Blog
Jun 27, 2024
Launching New Vulnerable Machines in OCR
Learn about the new vulnerable machines we have added to OCR.
3 min read
At OffSec, our mission with the Offensive Cyber Range (OCR) is to empower penetration testers and offensively minded students by providing them with the best realistic vulnerable machines to hone their skills on.
This week, we are excited to announce the launch of two new vulnerable machines/chains: CVE-2024-2912 and SecuraLyze.
This free-standing machine focuses on a single vulnerability, namely: CVE-2024-2912. This box allows students to explore and understand the intricacies of the recent security flaw and by engaging with this machine, students will:
- Gain hands-on experience with the specific exploitation techniques related to CVE-2024-2912, which is an insecure deserialization vulnerability in the BentoML framework, allowing remote code execution (RCE).
- Enhance their problem-solving skills through practical application and testing.
This Active Directory chain consists of 7 machines and offers a comprehensive and challenging scenario that simulates the complexities found in many of today’s organizational environments.
Key components of this chain’s attack path include:
- Abusing Flaws in Kerberos:
- Explore weaknesses in the Kerberos authentication protocol, and learn to exploit these vulnerabilities to gain unauthorized access.
- Abusing MSSQL Servers:
- Identify and exploit misconfigurations and vulnerabilities in Microsoft SQL Servers.
- Understand the impact of database server vulnerabilities on the overall security posture.
- Analyzing/Spotting Data of Interest in Network Dump Files:
- Develop skills in analyzing network traffic.
- Spot and extract valuable data from network dumps to further the exploitation process.
- Post Exploitation:
- Perform post-exploitation activities to consolidate access and gather intelligence.
- Understand the steps attackers take after gaining an initial foothold.
- Abusing ADIDNS to Add Attacker-Controlled DNS Records:
- Learn techniques for manipulating AD Integrated DNS to add malicious DNS records, as well as understand the implications of DNS manipulation in an AD environment.
- NTLM Relaying:
- Explore NTLM relay attacks to escalate privileges and move laterally within a network.
- Understand how NTLM vulnerabilities can be leveraged for further exploitation.
- DCSync:
- Perform DCSync attacks to replicate domain controller data.
- Learn how attackers use this technique to harvest credentials and compromise the entire AD infrastructure.
This new chain will be particularly valuable for students looking to deepen their understanding of complex attack chains and the real-life issues faced by organizations today.
At OffSec, we have a big mission: to empower individuals and organizations to fight cyber threats with indispensable cybersecurity skills and resources. That means we are committed to providing the tools and resources necessary for all students to excel in their field!
The launch of these new VMs represents our ongoing effort to stay at the forefront of cybersecurity training and to provide invaluable learning opportunities to our customers.
Stay tuned for more updates, and happy hacking!
Cybersecurity leader resources
Sign up for the Secure Leader and get the latest info on industry trends, resources and best practices for security leaders every other week
Latest from OffSec
Enterprise Security
Red Team vs Blue Team in Cybersecurity
Learn what a red team and blue team in cybersecurity are, pros and cons of both, as well as how they work together.
Dec 13, 2024
13 min read
Enterprise Security
Building a Future-Ready Cybersecurity Workforce: The OffSec Approach to Talent Development
Learn all about our recent webinar “Building a Future-Ready Cyber Workforce: The OffSec Approach to Talent Development”.
Dec 13, 2024
4 min read
Enterprise Security
How to Become the Company Top Cyber Talent Wants to Join
Become the company cybersecurity talent wants to join. Learn how to attract, assess, and retain experts with strategies that set you apart.
Dec 4, 2024
5 min read