OWASP TOP 10 Hands-On Training

with Hacking-Lab

Ivan Bütler, E1
Compass Security AG
ivan.buetler@csnc.ch
Goal of this Session

Find out if *YOU* feel like using Hacking-Lab as a free

OWASP TOP 10 training platform
Bloom‘s Taxonomy

Historically, discussions about student learning have been guided

by a taxonomy of learning that has come to be known as
Bloom’s taxonomy

Hacking-Lab Goal:
*Reach the Apply Level*

© Compass Security AG www.csnc.ch Slide 3

Hacking-Lab Components
Hacking-Lab Architecture

LiveCD PUBLIC
www.hacking-lab.com

OpenVPN
*VULN APP*

© Compass Security AG www.csnc.ch Slide 5

STEP 1: Vulnerable Services
Hacking-Lab provides free *vulnerable* services

OpenVPN
*VULN APP*
Screenshots of the *VULN APPS*

© Compass Security AG www.csnc.ch Slide 7

Details of the *VULN APPS*

Glocken Shop (Cow-Bell Shop == MADE IN SWITZERLAND)

Includes all TOP 10 vulnerabilities

Core of the Web Hacking Challenges

Java based (Apache, Tomcat, MySQL)

ASProxy

IIS Webserver + ViewState vulnerabilities

Glocken Franz

Second Order Injection Host

SOAP Interfaces (WSDL Security Challenges)

MySpace

Used for XSS worm development

Oracle Suite

Advanced Oracle SQL Injection Attacks (Alexander Kornbrust)
© Compass Security AG www.csnc.ch Slide 8
Supported Web Hacking Cases

 SQL Injection (simple, blind, advanced)

 XSS (stored, reflected, worm development)

 XSRF

 JSON Hijacking

 Applet Hacking, ActiveX Exploitation, Flash Exploitation

 Malicious BHO / FF Plugin (Observation Plugin)

 Authorization Bypass, Session Fixation

 XML Attacks / External Entity Attack / Xpath Attack

 ASP.NET ViewState & JavaScript Malware Analysis

© Compass Security AG www.csnc.ch Slide 9

Current Development

 HTML5 Security Challenges

 SAML/SAML2

 Hardened Browser (Copy & Paste Protection)

 Mutual Authentication Bypass

© Compass Security AG www.csnc.ch Slide 10

Step 2: Client Workstation

Hacking-Lab provides a
free HL LiveCD

„Standardized client
environment for the
students in HL“
Virtual Box Appliance or ISO Image (Ubuntu based)

http://media.hacking-lab.com/largefiles/livecd/
© Compass Security AG www.csnc.ch Slide 12
LiveCD Desktop (OpenVPN ready)

© Compass Security AG www.csnc.ch Slide 13

LiveCD Help with local DokuWiki page

© Compass Security AG www.csnc.ch Slide 14

Do you *think* this is enough?

No!!!!! This or something similar is

available everywhere online!
What makes the *difference* ?

STEP 3
The *difference* makes the
<management application>
The *best* way to explain Hacking-Lab
is to show Hacking-Lab

1) First: I will show you some basics

2) Second: You can play around
Hacking-Lab Roles

 Student Choose lab case (theme, subject)

Solve lab cases
Submit solution to teacher
Wait for the ranking

 Teacher Compile lab case list (event)

Verify solutions from student
Give points -> ranking
Explain solution -> movie

© Compass Security AG www.csnc.ch Slide 19

Solution Management Application (Teacher View)

© Compass Security AG www.csnc.ch Slide 20

Goodie A: Solution Movie for the Teacher

Insert screenshot here

© Compass Security AG www.csnc.ch Slide 21

Goodie B: OWASP Theory Modules

Insert screenshot herer

© Compass Security AG www.csnc.ch Slide 22

Hacking-Lab Certification Programm

© Compass Security AG www.csnc.ch Slide 23

Hacking-Lab Availability
Considerations

Is Hacking-Lab an *approved* service?

Hacking-Lab is providing the CarGame Challenges

© Compass Security AG www.csnc.ch Slide 25

Hacking-Lab Experience

2007: Swiss Cyber Storm 1

100 concurrent users

2009: Swiss Cyber Storm 2

150 concurrent users

2011: Swiss Cyber Storm 3 (CarGame, May 12-15, 2011)

Expecting 250 concurrent users

Since 2010: University FH Giessen (Germany)

Basic Web Hacking Course

Advanced Web Hacking Course

EURO 3000.-- / year (unlimited users)

© Compass Security AG www.csnc.ch Slide 26

Wrap-Up
What was the Goal of this Session?

Find out if *YOU* feel like using Hacking-Lab as a free

OWASP TOP 10 training platform
Important Details about Hacking-Lab

 Hacking-Lab supports ALL OWASP TOP 10 issues

 Hacking-Lab is a *Service* not a binary or tarball

 Hacking-Lab offers OWASP the opportunity to setup a free

OWASP TOP 10 training programm world-wide

 OWASP can benefit from the certification program. OWASP can

setup their own rating/ranking/evaluation criteria

 That‘s it – make your decision!

 Let‘s talk about yes/no and if yes about the details

 THANK YOU MATT FOR BEING THE MEETING MINUTES

WRITER AND LINK TO THE BOARD

© Compass Security AG www.csnc.ch Slide 29

Now YOU can play with HL
Register for one or both free events below

OWASP SBS Event ALL (SBS)

http://www.hacking-lab.com/sh/8BX0psX

CarGame Challenge (WARGAME)

http://www.hacking-lab.com/sh/aBpKnVH

Use the LiveCD to give it a try

DVD‘s available here (Ivan)

Preferred solution: VirtualBox Appliance

http://media.hacking-lab.com/largefiles/livecd/

© Compass Security AG www.csnc.ch Slide 31