Defense Point Security presents SploitNet: a multi-stage hacking puzzle for cyber security professionals to challenge themselves and each other.
SploitNet is a series of downloadable Virtual Machines (VM) designed to simulate a real-world attack scenario, where an attacker would have to compromise multiple systems to access the desired target. Designed by senior DPS security talent, SploitNet was created to teach hands-on penetration testing skills to computer security professionals who have an introductory to intermediate level of penetration testing experience.
A series of three exploitable Virtual Machines (VM) Simulates a real-world attack scenario Attackers must compromise multiple systems to access target data Attacker will have to use the access obtained from the previous VM to compromise the next VM Created to teach hands-on penetration testing skills to computer security professionals Beginner to Intermediate level of experience These VMs were created by some awesome people in DPS's Fellows program. Feel free to hit us up @defpointsec on twitter if you have comments and/or questions. DPS hopes you enjoy hacking these VM's as much as we have enjoyed creating them!
Who will be the first person in your organization to follow the breadcrumbs to victory?
Similar to the original SploitNet, the end goal of SploitNet 2 is to obtain access to the first (.200) VM and use it to pivot to the second and final (.201) VM. While there are only two VM's in this iteration of SploitNet, don't assume that this challenge will be simple. You will need to gain access to root on both of these VM's. To prove that you've completed the challenge, you'll need to obtain the MD5 hashes within the two files placed on each of the VM's.
Credits Jason Ashbaugh Jonathan Cooper (bigc00p) David Dalling Jake Groth (@gphreakx) Jeff Ferrell (@jeffxf) Billy Meyers (@_hAxel) Jonathan Naugle (SecDood) Brad Poulton Gabriel Pulgar (crackbard) Duane Waddle (duckfez)