OWASP TOP 10 Hands-On Trainingwith Hacking-Labwith Hacking-Lab

Ivan Bütler, E1

Compass Security AG

ivan.buetler@csnc.ch

Goal of this Session

Find out if *YOU* feel like using Hacking-Lab as a free OWASP TOP 10 training platform

Bloom‘s Taxonomy

Historically, discussions about student learning have been guided by a taxonomy of learning that has come to be known as Bloom’s taxonomy

© Compass Security AG Slide 3www.csnc.ch

Hacking-Lab Goal:*Reach the Apply Level*

Hacking-Lab Components

Hacking-Lab Architecture

PUBLICwww.hacking-lab.com

LiveCD

© Compass Security AG Slide 5www.csnc.ch

OpenVPN*VULN APP*

STEP 1: Vulnerable Services

Hacking-Lab provides free *vulnerable* services

OpenVPN*VULN APP*

Screenshots of the *VULN APPS*

© Compass Security AG Slide 7www.csnc.ch

Details of the *VULN APPS*

Glocken Shop (Cow-Bell Shop == MADE IN SWITZERLAND)� Includes all TOP 10 vulnerabilities

� Core of the Web Hacking Challenges

� Java based (Apache, Tomcat, MySQL)

ASProxy� IIS Webserver + ViewState vulnerabilities

© Compass Security AG Slide 8www.csnc.ch

Glocken Franz� Second Order Injection Host

� SOAP Interfaces (WSDL Security Challenges)

MySpace � Used for XSS worm development

Oracle Suite� Advanced Oracle SQL Injection Attacks (Alexander Kornbrust)

Supported Web Hacking Cases

� SQL Injection (simple, blind, advanced)

� XSS (stored, reflected, worm development)

� XSRF

� JSON Hijacking

© Compass Security AG Slide 9www.csnc.ch

� Applet Hacking, ActiveX Exploitation, Flash Exploitation

� Malicious BHO / FF Plugin (Observation Plugin)

� Authorization Bypass, Session Fixation

� XML Attacks / External Entity Attack / Xpath Attack

� ASP.NET ViewState & JavaScript Malware Analysis

Current Development

� HTML5 Security Challenges

� SAML/SAML2

� Hardened Browser (Copy & Paste Protection)

� Mutual Authentication Bypass

© Compass Security AG Slide 10www.csnc.ch

� Mutual Authentication Bypass

Step 2: Client Workstation

Hacking-Lab provides a free HL LiveCD

„Standardized client environment for the students in HL“

Virtual Box Appliance or ISO Image (Ubuntu based)

© Compass Security AG Slide 12www.csnc.ch

http://media.hacking-lab.com/largefiles/livecd/

LiveCD Desktop (OpenVPN ready)

© Compass Security AG Slide 13www.csnc.ch

LiveCD Help with local DokuWiki page

© Compass Security AG Slide 14www.csnc.ch

Do you *think* this is enough?

No!!!!! This or something similar is available everywhere online!

What makes the *difference* ?

STEP 3

The *difference* makes the <management application> <management application>

The *best* way to explain Hacking-Lab is to show Hacking-Lab

1) First: I will show you some basics

2) Second: You can play around

is to show Hacking-Lab

Hacking-Lab Roles

� Student Choose lab case (theme, subject)Solve lab casesSubmit solution to teacherWait for the ranking

© Compass Security AG Slide 19www.csnc.ch

� Teacher Compile lab case list (event)Verify solutions from studentGive points -> rankingExplain solution -> movie

Solution Management Application (Teacher View)

© Compass Security AG Slide 20www.csnc.ch

Goodie A: Solution Movie for the Teacher

Insert screenshot here

© Compass Security AG Slide 21www.csnc.ch

Goodie B: OWASP Theory Modules

Insert screenshot herer

© Compass Security AG Slide 22www.csnc.ch

Hacking-Lab Certification Programm

© Compass Security AG Slide 23www.csnc.ch

Hacking-Lab Availability Considerations

Is Hacking-Lab an *approved* service?

Considerations

Hacking-Lab is providing the CarGame Challenges

© Compass Security AG Slide 25www.csnc.ch

Hacking-Lab Experience

2007: Swiss Cyber Storm 1� 100 concurrent users

2009: Swiss Cyber Storm 2� 150 concurrent users

© Compass Security AG Slide 26www.csnc.ch

2011: Swiss Cyber Storm 3 (CarGame, May 12-15, 2011)� Expecting 250 concurrent users

Since 2010: University FH Giessen (Germany)� Basic Web Hacking Course

� Advanced Web Hacking Course

� EURO 3000.-- / year (unlimited users)

Wrap-Up

What was the Goal of this Session?

Find out if *YOU* feel like using Hacking-Lab as a free OWASP TOP 10 training platform

Important Details about Hacking-Lab

� Hacking-Lab supports ALL OWASP TOP 10 issues

� Hacking-Lab is a *Service* not a binary or tarball

� Hacking-Lab offers OWASP the opportunity to setup a freeOWASP TOP 10 training programm world-wide

© Compass Security AG Slide 29www.csnc.ch

� OWASP can benefit from the certification program. OWASP can setup their own rating/ranking/evaluation criteria

� That‘s it – make your decision!

� Let‘s talk about yes/no and if yes about the details

� THANK YOU MATT FOR BEING THE MEETING MINUTES WRITER AND LINK TO THE BOARD

Now YOU can play with HL

Register for one or both free events below

OWASP SBS Event ALL (SBS)

http://www.hacking-lab.com/sh/8BX0psX

CarGame Challenge (WARGAME)

© Compass Security AG Slide 31www.csnc.ch

CarGame Challenge (WARGAME)

http://www.hacking-lab.com/sh/aBpKnVH

Use the LiveCD to give it a try� DVD‘s available here (Ivan)

� Preferred solution: VirtualBox Appliance

� http://media.hacking-lab.com/largefiles/livecd/