[Noisebridge-discuss] Security group update
John Menerick
john.menerick at gmail.com
Fri Nov 6 13:58:27 UTC 2009
If anyone cares to join, I will be at NoiseBridge tonight to play on
those machines.
John
On Nov 6, 2009, at 1:45 PM, aestetix aestetix wrote:
> Hey,
>
> The security group hasn't generated much discuss-list activity, but
> we've been working on a few things. Had a couple of lectures (I
> spoke on classical cryptography and cross site scripting, micah has
> given a few chats on networking security and xampp), and some other
> things.
>
> We now have a computer set up at 172.30.1.173 that is hosting a
> bunch of virtual machines. Some of them are CTF images, and a few
> others are very crappy insecure images (Like early versions of
> Windows XP), and last night I built an image that I installed
> apache, mysql, and a few other things on. The idea is that we can go
> through milw0rm and other sites, find exploit code, and test it out
> on a local system. Some people are interested in security but have
> never actually practiced it, and this is a great way to break the ice.
>
> The system currently has Joomla with a plugin or two that is known
> to be insecure. I'll be finding applicable exploit code and putting
> it on the system so people can see how it works. Ideally, we'll have
> a few dozen of these, so anyone who wants can log in, try their
> hand, and then look at the code to see how it works. It has a lot of
> the elements of HackThisSite, but with software that is actually
> running on a lot of servers.
>
> If anyone is interested in contributing to this, join the security
> list!
>
> aestetix
> _______________________________________________
> Noisebridge-discuss mailing list
> Noisebridge-discuss at lists.noisebridge.net
> https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
More information about the Noisebridge-discuss
mailing list