Intercept Attack Plans-Operation Desert Whale-Mission 3
Scenario Overview:
Russia has deployed their new stealth fighter in the middle east. Intelligence estimates suggest that this deployment is a prelude to an imminent strike against US assets in the region. Before we take retaliatory measures, we need to verify the Russian Squadron's mission objectives. Their hardened cyber infrastructure makes it unlikely that an existing exploit will work. Intelligence reports suggests that there are known vulnerabilities in the base network and there are areas that can be exploited to gain access through buffer overflow type attacks.
How to be Successful:
The learner will use a low privilege account located on the Russian base commanders' workstation, escalate privileges to root by building a buffer overflow exploit and attain access to his mission objectives file. If the Russians detect your presence, they'll likely disconnect and air gap their system, so this is the one chance we've got.
What should you know prior:
Learners should be familiar with shell code injection, non-executable(NX) stack or address-space layout randomization (ASLR) and Stack Return Oriented Programming (ROP)Load Time |
Easy: 5 min Medium: 5 min |
Time Limit | 8 hrs |
# of Tasks | 4 |
Hints | Yes |
Save Session | Yes |
Team Based | Yes |
Scenario Overview:
Russia has deployed their new stealth fighter in the middle east. Intelligence estimates suggest that this deployment is a prelude to an imminent strike against US assets in the region. Before we take retaliatory measures, we need to verify the Russian Squadron's mission objectives. Their hardened cyber infrastructure makes it unlikely that an existing exploit will work. Intelligence reports suggests that there are known vulnerabilities in the base network and there are areas that can be exploited to gain access through buffer overflow type attacks.
How to be Successful:
The learner will use a low privilege account located on the Russian base commanders' workstation, escalate privileges to root by building a buffer overflow exploit and attain access to his mission objectives file. If the Russians detect your presence, they'll likely disconnect and air gap their system, so this is the one chance we've got.
What should you know prior:
Learners should be familiar with shell code injection, non-executable(NX) stack or address-space layout randomization (ASLR) and Stack Return Oriented Programming (ROP)Load Time |
Easy: 5 min Medium: 5 min |
Time Limit | 8 hrs |
# of Tasks | 4 |
Hints | Yes |
Save Session | Yes |
Team Based | Yes |