnerable web app mutilliade on Ubuntu server 12.04 inside Virtualbox, while installing i selected *LAMP SERVER* , *NO UPDATES*,after installation i turned off firewall, apart from these is there anything i can do to misconfigure this server for penetration testing just like metasploitable ? if you got any suggestion let me know.

-skorpinok.

Edited by Skorpinok W7PC
Link to comment
Share on other sites

Time consuming, but look through Bugtraq or ExploitDB or some other source and find vulnerable versions of software to install on the boxes. It might require compiling rather than apt-get as the repos will have the fixed versions most likely. Also, randomly set some programs SUID for root and see if you can tip them over. Really, though, you are better running an older platform if you are just wanting to demo or study the exploit process itself.

Link to comment
Share on other sites

Time consuming, but look through Bugtraq or ExploitDB or some other source and find vulnerable versions of software to install on the boxes. It might require compiling rather than apt-get as the repos will have the fixed versions most likely. Also, randomly set some programs SUID for root and see if you can tip them over. Really, though, you are better running an older platform if you are just wanting to demo or study the exploit process itself.

Thanks, i think i made some minor changes, am not so talented with this but i guess somehow this may work not sure.

1) Disabled the Firewall

2) Disabled SELinux/AppArmor

3) NO filesystem encryption

4) Left the root account enabled.

Web page is super super friendly for attacks, when tested from kali.

Ubuntu Server 12 installed along with Msploitable 2 inside Vbox, Vbox runs inside Kali Linux, Kali is dualbooted along Windows7

Dell XPS Core i7, 8 GB RAM, SeaGate 720 GB HDD. for kali ( 500GB allocated)

Edited by Skorpinok W7PC
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...