Делимся квестами на тему ИБ.
De-ice.net супер-пупер лаба(диски втыкаются в ВМ), всего два уровня.
Регимся тут.
Читаем сценарий, качем, решаем.
Кому лень регистрироваться, то диски можно скачать по ссылкам:
1.
2.
Сценарий первого уровня:
The scenario for this LiveCD is that a CEO of a small company has been pressured by the Board of Directors to have a penetration test done within the company. The CEO, believing his company is secure, feels this is a huge waste of money, especially since he already has a company scan their network for vulnerabilities (using nessus). To make the BoD happy, he decides to hire you for a 5-day job; and because he really doesn't believe the company is insecure, he has contracted you to look at only one server - a old system that only has a web-based list of the company's contact information.
The CEO expects you to prove that the admins of the box follow all proper accepted security practices, and that you will not be able to obtain access to the box. Prove to him that a full penetration test of their entire corporation would be the best way to ensure his company is actually following best security practices.
Для тех кто забыл онглийский или просто описание вкратце:
Нужно свистнуть номера кредиток.
Сценарий второго уровня:
The scenario for this LiveCD is that you have been given an assignment to test a company's 192.168.2.xxx network to identify any vulnerabilities or exploits. The systems within this network are not critical systems and recent backups have been created and tested, so any damage you might cause is of little concern. The organization has had multiple system administrators manage the network over the last couple of years, and they are unsure of the competency previous (or current) staff2
Его я не прошёл из за тех. проблем, поэтому вкратце ендгоал описать немогу.
Лучше всётаки зарегистриуйтесь!
Ну и хакстор конечно же.
При прохождении первых пяти лвлов даётся супер-пупер шелл,
но котором и апач с ниджинксом есть и нетхак и 2гб фриспейса.
Я остановился на 49.
Если кто нибудь прошёл и может помочь - отпишитесь.