As a security professional, you need to know how attackers will exploit system vulnerabilities to gain unauthorized access to your company’s network. The best way to learn hacking techniques is to try them yourself. This method provides a deep understanding of how networked computer systems behave and how best to protect them from attack.

But how can you “practice” breaking into real systems without risking real damage to someone else’s property and potential repercussions for your career? The last thing you want is to have your learning activities mischaracterized as black-hat hacking or to cause real data loss for a reputable organization.

Contents

A Safe Playground for Learning Ethical Hacking

Fortunately, ethical hacking professionals can take advantage of a library of downloadable virtual machines that are ripe for attacking, and 100% safe from those risks. The idea is simple: you run your own copy of a virtual machine that contains some vulnerabilities and then deploy your knowledge and tools to try to gain root access. You can find a catalog of such machines at VulnHub.

What is VulnHub?

VulnHub’s stated goal is to “provide materials that allow anyone to gain practical hands-on experience in digital security, computer software & network administration.” They do this by making virtual machines available to download for free which contain one or more known vulnerabilities that could be exploited by an attacker.

HulnHub.com home page
Example of virtual machines available for download from VulnHub

When you download and run one of VulnHub’s virtual machines on your VMWare or VirtualBox host, it becomes available to you as a “black box” for probing and testing. Machines are vulnerable by design and available in a variety of difficulty levels, so there is something for everyone regardless of your experience in penetration testing. Your goal is to find the vulnerability and exploit it to gain root access.

Difficulty Levels

VulnHub describes their varying degrees of difficulty–from ‘very easy’ to ‘very hard’–according to the types of attacks that would need to be deployed in order to gain root access:

Very Easy

Vulnerability types:

  • Brute force
  • No information needs to be gathered (able to guess) about the target
  • Singe vector for completing the machine
  • Software exploits where code is suitable out of the box (no modifications/alterations required) (e.g. SearchSploit/Metasploit-Framework)
  • SQL injection

Often no need to escalate privileges, as already as the highest user (root access) when getting initial access

Recommended:  8 Best Linux Distros for Hacking, Penetration Testing and CyberSecurity 2022

Easy

Vulnerability types (“Very Easy” as well as the following):

  • Command injection
  • File inclusions
  • Hash cracking
  • Kernel exploits for privilege escalation
  • Very little amount of information needs to be gathered about the target

A single exploit to get initial access, another single exploit for privilege escalation

Medium

Vulnerability types (“Very Easy + Easy” as well as the following):

  • Cross-Site scripting
  • Multiple vectors
  • Software exploits where code requires some modifications/alterations for it to work (e.g. SearchSploit)
  • System administrator knowledge
  • Privilege escalation is required

In order to get root access, you may need to use a few vulnerabilities (short chain)

Hard

Vulnerability types (“Very Easy + Easy + Medium” as well as the following):

  • Encryption
  • Harden/Defense enabled on the Operating System
  • No public software exploits
  • Pivoting
  • Time-based challenge limitations

In order to get initial & root access, having to chain multiple vulnerabilities (long chain)

Very Hard

Vulnerability types (“Very Easy + Easy + Medium + Hard” as well as the following):

  • The Unknown

In order to get initial & root access, having to chain multiple vulnerabilities in various different ways

Ready to learn more about ethical hacking?

If you’re ready to dive in and learn more about ethical hacking techniques you can use against the machines available on VulnHub, I highly recommend the book The Web Application Hacker’s Handbook: Finding and Exploiting Security Flaws by Dafydd Stuttard. You can take the techniques outlined in this book and apply them to the available machines on VulnHub to quickly become skilled at ethical hacking.

2 COMMENTS

LEAVE A REPLY

Please enter your comment!
Please enter your name here