01/14/2016
In this article, we will setup an older GNU/Linux system(s) where the software tools can be tested and simple exploits can be run. All of the *Nix sections are built off of Exploit.Education and OpenSourceSecurity. Though a number of additional materials supplement these systems.
Andrew Griffith created 3 systems that slowly build the skills needed to exploit older style GNU/Linux systems. These skills are the basis of all future work, with the techniques only modified to work against mitigations like ASLR DEP etc. The systems may be found here.
The first system that should be installed is Nebula.
Nebula has 20 levels that should be completed before moving to Protostar. These privilege escalation techniques, and general weaknesses in Linux are excellent to get you into thinking like an attacker. Some of these exercises are tricky. Only refer to the walk throughs when absolutely necessary.
The remaining course/articles will use Protostar and Fusion for the labs and home works. In addition to this, the articles will use material developed here. This is Open Security Training and has approximately 63 days worth of training. The issue here is the material is very long but well done. It is also somewhat dated, having been done in 2011.
The Life of Binaries, Exploits 1 and Exploits 2 are excellent courses. Several examples will be used from this site, including some of the Linux systems from Exploits 1 and 2.
Now that Prostar, Nebula and Fusion are installed or at least downloaded and ready to be installed, we will continue on with the basics of C and Assembly.