Initial Access: Show Impact of Exploitation
In this lab, you’ll exploit vulnerabilities and configuration weaknesses to gain access to networked devices. When you’re finished, you’ll have a foothold in the system and be able to demonstrate the impact of your activities.
Terms and conditions apply.
Challenge
Getting Started in the Lab Environment
Here are the initial instructions and explanation of the lab environment. Read this while your environment is busy creating itself from nothing. Yes, this violates physics; we know. How fun!
Challenge
Accessing Sensitive Information
You'll exploit a vulnerable FTP server to gain access to sensitive information.
Challenge
Exploiting CVE-2020-7247
Next up, you'll exploit a vulnerable SMTP server to execute arbitrary commands as root via a crafted SMTP session.
Challenge
Exploiting Insecure NFS Configuration
Take advantage of the access provided to a user’s /home folder via NFS to plant SSH credentials nd elevate your access to a root shell.
Challenge
Creating an Alternative Access Channel
You'll exploit a vulnerable version of bash to create an alternative access channel for persistence
Challenge
The Last Challenge
Welcome to the final challenge! This is your last chance to experiment in the environment. Clicking Finish Lab will end this little world that flittered into existence just for you.
Provided environment for hands-on practice
We will provide the credentials and environment necessary for you to practice right within your browser.
Guided walkthrough
Follow along with the author’s guided walkthrough and build something new in your provided environment!
Did you know?
On average, you retain 75% more of your learning if you get time for practice.
Recommended prerequisites
- Learners should be familiar with
- Common Linux command line tools
- The Metasploit framework
- Netcat
- Nmap