We have thousands of sophisticated and highly advanced cybersecurity challenges in our Cyber Range. The Cyber Range Sphere is available to RCCE Level 2 students.
You can try these free labs online. Launch the labs directly from your web browser. Use Chrome to access these labs.
Challenge 1
Launch SQL Injection, LFI, RFI and broken access controls attacks. Compromise mysql database, ssh and web servers. Break web applications. Use lynx browser to access the web sites.
Scan and identify Vulnerable and outdated open source components. If the program is insecure, unsupported, or outdated, there may be vulnerability-related hazards.
As more sensitive information is stored in databases, vulnerable to security breaches, data integrity concerns become essential for software. Launch sqlite and encrypt the databases and tables.
Path traversal unsafe deserialization flaws can be introduced when languages and frameworks allow untrusted serialized data to be expanded into an object, often when web applications are communicating user or saving application state.
Sensitive data exposure issues can be introduced when applications access unencrypted data, particularly personally identifiable information (PII) and other regulated data types.
Implement Intrusion Detection and Intrusion Prevention using snort network sniffer. Log them to a file for later analysis. Configure the standard OWASP snort rules.
Check the system for vulnerabilities and publicly available exploits run chkrootkit. Use splint to check C programs for security vulnerabilities and coding mistakes. Use lynis to audit the Linux system.
Launch nmap scans and ARP protocol to discover and fingerprint IP hosts on the local network. Use arp-scan. Detect Port scans using portsentry. Run ZMAP to scan the entire IPv4 address space. Run sshguard to protect the server from brute-force attacks.
Run web based phproxy to proxy local connections to the Internet bypassing firewalls. using corkscrew tunnel SSH connections through proxies. Tunnel (ptunnel) TCP using ICMP echo requests. Use proxytunnel to reach outside destinations.
Launch Ransomware attacks. Compile encrypt/decrypt C++ code. See how the attacks works in real time. Work with encryption keys and bitcoin payment requests.
Assemble and disassemble software programs, executables using Radare2. Extract information like relocations symbols, and various other types of data. Edit files on local hard drives, view kernel memory, and debug programs locally or via a remote gdb server.
Conduct forensics investigations using dcfldd, sleuthkit and TSK. Examine several filesystems such as NTFS, FAT, exFAT, HFS+, Ext3, Ext4, UFS and YAFFS2.
Dovecot is a Mail Delivery Agent, written with security primarily in mind. IMAPS and POP3S are more secure because they use SSL encryption to connect. Configure IMAP(143) IMAPS(993) and POP3S(995). Use mailx and mutt to send send/receive messages. Install dovecot self-signed SSL certificates and create rocheston mailboxes.
DansGuardian is a web content filter that blocks content of pages based on phrase matching, PICS filtering and URL filtering. Configure and run DansGuardian with Squid proxy.
Wordpress is a web content management platform. Launch Wordpress and upload malware plugins and php backdoors. Create stealth hidden malicious Wordpress accounts.
Build and manage PKI CA using easy-rsa. create a root certificate authority and request and sign certificates including intermediate CAs and certification revocation lists (CRL).
Setup a fake DNS server with dnsmasq. Provide fake domain mapping to phishing attack targets. Trace a chain of DNS servers to the source using dnstracer. Use dnstop to display DNS traffic on the network.
Recover deleted files from an ext3 and ext4 partitions using extundelete. Create a fakeroot environment for honeypot activities. Perform data carving using foremost and whdd.
GlusterFS is a scale-out network-attached distributed storage filesystem. It is used in cloud computing, streaming media services, and content delivery networks. Configure and launch GlusterFS.
Tcpcrypt is a protocol that attempts to encrypt (almost) all of your network traffic. Provides encryption to any application using TCP. Configure tcpcrypt and inspect the network traffic using tcpdump and rcpreplay.
Nikto is a free software command-line vulnerability scanner that scans webservers for dangerous files/CGIs, outdated server software and other problems. It performs generic and server type specific checks. Launch nikto.
RSB Reverse Shell Backdoor is a framework to control infected machines with network interactions. It's capable of sending files, run programs in the background, take screenshot, etc. Launch this tool.
A STUN (Session Traversal of User Datagram Protocol [UDP] Through Network Address Translators [NATs]) server allows NAT clients (i.e. IP Phones behind a firewall) to set up phone calls to a VoIP provider hosted outside of the local network. Setup and configure STUN server.
Session Commands S: List sessions. $: Rename current session. D: Detach current session. Ctrl+B, and then ?: Display Help page in tmux.
Window Commands C: Create a new window. ,: Rename the current window. W: List the windows. N: Move to the next window. P: Move to the previous window. 0 to 9: Move to the window number specified.
Pane Commands %: Create a horizontal split. “: Create a vertical split. H or Left Arrow: Move to the pane on the left. I or Right Arrow: Move to the pane on the right. J or Down Arrow: Move to the pane below. K or Up Arrow: Move to the pane above. Q: Briefly show pane numbers. O: Move through panes in order. }: Swap the position of the current pane with the next. {: Swap the position of the current pane with the previous. X: Close the current pane.
Midnight Commander Window Manager
Launch with mc command. Use [alt] key to access menu.
