Let’s go Network hunting!

Trivia

  • Terminal-based game in which you will use common network attack vectors and penetration testing methods to analyze and compromise a virtual network.

  • Involves Network Security challenges designed to educate users on packet manipulation and common network attacks.

  • The whole challenge happens over sort of a software defined network(SDN).

  • Originally created by James Sullivan(MIT License), modified by us for a workshop setting.

Network Hunt

  • The network hunt is a simple Software Defined Network
  • The network is completely defined by handcrafted packets using scapy/python which simulates a typical network setup.

The Goal

There is an FTP server somewhere on the network containing a document:

  • Locate the FTP server
  • Connect to the service &
  • Retrieve the file!

Tools

  • scapy
  • nmap
  • wireshark or maybe wireshark
  • telnet/nc
  • dsniff

Concepts

  • Bash terminal-fu
  • Packet capture and manipulation in scapy
  • Packet analysis in wireshark
  • Router modes of operation
  • Network topography, gateways
  • Basic telnet/nc commands

Hints

  • You may need to find a way to see all of the traffic on the network.
  • Other clients on the network might give you useful clues, if you can coerce them.
  • The target will most likely be isolated from the immediate local network, and will have some preferred clients.

Choose your difficulty

In general the goal is to retrive FTP payload from the target system. You choose how difficult/challenging you want this exercise to be.

Mega Pwn

Run the script, crack the challenge without looking at any further hints/tasks.

Full Pwn

Run the script, read through the tasks mentioned below for help and crack the challange

Medium Pwn
  • Run the script, read through the tasks mentioned below for help.
  • If you still find it challenging(which is fine), ask for the solution file, you’ll be provided with a file that has more in-depth discussion on the steps towards cracking the challenge.
Mini pwn
  • Use the tasks, solutin file and take a look at the challenge source code to understand how things work and crack the challenge.

TASKS

TASK - I

Run the script & find the details about the new interface(ipconfig, route).

TASK - II

Understand the network.

  • Is there any traffic on the network?
  • Are there devices connected to the network? Perform a network sweep?

TASK - III

  • How to gain access to traffic beyond a switch?
  • Think about exploiting the way layer 2 switches operate.

Scapy tips:
- RandMAC() - Generates random MAC addresses.
- RandIP() - Generates random IP addresses.

TASK - IV

  • Were you able to gain access to traffic beyond switch? If so, is there something interesting about the traffic? Is there some strange pattern in the traffic?
    Hint: Port knocking. (Reference docs has more details on what port knocking is)

TASK - V

Did you manage to get access to some service on some machine? try some standard commands for that service to get more hints.

TASK - VI

The target is not in the same sub-network and also accepts connections from only specific machines.How do you compromise the machine?
Hint: ARP MitM

TASK - VIII

Retrive the payload using standard FTP commands.