You are not logged in.
Hey everyone, thanks for reading. I need recommendations for stuff I can put on an Arch box that make it SIGNIFICANTLY more vulnerable to 'spoiting. The idea is this: I'm throwing a party with a computer CTF challenge. The box in question will be plugged in to a 24 port switch that doesn't have internet access. Everyone else will connect to this switch and go to town.
So far I'm going to put on it:
Kusaba
SSH
httpd
mysql
tftp
Any suggestions would be helpful!
Last edited by sharpie (2009-09-26 02:29:16)
Offline
Not sure if I understand your post right. Are you saying that you want to setup a vulnerable system for e.g. hacking purposes? If thats true, you may want to look at Damn Vulnerable Linux
http://www.damnvulnerablelinux.org/
The system is intended for educational training about several vulnerabilities.
Offline
- mysqladmin
- roundcubemail
- Make sure you leave mysql etc open to the lan for incoming connections
- php and put a phpinfo() page in apache as test.php or something
Are you familiar with our Forum Rules, and How To Ask Questions The Smart Way?
BlueHackers // fscanary // resticctl
Offline
hosts.allow
hosts.deny
Setting Up a Scripting Environment | Proud donor to wikipedia - link
Offline
Why not just install Windows? (tongue-firmly-in-cheek)
Allan-Volunteer on the (topic being discussed) mailn lists. You never get the people who matters attention on the forums.
jasonwryan-Installing Arch is a measure of your literacy. Maintaining Arch is a measure of your diligence. Contributing to Arch is a measure of your competence.
Griemak-Bleeding edge, not bleeding flat. Edge denotes falls will occur from time to time. Bring your own parachute.
Offline
You want to make a pc in order to invite ppl to penetrate it?
ffc
Offline
Heres my tip, install old versions for all your programs. This will make it SIGNIFICANTLY more vulnerable to exploits. Script kiddies all over the world can hack into servers just because they run old versions of SSH.
How's my programming? Call 1-800-DEV-NULL
Offline
You could change the write permission of a script that gets run with root privileges. Allowing anyone who does manage to log in the ability to enter their own commands.
Last edited by jargoman (2009-10-22 14:33:23)
Offline