Results 1 to 10 of 10

Thread: Penetration Challenge

  1. #1
    Just burned his ISO
    Join Date
    Nov 2009
    Posts
    11

    Smile Penetration Challenge

    Hello all,
    So a professor of my Computer Security course, together with the campus IT director, have offered my class a challenge. They've placed a file (aptly named secret.txt) with a secret word/phrase/something in a protected folder, and are offering extra credit if we can figure out what that word is. We aren't allowed to destroy anything or inhibit use of the server to other students, but past that anything (sans physical coercion and blackmail) goes.

    The server is running SunOS 5.9. The folder, and all files within it that I know of, have 700 permissions, and both accounts I have access to are in the students group, whereas he's in the faculty group. We can print the shadowed /etc/passwd, but permission is denied to read or copy /etc/shadow.

    We'll get credit whether we get caught or not, but ideas that get the secret word without alerting anybody are preferable. I'm familiar with unix/linux, but not so much with penetrating it. I come to you asking for advice and guidance in things to learn about that would aid me in this endeavor.

    Thank you

  2. #2
    Moderator fancy's Avatar
    Join Date
    Jan 2010
    Posts
    204

    Default

    Oh my goodness!
    ........now we've been downgraded to a homework forum

  3. #3
    Just burned his ISO
    Join Date
    Nov 2009
    Posts
    11

    Default

    Sorry, let me rephrase then. I have some proprietary information stored in a private folder on a sun server. What are the most common attacks that I need to start working on defending against?

  4. #4
    Junior Member azagorath's Avatar
    Join Date
    Mar 2008
    Posts
    44

    Default

    privilege escalation is the way to go but to do it you will need to exploit the system , iam not sure if you allowed to do so
    Knowledge is Power

  5. #5
    Junior Member
    Join Date
    Sep 2009
    Posts
    43

    Default

    just give a gold handshake to your teacher.

  6. #6
    Just burned his ISO
    Join Date
    Nov 2009
    Posts
    11

    Default

    Privilege escalation isn't a problem. For the sake of ideas, assume nothing is a problem. I'm interested in learning about this for more than just the sake of the class. The only methods of privilege escalation I know of require physical access though (single user mode, livecds, etc), and neither account I have access to has any sudo privileges.

  7. #7
    Junior Member
    Join Date
    Sep 2009
    Posts
    43

    Default

    that's why its called "escalation"

    Do you have physical access to it?

  8. #8
    Member MosGuy's Avatar
    Join Date
    Jan 2010
    Location
    Ontario, Canada
    Posts
    120

    Default

    What is with all these "computer security" course posts flooding the BT forums lately. If you're taking a course surely the professors are teaching you the skills to figure out these "challenges" yourself. If they aren't, the course isn't very good. Or if students feel they need to come to a 3rd party site and get others to spoon feed ideas. If one can't research, google & learn on your own. You likely won't get very far in the field. I would talk to the professor, if you lack the basic knowledge to attempt the challenge. As the concepts to attempt it, or arming you to research on your own should certainly be covered. You may want to form a student group to share ideas to help each other out. If you spent time on Google, all the information and methodology are out there. Someone really needs to talk to these teachers. It appears these security courses are sorely lacking

  9. #9
    Just burned his ISO
    Join Date
    Nov 2009
    Posts
    11

    Default

    @mortis: No physical access to the server, just to machines the professor uses (we're working on a hardware keylogger).

    @MosGuy, I understand what you mean and wish the course were more specific like that, but as it is, this class is covering the abstract concepts of computer security and infosec. He talks more about how you have to think about the various forms of protection (personnel, physical, emissions, etc) than about specific ways to exploit a system. Researching/googling on my own is generally how I've done this, but asking on a forum full of people who already understand the concepts seems like a reasonable way to get pointed in the right direction (when they're willing to point). Often times I understand a concept but googling it becomes largely a waste of time until I know the common terminology used (i.e. Evil Twin networks).

    All of that said, I'm more familiar with with network exploitation than system exploitation. I've dabbled in exploits such as buffer/stack overflows, but never anything enough to get a grasp on the best way to go about this. I've also gone through and tried all the Solaris 9 exploits from milworm without success (sans a memory dump one which I have running periodically in a perl script and checking for the filename). If anyone is willing, what would you pursue next?

  10. #10
    Member
    Join Date
    Mar 2010
    Location
    /dev/null
    Posts
    455

    Default

    I second MosGuy : if you know and understand how to prevent attacks (what you are supposed to be taught), you also know how to perform those attacks... If you are not able to figure out what you can do and how, I hardly see how you can even call it a "Computer Security course"...

    By the way, you don't give any interesting information.Would we want to write something to help you, we couldn't.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •