Scribd Logo
Upload

Welcome to Scribd!

  • How To Use Hacking Lab

    Uploaded by

    Anurag Ranjan
    178 views54 pages
    How to Use Hacking Lab

    Original Title

    How to Use Hacking Lab

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    How to Use Hacking Lab

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    178 views54 pages

    How To Use Hacking Lab

    Uploaded by

    Anurag Ranjan
    How to Use Hacking Lab

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 54

    Introduction Hacking-Lab

    https://www.hacking-lab.com

    Hacking-Lab
    Provided by Security Competence GmbH
    Switzerland
    Hacking-Lab Online Security Lab

    Hacking-Lab www.hacking-lab.com Slide 2


    How does it work?

    Registration

    Challenge Description

    VPN to the Lab


    Solve the Challenge

    Submit your solution


    Receive Points

    Hacking-Lab www.hacking-lab.com Slide 3


    Hacking-Lab How does it work?

    1) Registration
    2) Challenge Details

    Solving the challenges(VPN)

    Send Solution

    Solution Grading

    Hacking-Lab www.hacking-lab.com Slide 4


    Existing User Accounts (Pre-Configured)

    Existing usernames in Hacking-Lab


    hacker10, hacker11, hacker12, hacker13,
    These usernames are pre-registered on the vulnerable servers

    Password for the existing users


    compass

    -> try hacker10, hacker11, with password compass whenever you need
    to login somewhere.

    -> this works everywhere, except for those challenges where the password
    should be found 8-)

    Hacking-Lab www.hacking-lab.com Slide 5


    Hacking-Lab Components

    Hacking-Lab
    Provided by Security Competence GmbH
    Switzerland
    What is Hacking-Lab

    (1) Vulnerable Servers and Applications


    (Web, Windows, Linux, iOS, Android)

    (2) Description about the security challenges

    (3) Tools required for solving the challenges

    (4) Teacher functions (accept/reject solutions)


    solutions, solution movies

    Hacking-Lab www.hacking-lab.com Slide 7


    Vulnerable Services

    Hacking-Lab
    Provided by Security Competence GmbH
    Switzerland
    Details about Hacking-Lab

    Vulnerable Mobile Vulnerable Servers


    Apps Remote Security Lab Automatic Revert to Snapshot

    Hacking-Lab www.hacking-lab.com Slide 9


    Movie: Introduction ESXi

    http://media.hacking-lab.com/movies/HLESXi/

    Hacking-Lab
    Provided by Security Competence GmbH
    Switzerland
    Description about the Mission
    (Challenge, Riddle)

    Example: OWASP TOP 10 event

    Hacking-Lab
    Provided by Security Competence GmbH
    Switzerland
    Hacking-Lab www.hacking-lab.com Slide 12
    Hacking-Lab www.hacking-lab.com Slide 13
    Challenges Categories in Hacking-Lab

    Web Security VoiP / SS7 / GSM

    Malware / Trojan / Bugs Wireless Security

    Windows Security Unix / Linux Security

    Apple Security Crypto Challenges

    Penetration Testing Programming

    Networking Fun Challenge

    Forensics

    Reverse Engineering

    Hacking-Lab www.hacking-lab.com Slide 14


    Hacking-Lab www.hacking-lab.com Slide 15
    Challenges SBS versus WG

    Every challenge in Hacking-


    SBS WG Lab is available as SBS
    Step by Step Wargame
    and WG

    SBS challenges WG challenges SBS = Step by Step


    are used in are used in free Instruction of the
    commercial trainings, CTF challenge
    trainings. and talent quest.
    WG = Wargame instruction
    Trainees do not Solving a WG (without further details
    have the time to challenge is more about the procedure)
    spend 1-2 hours difficult and
    per challenge. needs more
    They will be knowledge.
    guided through
    the challenge.

    Hacking-Lab www.hacking-lab.com Slide 16


    Challenges - SBS versus WG

    WG Challenges
    WG = Wargame
    The mission of the challenge is given, but without further details
    For the more advanced users
    Level 1 = 10 points
    Level 2 = 20 points
    Level 3 = 30 points

    SBS Challenges
    SBS = Step by Step
    The mission of the challenge is given, including a step by step instruction
    For the beginners
    Level 1 = 5 points (50% of WG)
    Level 2 = 10 points (50% of WG)
    Level 3 = 15 points (50% of WG)

    Hacking-Lab www.hacking-lab.com Slide 17


    Hacking-Lab www.hacking-lab.com Slide 18
    Example of Challenge Description

    Hacking-Lab www.hacking-lab.com Slide 19


    Example of Challenge Description

    Hacking-Lab www.hacking-lab.com Slide 20


    Hacking-Lab www.hacking-lab.com Slide 21
    Hacking-Lab www.hacking-lab.com Slide 22
    Hacking-Lab www.hacking-lab.com Slide 23
    Hacking-Lab www.hacking-lab.com Slide 24
    Hacking-Lab www.hacking-lab.com Slide 25
    Solution Form (including attachments)

    Hacking-Lab www.hacking-lab.com Slide 26


    Hacking-Lab Tools

    www.hacking-lab.com

    Hacking-Lab
    Provided by Security Competence GmbH
    Switzerland
    Hacking-Lab Tool Overview

    LiveCD

    Windows XP VDI clients

    iRAPP OSX Terminal Server

    Hacking-Lab www.hacking-lab.com Slide 28


    LiveCD
    Download ISO/OVA
    http://media.hacking-lab.com

    We recommend using the VirtualBox or Vmware OVA!!

    Hacking-Lab
    Provided by Security Competence GmbH
    Switzerland
    LiveCD free Download

    http://media.hacking-lab.com

    LiveCD
    VirtualBox OVA

    LiveCD
    Vmware OVA
    LiveCD ISO

    Hacking-Lab www.hacking-lab.com Slide 30


    LiveCD Features

    1. VPN Icon

    2. Root Shell

    3. ZAP Inspection Proxy

    4. Firefox Profiles + Plugins

    5. Landing Page Web Server

    6. Vmware View VDI Client

    7. iRAPP OSX Client

    8. Metasploit and more

    Hacking-Lab www.hacking-lab.com Slide 31


    LiveCD Project - Desktop V8.03

    Hacking-Lab www.hacking-lab.com Slide 32


    VPN Icon (right click icon)

    Hacking-Lab www.hacking-lab.com Slide 33


    VPN green = connected

    Hacking-Lab www.hacking-lab.com Slide 34


    My IP Address

    Hacking-Lab www.hacking-lab.com Slide 35


    Root Shell

    Hacking-Lab www.hacking-lab.com Slide 36


    Firefox Profile Manager

    If you play a web attacker and


    web victim at the same time,
    you need two independant
    firefox instances (e.g. session
    hijacking). Thats why you have
    two profiles

    Hacking-Lab www.hacking-lab.com Slide 37


    Firefox Testing Profiles

    Hacking-Lab www.hacking-lab.com Slide 38


    Firefox FoxyProxy Plugin (ZAP)

    Hacking-Lab www.hacking-lab.com Slide 39


    ZAP Inspection Proxy (slow loading)

    Hacking-Lab www.hacking-lab.com Slide 40


    LiveCD Landing Page Webserver

    Hacking-Lab www.hacking-lab.com Slide 41


    Windows XP VDI Host

    Hacking-Lab
    Provided by Security Competence GmbH
    Switzerland
    Windows XP VDI (vmware view)

    Hacking-Lab www.hacking-lab.com Slide 43


    User = hacker10, hacker11, hacker12,
    Password = compass

    Hacking-Lab www.hacking-lab.com Slide 44


    Windows XP VDI (vmware view)

    Hacking-Lab www.hacking-lab.com Slide 45


    Windows XP VDI (vmware view)

    Hacking-Lab www.hacking-lab.com Slide 46


    OSX Terminal Server

    Hacking-Lab
    Provided by Security Competence GmbH
    Switzerland
    OSX Terminal Server

    Hacking-Lab www.hacking-lab.com Slide 48


    Hacking-Lab www.hacking-lab.com Slide 49
    Hacking-Lab Support

    Hacking-Lab
    Provided by Security Competence GmbH
    Switzerland
    Global Chat

    Hacking-Lab www.hacking-lab.com Slide 51


    Video Tutorials and Help

    LiveCD usage with VirtualBox Appliance

    LiveCD usage with Vmware8 workstation

    How to connect in HL with OpenVPN

    VIDEO TUTORIALS
    https://www.hacking-lab.com/support/tutorial/

    Hacking-Lab www.hacking-lab.com Slide 52


    Hacking-Lab FAQ

    https://www.hacking-lab.com/support/FAQ/

    Hacking-Lab www.hacking-lab.com Slide 53


    Thank You!

    Questions = support@hacking-lab.com

    Hacking-Lab
    Provided by Security Competence GmbH
    Switzerland

    You might also like