Introduction
My internship at The Leahy Center is all about building a cyber range. In short, a cyber range is a network that contains vulnerable machines. This can help students in the Ethical Hacking class to practice what they’re learning. My main job is to work with my team to create and test these machines before deploying them to the main network.
My Work In-Depth
For the past few weeks, I have been working on updating the old machines from last semester and also creating new ones. There are a couple of ways to create these vulnerable machines. One option is to install an old application that is known to be vulnerable to a specific bug onto the machine. Another option is to create something custom, specifically something that is related to web applications and Active Directory. For the first method, we usually use the applications that are found in ExploitDB as they will contain the exploit and the vulnerable app.
The first method is easier as you only need to find a good application and test it yourself. The second method is what I usually like to explore. You can create new ideas that the student will gain more experience from trying to hack. One of the web application security machines that I worked on had a misconfigured PHP code, meaning you were able to use one of the parameters to execute commands on the local system. Here is a sample of that PHP code:
| <?php system($_GET[‘exec’]) ?> |
The sample code above was inside a file called “me.php.” This means we can call this file by going to (http://IPAddress/me.php). So to be able to abuse this file we will call the parameter (exec) which we can then supply our commands to (http://IPAddress/me.php?exec=whoami).
I also started working on building the Active Directory network, which, in my opinion, will be the most enjoyable and challenging task. Here is a picture of how BloodHound, a tool we are using to finish this network:
Reflection
While I have a good understanding of how most of the cyber ranges I’ve worked on operate, I didn’t really have the chance to build them, specifically the Active Directory one.
I only had the knowledge of attacking them, but I found out that creating the range is really enjoyable and can make you learn stuff that you might have missed when you attack them.
You can check out more of my internship experience through the blogs on my website.
Stay up to date with Twitter, Instagram, Facebook, and LinkedIn so you always know what we’re up to!
Mohammed Hussein ‘25 // Cyber Security & Digital Forensics