Security practice (contest)

conceited · 18-06-2008 5:36am #1

Operating system : Windows 2000 no service pack.
Connection : 7.6Mb/672k
Goal : Name on webserver.
Difficulty: Easy

Every second week I will change the goal and or difficulty.
If there's enough interest the start date will be 2 weeks from today.

I tried this about 10 or 11 years ago on a well known security site and it was great fun.

Thoughts, suggestions etc...

Martyr · 18-06-2008 10:53am

this sounds good conceited..i wouldn't be able to take part in it though.

that looks too easy for some.. unless you plan on hardening the system?

i can see loads of people just using Metasploit which is basically point/click action.
in fact, they could probably just use a browser depending on the web server.

but its still great idea.
is it a server or professional edition?

h57xiucj2z946q · 18-06-2008 11:29am

there is some live cd's that do a similar concept like DE-ICE

Could be fun.

Win 2k without any SP's might be too easy is right.

conceited · 18-06-2008 11:25pm

Some good suggestions lads especially the DE-ICE distro's there amazing .
The first box is pro edition and it won't have any hardening done to it whatsoever just a default install with the webserver.

I understand what you saying about the ease at which people will be able to it and thats grand as I plan on increasing the difficulty for the next one I put up eventually using custom programs and scenarios to figure out etc.

Operating systems that will be used ,
AmigaOS, Windows, Bsd's, Minix, Linux distros, and some hobby Operating systems.

gerryk · 19-06-2008 12:03am

cool... sounds like fun

Martyr · 19-06-2008 2:51am

what hobby os?

conceited · 19-06-2008 3:32am

Edited as the other operating systems where not ready for this plus there programmed in 100% assembly language.These 2 look very promising.

MenuetOS (extremely compact OS with GUI, written entirely in FASM assembly language)
Syllable (a modern, independently originated OS; see AtheOS)

Martyr · 19-06-2008 5:35am

ok, sorry for all the questions, conceited.
but in regards to the hobby O/S - will these be running in a virtual environment like QEMU?

will they be 32 or 64 bit versions? and will they be latest releases?
what utilities and/or services will be running? and would you be allowing anonymous access to some of the services?

i'm sure you'll have all the details on the date, but since seeing what hobby o/s you'll be running, i'm interested in seeing what could be done there with regards to writing exploits.

challengemaster · 19-06-2008 5:40am

Average Joe wrote: »

this sounds good conceited..i wouldn't be able to take part in it though.

that looks too easy for some.. unless you plan on hardening the system?

i can see loads of people just using Metasploit which is basically point/click action.
in fact, they could probably just use a browser depending on the web server.

but its still great idea.
is it a server or professional edition?

backtrack3.. need i say more?

Martyr · 19-06-2008 5:53am

challengemaster wrote:

backtrack3.. need i say more?

no

but i'm not sure if this would work against the Hobby O/S's which makes it more interesting.

gerryk · 19-06-2008 9:34am

Average Joe wrote: »

no but i'm not sure if this would work against the Hobby O/S's which makes it more interesting.

But since the hobby OS will be on the internet, one has to assume it has some sort of TCP/IP stack. No doubt susceptible to the usual buffer overrun type exploits.

But yeah, metasploit isn't going to help much here.

conceited · 21-06-2008 2:29am

will these be running in a virtual environment like QEMU?

No

will they be 32 or 64 bit versions? and will they be latest releases?

32 most likely and not latest but stable.

what utilities and/or services will be running?

Whatever i find programing errors in.

would you be allowing anonymous access to some of the services?

More than likely.

Well the beauty of it is the operating systems will all have source code available for the most part.I won't be hosting any hobby operating systems for a while.

No doubt susceptible to the usual buffer overrun type exploits.

These guys that program said operating systems don't make a habit of making mistakes.They're meticulous programmers.But I hope to find 1 or 2

please god.

Feel free to use your favourite tools scripts operating systems backtrack metasploit nmap ethereal ....I'm sure it's going to be fun.

DexIsI · 21-06-2008 5:26pm

Hi all,
Nice compo idea, I was looking forward to having a go at this, but you remove the one i would of gone for, from the list of hobby OS.
But my name is already on the server, as i coded it

(along with a team).
Good luck.
DexIsI.

conceited · 21-06-2008 5:28pm

Thanks glad you like it.
What forum are you from megatokyo osdev?
I had to take it out as it was a waste of time trying to find exploits in fasm code.

DexIsI · 21-06-2008 6:07pm

Thats OK and yes i am a member of the OSDev forum, user name Dex.
And if the Fasm forum can be hacked (as it just has), is anything safe ?.
I would try buffer overflow on these OS.

conceited · 21-06-2008 7:17pm

That software fasm are using to host the forum is well known for being dodgy.
Well I was looking into drivers for my network card and about your tcp/ip stack and it seemd like alot of hassle so i said i'd move onto a more mature operating system.
I'm a member of that forum aswell lovely site.
About bufferoverflows have you any dodgy c functions?

DexIsI · 21-06-2008 10:01pm

Basically you need a RTL8139 ethernet card to use DexOS server (note: it users the same basic tcp/ip stack, as menuetos) .

Now theres no C code in DexOS, just like theres no C code in MenuetOS.
If you want, i may host a DexOS Server for the compo and see if anyone can change the index.htm.

Martyr · 21-06-2008 11:10pm

will MenuetOS be in this compo? its written using FASM last time i checked.
not tryin to be awkward.but its not really clear to me - sorry.

conceited · 21-06-2008 11:27pm

Thats an excellent idea if you host it i would love to give it ago aswell

Hasn't menuetos got it's own libc? I was using Syllable server yesterday after work so i'll stick with this for awhile as it seems to work smoothly with my hardware.

Yes MenuetOS will be used as far as i know since they have c apps ported to it right?

And I will try get a hold of an RTL8139 chipset card .

DexIsI · 22-06-2008 3:22am

OK, once you have done some tries on your hobby OS in your list, i will host my OS for a test, as it will be a test for any vulnerabilities in my OS.

As for MenuetOS there was a C libs, but the 32bit ver (theres a closed source 64bit ver) is not real kept up dated any more, your best go for KolibriOS which is a fork of menuet and is well up to date with C libs etc.

Give me about a weeks notest, when you want the DexOS server up, to test.

conceited · 03-07-2008 5:35pm

Just an update i will have the operating system up tomorrow night at 10pm.

Thanks Dex I'll let you know.

conceited · 04-07-2008 8:08pm

any interest in tonight ? :eek:if not i won't bother.

Martyr · 04-07-2008 9:42pm

put the system up and see what happens

i'm sure it will get hits.

Martyr · 04-07-2008 10:32pm

its a no go then? oh well..
there was a 2600 meeting today in belfast + dublin, i guess they all went to the pub and got hammered.

h57xiucj2z946q · 04-07-2008 11:57pm

any update on this ?

Martyr · 05-07-2008 1:06am

there was definitely interest in it, not just from myself or Damo2k, but some wouldn't want to say so, conceited.
had the server gone up, it would have got plenty of people trying to break in.

gerryk · 05-07-2008 5:00pm

So is this _not_ happening now?

conceited · 05-07-2008 5:57pm

9_pm_tonight();
You will have to figure everything out yourself I'm not telling yee anything lads.

h57xiucj2z946q · 05-07-2008 6:12pm

i might be on the lock at that time :-)

conceited · 05-07-2008 6:14pm

typical irish.:rolleyes:

conceited · 05-07-2008 9:22pm

DSC00952.jpg
fire away girls

Only rules are put your name on the webserver provided.
Please don't mess the operating system.(except root it)
I don't want it rebooting etc....., because you don't know what your doing.
Goodluck.

Security practice (contest)

Comments