Offensive Security Wireless Attacks (WiFu) & Offensive Security Wireless (OSWP)

The views and opinions expressed on this site are those of the author. Any claim, statistic, quote or other representation about a product or service should be verified with the seller, manufacturer or provider.

A few months back, I took Offensive Security’s online course WiFu course & exam OSWP, as I had written up a review for PWB/OSCP & CTP/OSCE, I thought I would do this too. As always, everything in this post is both personal comments and my own experience with the course.

Offsec WiFu Box

Cracking the Perimeter (CTP) & Offensive Security Certified Expert (OSCE)

The views and opinions expressed on this site are those of the author. Any claim, statistic, quote or other representation about a product or service should be verified with the seller, manufacturer or provider.

It’s been a while (just shy of two years) since I did ”Penetration Testing with BackTrack (PWB) & Offensive Security Certified Professional (OSCP)”. Over the last couple of weeks I’ve taken the next step with Offensive Security’s training course – ”Cracking the Perimeter (CTP)”, which, when successfully passed, gives you ”Offensive Security Certified Expert (OSCE)” certificate. Below are my thoughts & feelings regarding my overall experience of the course.

Offsec CTP box

pWnOS 2 (PHP Web Application)

This is the second release in the ”pWnOSvulnerable machine collection, however, it has a different creator from the previous one (which explains why it has a different “feel” to it). As always with ”boot2root” machines, it has purposely built “issues” allowing for the machine to become compromised, with the end goal being to become the super user, “root”. This method uses a vulnerability in a PHP web application (see here for exploiting via SQL injection).

pwnOS Logo

pWnOS 2 (SQL Injection)

This is the second release in the ”pWnOSvulnerable machine collection, however, it has a different creator from the previous one (which explains why it has a different “feel” to it). As before, it has purposely built in “issues” allowing the machine to become compromised. This method uses a SQL injection flaw (see here for exploiting the PHP web application). As always with ”boot2root” machines, the end goal is to become the super user, “root”.

pwnOS Logo

21LTR - Scene 1

21ltr is another boot2root collection, with its own unique twist. It has various ‘issues’ with the operating system, which have been purposely put in place to make it vulnerable by design. The end goal is to become the ’super user’ of the system (aka ‘root’). There is an optional stage afterwards, in which the user can try and find the ’flag’, proving (to themselves) that they successfully completed it.

21ltr Logo

Stripe CTF 2.0 (Web Edition)

Stripe hosted another ‘Capture the Flag’ (CTF) event. They previously did one back in February 2012 which contained 6 flags - however they were back with the ‘web edition’ going from level 0 to level 8 covering a range of web attacks. This is how I did it.

Please note: The event is now over. If you wish to do this yourself, you will have to download the code and do it offline.

Strip CTF Logo

Kioptrix - Level 4 (Local File Inclusion)

Kioptrix is a ”boot-to-root” operating system which has purposely designed weakness(es) built into it. The user’s end goal is to interact with system using the highest user privilege they can reach.

There are other vulnerabilities using different techniques to gain access into this box such as breaking through a limited shell as well as backdooring via MySQL injection.

Kioptrix Logo

Kioptrix - Level 4 (Limited Shell)

Another Kioptrix has been released which is a ”boot-to-root” operating system that has purposely designed weaknesses built into it. The user’s end goal is to interact with the system using the highest user privilege they can reach.

There are other vulnerabilities using different techniques to gain access into this box such backdooring via MySQL injection as well as local file inclusion using PHP session data.

Kioptrix Logo

Hackademic RTB2

Hackademic is the second challenge in a series of ”boot-to-root” operating systems which has purposely designed weakness(es) built into it. The user’s end goal is to interact with system using the highest user privilege they can reach.

Hackademic Logo