Continuing with our series on testing vulnerable virtual machines, in this article we will see a walkthrough of an interesting VulnHub machine called Brainpan. This is Part 1 of this article, where we will look into the getting the user-level reverse shell.
Note: For all these machines, I have used VMware Workstation to provision VMs. Kali Linux VM will be my attacking box. Also, the techniques used are solely for educational purposes. I am not responsible if the listed techniques are used against any other targets.
Download Link: https://www.vulnhub.com/entry/brainpan-1,51/
VM Details – From the Author
- By using this virtual machine, you agree that in no event will I be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of or in connection with the use of this software.
- TL;DR: If something bad happens, it’s not my fault.
Brainpan has been tested and found to work on the following hypervisors:
– VMware Player 5.0.1
– VMWare Fusion 5.0
– VirtualBox 4.2.8
Import Brainpan into your preferred hypervisor and configure the network settings to your needs. It will get an IP address via DHCP, but it’s recommended you run it within a NAT or visible to the host OS only since it is vulnerable to attacks.
1. Download the Brainpan VM from above link and provision it as a VM.
2. Following the routine from the series, let’s try to find the IP of this machine using netdiscover. Below, we can see that the IP address is discovered to be 192.168.213.133. [CLICK EACH IMAGE TO ENLARGE]
<<netdiscover -r 192.168.1.0/24>>
3. Let’s perform an (Read more...)
*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Chris Sienko. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/2C77CIyKVo0/