Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

I feel like this isn\'t the best place to ask this (since there\'s no single rig

ID: 659811 • Letter: I

Question

I feel like this isn't the best place to ask this (since there's no single right answer), but I can't think of a better place. If you have a better recommendation, could you please recommend it and I can move the question rather than just having it closed outright?

I'm teaching a class of high-school students about general Linux security. At a high level I want them to be able to take a given Linux server and know how to harden it against common security issues - e.g. closing old accounts, using a strong pw hashing algorithm, make sure no strange processes are running or run at boot. Their skill-level is a broad range, and I'm looking for ways to motivate them to use what we've been discussing (e.g. look at crontab; look at users and group configurations; look at open ports).

I have been given $200 to hold a competition to encourage them, and I thought maybe I could purchase a bunch of Amazon gift cards in $10 increments. The idea would be to "hide" the redemption codes in various places on our sandbox server for the kids to find. For example, I could store the passwords in plaintext, and have one of the example user accounts assigned a password of one of the codes. Or maybe I could set up a cron job to log one of the codes to a system log every 30 seconds.

What I'm looking for is places/methods to hide these codes such that someone looking to secure the server would stumble across them.

Thanks!

Explanation / Answer

Setting up system to be hacked and judging the results is commonly known as a Capture The Flag (CTF). There are a lot of open source CTFs out there, root-the-box is a great CTF that focuses more on post-exploitation and has puzzles for neophytes. There is also Damn Vulnerable Linux, which is an educational tool.

A more simplistic CTF would be to have Easter-eggs in the form of user accounts which could be obtained using the following attacks. I chose the following three because I have seen them int he real world:

setuid backdoor to obtain privileges as root or another user. Or more complex variants such as attacks using mount.

Cracking the [shadow file or a htpasswd file with john the
ripper.

Reading a plaintext password stored in ~/.bash_history file.

In a real world situation the above attacks would take place in post-exploitation. Penetration testers and blackhats will use tools like Metasploit's post exploitation modules, Weevly, and Veil-Pillage to help automate this process.

Related Questions

I double the voltage across the ends of a resistor. How will this change the val
Question #2278413
I download a large file of data regularly from the internet that comes in a .csv
Question #3562322
I downloaded a pdf earlier, and I was trying to send it to my friend, but gmail
Question #656758
I draft letters that have the same basic language but with a few variations for
Question #657257
I drew perpendiculars of the velocity vectors forv A and v B which intersected a
Question #1815896
I drive in my car at V_L = 18 m/s down a road. Two motorcycles are also driving
Question #1512586
I drive in my car at V_L = 18 m/s down a road. Two motorcycles are also driving
Question #1518615
I drive in my car at V_L=18 m/s down a road. The motorcycles are also driving do
Question #1517605

Navigate

Previous
I feel like this is fairly obvious, but I can\'t seem to proveit. Let X and Y be
Next
I feel that my answer is not complete! Is the last answer correct ad well? umews

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.