mirror of https://github.com/01-edu/public.git
Update subjects
This commit is contained in:
parent
1d1afb4d82
commit
d96e34e4b6
|
@ -0,0 +1,46 @@
|
||||||
|
## add-vm
|
||||||
|
|
||||||
|
### Add a virtual machine
|
||||||
|
|
||||||
|
We provide virtual machines you need to download & add to VirtualBox.
|
||||||
|
|
||||||
|
Each VM will contain a system in a certain state that you will need to use in order to crack the sysadmin exercises. Their names start with "01\_" in order to avoid conflict with your VM names.
|
||||||
|
|
||||||
|
You can download these VM here :
|
||||||
|
|
||||||
|
https://assets.01-edu.org/sys
|
||||||
|
|
||||||
|
For this exercise you need to download the archive : [01_add-vm.tar.gz](https://assets.01-edu.org/sys/01_add-vm.tar.gz).
|
||||||
|
|
||||||
|
Extract it in the folder `VirtualBox VMs` which is located in your [home directory](https://en.wikipedia.org/wiki/Home_directory).
|
||||||
|
|
||||||
|
In VirtualBox :
|
||||||
|
|
||||||
|
- Select on the menu bar : <u>M</u>achine → <u>A</u>dd
|
||||||
|
- Open the file `01_add-vm.vbox`
|
||||||
|
|
||||||
|
The VM should appear on the list under the name "01_add-vm".
|
||||||
|
|
||||||
|
### Snapshots
|
||||||
|
|
||||||
|
A snapshot is a state of a system at a given time, just like a version or a copy.
|
||||||
|
|
||||||
|
Let's imagine that you want to modify a text or a drawing, that you make a copy before, keeping the original... This is a snapshot.
|
||||||
|
|
||||||
|
Software that makes extensive use of this feature :
|
||||||
|
|
||||||
|
- Git (a commit is a snapshot)
|
||||||
|
- Windows System Restore (a restore point is a snapshot)
|
||||||
|
- macOS Time Machine (each backup is a snapshot)
|
||||||
|
- Linux LVM (Logical Volume Manager)
|
||||||
|
- Filesystems : Btrfs, ZFS
|
||||||
|
- Hypervisors like the one you are currently using : VirtualBox
|
||||||
|
|
||||||
|
**We recommend that this be the first thing you do after importing a VM.**
|
||||||
|
This way you can break it, go in the wrong direction or want to try another way and at any time you can go back to the original state.
|
||||||
|
|
||||||
|
If you forgot to do so and want to make a fresh start, you can always delete the VM (all files) and add it again in VirtualBox.
|
||||||
|
|
||||||
|
### Check
|
||||||
|
|
||||||
|
Since all VMs are based on this one, check that it is working properly by starting and stopping it gracefully.
|
|
@ -0,0 +1,70 @@
|
||||||
|
## connect
|
||||||
|
|
||||||
|
To communicate over a network, a computer must have an IP address.
|
||||||
|
|
||||||
|
The computer can choose its own IP address (static) or can ask a DHCP server to assign one (dynamic).
|
||||||
|
|
||||||
|
Generally, clients (smartphones, laptops, etc...) rely on DHCP servers to have a dynamic IP address and servers have a static IP address.
|
||||||
|
|
||||||
|
For this project you will need to add these 3 VM :
|
||||||
|
|
||||||
|
- [01_connect_box](https://assets.01-edu.org/sys/01_connect_box.tar.gz)
|
||||||
|
- [01_connect_machine1](https://assets.01-edu.org/sys/01_connect_machine1.tar.gz)
|
||||||
|
- [01_connect_machine2](https://assets.01-edu.org/sys/01_connect_machine2.tar.gz)
|
||||||
|
|
||||||
|
The VM are configured like this :
|
||||||
|
|
||||||
|
```
|
||||||
|
N E T W O R K S C O M P U T E R S
|
||||||
|
_______________________________ ________________________
|
||||||
|
|
||||||
|
.-----------------------------.
|
||||||
|
| Internet |
|
||||||
|
'-----------------------------'
|
||||||
|
^
|
||||||
|
|
|
||||||
|
v
|
||||||
|
.-----------------------------.
|
||||||
|
| VirtualBox NAT |
|
||||||
|
| |
|
||||||
|
| DHCP server | .----------------------.
|
||||||
|
| DNS server | | box |
|
||||||
|
| | | |
|
||||||
|
| (10.0.2.2) NIC |<--->| enp0s8 (10.0.2.15) |
|
||||||
|
| | | ^ |
|
||||||
|
'-----------------------------' | | |
|
||||||
|
.-----------------------------. | | |
|
||||||
|
| VirtualBox Internal Network | | | DHCP server |
|
||||||
|
| | | v |
|
||||||
|
| |<----->| enp0s3 (192.168.0.1) |
|
||||||
|
| | | | |
|
||||||
|
| | | '----------------------'
|
||||||
|
| | | .----------------------.
|
||||||
|
| | | | machine1 |
|
||||||
|
| | | | |
|
||||||
|
| |<----->| enp0s3 (192.168.0.2) |
|
||||||
|
| | | | |
|
||||||
|
| | | '----------------------'
|
||||||
|
| | | .----------------------.
|
||||||
|
| | | | machine2 |
|
||||||
|
| | | | |
|
||||||
|
| |<----->| enp0s3 (192.168.0.2) |
|
||||||
|
| | | |
|
||||||
|
'-----------------------------' '----------------------'
|
||||||
|
```
|
||||||
|
|
||||||
|
You will only have control over "machine2". This computer have Internet access through the "box".
|
||||||
|
|
||||||
|
Start the 3 VM and test on machine2 the connectivity quality with this command :
|
||||||
|
|
||||||
|
```
|
||||||
|
timeout --signal SIGINT 1m ping google.com
|
||||||
|
```
|
||||||
|
|
||||||
|
After one minute the result shows the percentage of lost packets. It should be quite high (above 10%).
|
||||||
|
machine1 and machine2 have the same IP address, which leads to connectivity problems.
|
||||||
|
|
||||||
|
Find how to :
|
||||||
|
|
||||||
|
- change the IP address to avoid the conflict
|
||||||
|
- make the IP address dynamic (attributed by the box DHCP server)
|
|
@ -0,0 +1,29 @@
|
||||||
|
## remote
|
||||||
|
|
||||||
|
### Connect
|
||||||
|
|
||||||
|
To type commands in a distant shell, you can use your peripherals (keyboard, monitor) or [SSH](<https://en.wikipedia.org/wiki/SSH_(Secure_Shell)>).
|
||||||
|
|
||||||
|
It is more comfortable to use SSH because you can use your usual terminal, with the right keymap, theme, etc.
|
||||||
|
|
||||||
|
Do to this exercise you will need to add this VM :
|
||||||
|
|
||||||
|
- [01_remote](https://assets.01-edu.org/sys/01_remote.tar.gz)
|
||||||
|
|
||||||
|
Because the VM is behind the VirtualBox NAT router you can't access it directly. Unless you add a port forwarding rule in the VM settings that maps a host port to a guest port. Host refers to your machine and guest to the VM.
|
||||||
|
|
||||||
|
Host & guest IP addresses don't need to be specified, guest port needs to be 22 because that's SSH default listening port.
|
||||||
|
|
||||||
|
Then connect to it via SSH (this is the only way since consoles are disabled) :
|
||||||
|
|
||||||
|
```
|
||||||
|
ssh -p HOST_PORT root@localhost
|
||||||
|
```
|
||||||
|
|
||||||
|
### Configure
|
||||||
|
|
||||||
|
It is recommended to change the default SSH port (22) to prevent bots from trying to connect to it.
|
||||||
|
|
||||||
|
Since we are pretending that the guest VM is a server, change the SSH service port and make sure the port forwarding of the Virtual NAT network still works !
|
||||||
|
|
||||||
|
In addition, you will need to allow the new port in the firewall `ufw`.
|
|
@ -0,0 +1,58 @@
|
||||||
|
## scan
|
||||||
|
|
||||||
|
![scan1](scan1.png)
|
||||||
|
|
||||||
|
> You're going to do like Trinity in the movie _The Matrix Reloaded_. Except that you're not going to turn off the electricity in a city, and you probably don't wear as much leather, but that's okay.
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
By design and by default, most network entities have a high discoverability.
|
||||||
|
|
||||||
|
Whatever your motivations for exploring a network (hacking, curiosity...), you generally proceed in this order :
|
||||||
|
|
||||||
|
1. Scan a network to find hosts
|
||||||
|
2. Scan a host to get information (hardware, OS & exposed services)
|
||||||
|
|
||||||
|
`1.` can be done by analyzing the link layer of Internet protocols, in particular `ARP` in order to gather MAC addresses (the identifier of a network interface, such as Wi-Fi or Ethernet cards).
|
||||||
|
|
||||||
|
`2.` is usually performed by analyzing the network and transport layers, in particular the `IP` & `TCP` protocols with the `nmap` tool.
|
||||||
|
|
||||||
|
For the context, when you open a website, here are the protocols involved, from the highest to lowest level (the protocols at the top depend on those at the bottom):
|
||||||
|
|
||||||
|
- `HTTP`: application layer (website data) - messages
|
||||||
|
- `TLS`: application layer ("lock" sign) - secure connection
|
||||||
|
- `TCP`: transport layer (port number) - reliable connection
|
||||||
|
- `IP`: network layer (IP address) - global communication
|
||||||
|
- `ARP`: link layer (MAC address) - local communication
|
||||||
|
|
||||||
|
For this challenge, you will focus on `IP`, `ARP` & `TCP`, and therefore on IP/MAC addresses and ports.
|
||||||
|
|
||||||
|
You will need to add these 2 VM :
|
||||||
|
|
||||||
|
- [01_scan_RRF-CONTROL](https://assets.01-edu.org/sys/01_scan_RRF-CONTROL.tar.gz)
|
||||||
|
- [01_scan_laptop](https://assets.01-edu.org/sys/01_scan_laptop.tar.gz)
|
||||||
|
|
||||||
|
You will only have control over "laptop". A port forwarding is set on 10122 so you can connect through SSH.
|
||||||
|
|
||||||
|
Your mission, should you choose to accept it, is to scan the network interface `enp0s8` and find a way in the server, you will know you have succeeded when you see :
|
||||||
|
|
||||||
|
```
|
||||||
|
RRF-CONTROL> █
|
||||||
|
```
|
||||||
|
|
||||||
|
Because the VirtualBox Internal Network is very slow (10 Mbps, Ethernet is usually 1000 Mbps), expect long scan times :
|
||||||
|
|
||||||
|
- ARP scanning takes up to 5 minutes
|
||||||
|
- port scanning takes up to half an one hour with the option `-T4` (even more without).
|
||||||
|
|
||||||
|
May the Fourth be with you.
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
![scan2](scan2.png)
|
||||||
|
|
||||||
|
> Another depiction of the `nmap` tool: in _Ocean's 8_, Rihanna uses [Kali Linux](https://www.kali.org) to steal a valuable diamond.
|
||||||
|
>
|
||||||
|
> Same strategy, different styles
|
Binary file not shown.
After Width: | Height: | Size: 74 KiB |
Binary file not shown.
After Width: | Height: | Size: 95 KiB |
|
@ -10,11 +10,11 @@
|
||||||
| ------------- | ------------------------------------------------------------------------------------------------------------------ | ---------------------- | --------------- |
|
| ------------- | ------------------------------------------------------------------------------------------------------------------ | ---------------------- | --------------- |
|
||||||
| `linux` | Introduction and VirtualBox installation/basic usage. | OS, virtualization | subject + audit |
|
| `linux` | Introduction and VirtualBox installation/basic usage. | OS, virtualization | subject + audit |
|
||||||
| `login` | Connect to console (using different virtual terminals), basic commands and usage of the console. | OS | subject |
|
| `login` | Connect to console (using different virtual terminals), basic commands and usage of the console. | OS | subject |
|
||||||
| `update-vm` | Fetch, update and use our training virtual machine (introduction to snapshots and cloning). | virtualization | script |
|
| `add-vm` | Download and add our training virtual machines (introduction to snapshots). | virtualization | VM, subject |
|
||||||
| `connect` | Fix a conflict of IP address, configure DHCP & static IP address. | OS, network | |
|
| `connect` | Fix a conflict of IP address, configure DHCP & static IP address. | OS, network | VM, subject |
|
||||||
| `remote` | Remotely connect to a pseudo-terminal (configure firewall, change SSH port and listening address). | OS, network, security | WIP |
|
| `remote` | Remotely connect to a pseudo-terminal (configure firewall, change SSH port and listening address). | OS, network, security | VM, subject |
|
||||||
| `upgrade` | Free disk space (caches, logs & temporary files) to upgrade the OS. | OS | |
|
| `scan` | Discover machines and services (scan ARP, `nmap`), brute-force portals. | OS, network, security | VM, subject |
|
||||||
| `scan` | Discover machines and services (scan ARP, `nmap`), brute-force portals. | OS, network, security | WIP |
|
| `upgrade` | Free disk space (caches, logs & temporary files) to upgrade the OS. | OS | WIP |
|
||||||
| `reboot` | Learn how to recognize a blocked system and reboot it (hard reset, magic SysRq key). | OS | |
|
| `reboot` | Learn how to recognize a blocked system and reboot it (hard reset, magic SysRq key). | OS | |
|
||||||
| `ram` | Fix a program being OOM (enlarge swap and system memory, compare performance). | OS, virtualization | |
|
| `ram` | Fix a program being OOM (enlarge swap and system memory, compare performance). | OS, virtualization | |
|
||||||
| `benchmark` | Learn how to benchmark a program | OS, disk | WIP |
|
| `benchmark` | Learn how to benchmark a program | OS, disk | WIP |
|
||||||
|
|
Loading…
Reference in New Issue