-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 That is a great idea, in fact I am going to leave it %100 un-patched and try all of those fun kernel exploits on it as well. As for it just being old Ubuntu - are the newer EOL versions of Ubuntu (like 9 or 10) still easy to exploit (32 bit/no canaries/no NX) that are easier to get the display drivers to work for? Shellshock was awesome, but my favorite exploit is the exploit in fingerd used by the morris worm. So simple - yet so effective. I'm sure us archers can appreciate that. Thanks! On 11/27/2015 11:48 PM, Kyle Terrien wrote:
On 11/27/2015 04:57 PM, Luna Moonbright wrote:
Fantastic, I love that book and am wanting to get the rest of the way through it. I didn't realize it was such an issue in KVM. I think it works in virtual box, but it would be nice to get it installed on KVM so me and a few guys can set up a class on exploitation.
I'll keep working on it to.
It's an old version of Ubuntu, so you could have a lot of fun poking at vulnerabilities, especially if you don't do an apt-get update.
Coincidentally, this VM is vulnerable to my personal favorite exploit--Shellshock. That's something fun you can cover in your class.
kyle@hacking:~ $ env 'x=() { :;}; echo Vulnerable' bash -c 'echo Test' Vulnerable Test kyle@hacking:~ $
And if you set up a web server on the VM, you can demonstrate how to use Shellshock to dump /etc/passwd by setting a malicious User-Agent. [0]
--Kyle