http://www.de-ice.net/

A great way to practice your pentesting skills.

Please note: you'll have to register at the forums there to get the download links for the ISOs.

Discuss your methods, successes and failures at their forums, but feel free to post them here too. Please indicate spoilers, if you include them, by making a proper notation at the beginning of your post.

I'm currently working on PenTest Lab Disk #1.100.

The gentleman that created these live CDs will be presenting at Defcon (http://www.defcon.org/html/defcon-15/dc-15-speakers.html#Wilhelm) in August.

Download:
Disk 1.100 - http://de-ice.net
Disk 1.110 - http://de-ice.net

gozar,

Great heads up thanks :D

Downloading now 31%

But what did you have to go and ask that question for, before reading the forms :eek: Can you imagine what would have been said if it had of been here ;)

shame I've gotta go before I even get a sniff of a look at them.

thinking out loud here 1 PC VMware = sorted.

38% arghhh gotta get gone.

have fun and good luck

delete the links and give the guy the support he deserves :(

Download:
Disk 1.100 - http://de-ice.net
Disk 1.110 - http://de-ice.net

gozar,
While I appreciate the links, I want people to support the de-ice forums and not just directly download from here. Posting the links violates the spirit of what he's trying to do there...

Good move theprez98 :D That puts the "ETHICAL" back into it and these forums

got the "1.100" running in vmware, "banging my head..." like he said :D

got the "1.100" running in vmware, "banging my head..." like he said :D
I estimate that I'm close to being finished with 1.100, but the last part is killing me.

Take it these are proper 'Live Cd's? In other words, that you can boot from them?

Thx.

Not that I'm disrespecting the site, as I'm sure its new, but yea..I looked at the site, created an account...but nothing really looked interesting to me. If you guys like it, thats cool. But its not for me. Sorry, its just not my cup of tea. Just my $0.02 worth of criticism.

Take it these are proper 'Live Cd's? In other words, that you can boot from them?

Thx.
The point is to boot up the CD on a computer, and then that computer becomes the target. It gives you a target to pentest without having to configure everything by yourself.

Not that I'm disrespecting the site, as I'm sure its new, but yea..I looked at the site, created an account...but nothing really looked interesting to me. If you guys like it, thats cool. But its not for me. Sorry, its just not my cup of tea. Just my $0.02 worth of criticism.

im going to try it when I get home from work. The only problem is that in the scenario its saying its a old server which is not really realistic unless you live in budapest or somthing. I will post my results

Not that I'm disrespecting the site, as I'm sure its new, but yea..I looked at the site, created an account...but nothing really looked interesting to me. If you guys like it, thats cool. But its not for me. Sorry, its just not my cup of tea. Just my $0.02 worth of criticism.
The site itself is just support for the project, which is new. The CDs themselves are the real meat of the project.

im going to try it when I get home from work. The only problem is that in the scenario its saying its a old server which is not really realistic unless you live in budapest or somthing. I will post my results
Actually, most of the services are reasonably new versions. You won't have to do any hardcore exploits to get past it, though. There are hints...somewhere. :-)

The site itself is just support for the project, which is new. The CDs themselves are the real meat of the project.

I don't know...maybe Ill d/l the disk and try them. Couldn't hurt I suppose. So let me get this straight. I got 2 laptops and one Desktop. Can I run these disk on my windows only desktop? Or do I have to use one of my laptops for the disk? If loaded on one of my laptops.. I then try to attack..or "pen test" my laptop with the live disk on them...with my BT2 laptop?? Correct? After looking at the site..there seems to be some specific network tweaking..so if you think i can benefit from it prez..I suppose Ill try it out. But I have a very pessimistic outlook at this already cause they want you to "hack" their cd before you can even log into the CD,.... supposedly sing BT2...I wasn't aware BT2 had CD cracking software on it..lol

I don't know...maybe Ill d/l the disk and try them. Couldn't hurt I suppose. So let me get this straight. I got 2 laptops and one Desktop. Can I run these disk on my windows only desktop? Or do I have to use one of my laptops for the disk? If loaded on one of my laptops.. I then try to attack..or "pen test" my laptop with the live disk on them...with my BT2 laptop?? Correct? After looking at the site..there seems to be some specific network tweaking..so if you think i can benefit from it prez..I suppose Ill try it out. But I have a very pessimistic outlook at this already cause they want you to "hack" their cd before you can even log into the CD,.... supposedly sing BT2...I wasn't aware BT2 had CD cracking software on it..lol

the way I understood it when you boot the cd on your desktop it becomes whatever OS that the cd is configured to with a internal Ip of 192.168.1.100
So I guess you would have to go to your bt computer and hydra using root as the username . Im not understanding how that is done but i just downloaded it and when I get home Ill try it

Can I run these disk on my windows only desktop?
Yes, that's what I do. With very little configuration of your router, the desktop IP becomes 192.168.1.100 and is now your target.

Use BT2 to pentest the desktop. Everything you need is included with BT2.

Yes, that's what I do. With very little configuration of your router, the desktop IP becomes 192.168.1.100 and is now your target.

Use BT2 to pentest the desktop. Everything you need is included with BT2.


Ok then,

I'll give it a shot sometimes today I suppose.

I'm still trying to get the discs to download, the download keeps failing at about 15Mb.

Might try a download manager. I downloaded it with leechget on my windows pc, and no Probs.

Grendel has put some torrents up, I'm downloading now and will be seeding them all night.

Can anyone suggest a "live cd dhcp server" so as this can all be run VM ?

I have got a trip away over the weekend and would like to be able to take this all with me in an easily portable way.

I suppose that it doesn't have to be a live cd just so long as it is small and self contained as it is to be run in a VM

And it must be free as this will be its only purpose.

If I had thought before I posted I would have realised that the cd uses a static ip and as long as i assign a static ip address within the range there is no need for a dhcp server.

I guess thats what happens when you think too complicated instead of KISS and trying to keep to the scenario and test environment as closely as possible.

Moral: Read first, Think Second, Read again, Think again, Read again and finally ask questions.

These challenges are very good for learning different methods of pen testing.