Best Linode Distro for Demonstrating Exploits?
From: Dan Mailman ------------------------------------------------------ I'm looking for the best linode distro for demonstrating security exploits. This URL shows the Linux Distributions available on Linode. https://www.linode.com/distributions/ I have to do a school project to demonstrate successful and thwarted exploits. This is the exploit list: 1. SQL Injection (SQL and NoSQL) 2. Denial of Service 3. Exploiting Unpatched Services / DB Vulnerabilities 4. Brute-Force Cracking 5. Exploiting Unused/Unnecessary Database Services 6. Unencrypted Sensitive Data At-Rest an In-Motion 7. Buffer Overflows Any advice on distros or other resources the would be appreciated. -Dan=============================================================== From: Nick Smith ------------------------------------------------------ Kali will have everything you need and then some.
=============================================================== From: Dan Mailman ------------------------------------------------------ Hi Nick, Thanks for your quick response! Unfortunately, kali is not on the distro list for linode. If you get a chance to look through the linode distro list from the URL I posted, please let me know? Best, Dan
=============================================================== From: Stephen Haywood ------------------------------------------------------ Your best bet is to pick a distro you are familiar with and install vulnerable software on it. You will have to manually install the software because the package manager will have the fixed versions. Take a look at the following: Metasploitable on Ubuntu: https://www.thomaslaurenson.com/blog/2018/07/03/metasploitable3-building-the-ubuntu-linux-version/ Damn Vulnerable Web App: http://www.dvwa.co.uk OWASP Juice Shop: https://owasp.org/www-project-juice-shop/ You can look for particular exploits onExploitDB https://www.exploit-db.com and download the vulnerable software as well. Thanks, Stephen -- Stephen Haywood OSCP, OSCE 423.305.3700