This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
cctf_preliminary_experiment [2017/08/25 15:01] silvio.biagioni@unitn.it |
cctf_preliminary_experiment [2021/01/29 10:58] (current) |
||
---|---|---|---|
Line 47: | Line 47: | ||
===== Training Phase (on your device) ===== | ===== Training Phase (on your device) ===== | ||
- | - Download Kali Linux ([[https://drive.google.com/drive/URLtoATTACkIMAGE|Attack Clone]]) and TestREx ([[https://drive.google.com/drive/URLtoTARGEtIMAGE|Target Clone]]) images. | + | - Download Kali Linux ([[https://drive.google.com/open?id=0BxCs1beC8uIUdjVZOC1HeGRSLU0 | Attack Clone]]) and TestREx ([[https://drive.google.com/open?id=0BxCs1beC8uIUNjV3LUcxd25aT3c | Target Clone]]) images and import them through VirtualBox: ''File>Import Appliance...'' |
- | - Run the images on QEMU (TODO: ADD QEMU NETWORK CONFIGURATIONS TO THE FOLLOWING COMMANDS): <code>% qemu-system-x86_64 -drive file=KALI-RLG,format=raw -m 2048 -enable-kvm</code><code>% qemu-system-x86_64 -drive file=Ubuntu1604-STD,format=raw -m 2048 -enable-kvm -redir tcp:2222::22</code> | + | - Add a virtual NAT Network on VirtualBox: go to ''File>Preferences'' , select ''Network'' on the left and add a new NAT Network. |
- | - Perform your attacks against the target machine from your own browser, or out of the Kali Linux's command line, as many time you want. Restore the target containers, if needed, through the following commands: <code> $ sudo python run.py --manual nodegoat__ubuntu-node-mongo --port 8888 </code> <code>$ sudo python run.py --manual wordpress3.2__ubuntu-apache-mysql --port 80 </code> | + | - Add TestREx and Kali Linux to the virtual network just created in the previous step,To view and configure the settings of a virtual machine, select it from the list on the left and either click on the ''Settings'' button located in the toolbar, or select the ''Machine->Settings...'' menu option. Thus, select the ''Network'' section on the left and set the ''Attached to:'' field with the ''NAT Network'' option, ensuring that the value of ''Name:'' corresponds with the virtual NAT Network previously generated. |
+ | - Run the virtual machines. | ||
+ | - Perform your attacks against the target machine from your own browser, or out of the Kali Linux's command line, as many time you want. Restore the services on the target machine, if needed, through the following commands: <code> $ sudo python run.py --manual nodegoat__ubuntu-node-mongo --port 8888 </code> <code>$ sudo python run.py --manual wordpress3.2__ubuntu-apache-mysql --port 80 </code> | ||
- Write a brief report about the attack(s) that you are going to carry out during the One-On-One Attack Phase. | - Write a brief report about the attack(s) that you are going to carry out during the One-On-One Attack Phase. | ||