Nebula VM Intro...
I was preparing for class when I recalled that it has been weeks since my first post then I thought to myself it's probably because of school, but remembered something I read in Phineas Fisher's paper "if not you, who? if not now, when?" and hence this post. The truth is during the past weeks I have gathered a lot of content for the blog, I just haven't had the time to properly document and post, so after a lot of thought I have decided to start with a walkthrough of the Nebula VM, there is already a lot of walkthroughs on the internet on this machine, but I thought one extra post won't hurt, moreover my aim is to make my post different from most technical post I have seen online, how do I plan to this? most posts I come across on the internet show how to do something, not why and I think that approach most of the time leaves a beginner confused, therefore what I intend to do on this blog is to show the reader why we do what we do.
Disclaimer: All content on this blog are for educational intent only, but how you choose to use your knowledge is entirely left to you.
About Nebula
From the Author's site:
Nebula takes the participant through a variety of common (and less common) weaknesses and vulnerabilities in Linux. It takes a look at
Disclaimer: All content on this blog are for educational intent only, but how you choose to use your knowledge is entirely left to you.
About Nebula
From the Author's site:
Nebula takes the participant through a variety of common (and less common) weaknesses and vulnerabilities in Linux. It takes a look at
- SUID files
- Permissions
- Race conditions
- Shell meta-variables
- PATH weaknesses
- Scripting language weaknesses
- Binary compilation failures
At the end of Nebula, the user will have a reasonably thorough understanding of local attacks against Linux systems, and a cursory look at some of the remote attacks that are possible.
Lab Setup
- Download Nebula VM (why?): this is the Linux virtual machine containing the exploit exercises we are going solve
- Download & Install VirtualBox (why?): this allows you to run the Nebula VM that you downloaded in the previous step, although there are other options in my experience VirtualBox works well
- Download & install Kali Linux (optional): this machine will be used to solve the exploit exercises
- Host OS: Windows 10
Both Kali Linux and Nebula VM are configured with a Host-Only Virtual Box Network Adapter
PS: this post and the next few posts will be geared towards beginners, if anything is unclear you can always use the comment section or search google
Comments
Post a Comment