This document provides instructions for setting up a hack environment using Docker containers. It discusses pros and cons of different options like using a real server, cloud services, or virtual machines. Docker is recommended for its ease of use, templates, and ability to run on multiple platforms. Example Dockerfiles and Docker Compose files are provided to set up environments like IIS, Nginx, LEMP stacks, and vulnerable apps. Specific vulnerabilities like Heartbleed and DHClient RCE are demonstrated using Docker images. Finally, Docker images for security tools like Kali Linux and REMnux are mentioned.
3. # why ~
:~ # Learn system administrator jobs
:~ # Learn offensive and defensive
• Do PoC from public exploit
• Analysis vulnerabilities and analysis
• Create your own challenges and make people fun with it :)
:~ # Do the lab for DevSecOps
:~ # Simulate the real world situation.
:~ # Do something weird :p
4. # How
• Create with your own machine (server)
• Create with cloud service
• Create with VM and container
5. # Differentiate
Price
(Start)
Pros Cons
Real Server 30000
- Powerful machine
- Can do everything you
want
- You own it
- Longterm solution
- Have to maintain by
yourself
Cloud Service 500~/month
- Short-term solution
- Easy to setup
- Real world environment
- Scalable
- Easy to custom
- Limit images
- High price for longterm
- Have some restriction
6. # why Docker
• Easy to setup and maintain
• Easy to find template
• Easy to modify
• Can run on multi-platform
• Strong community
20. AWS
• AWS EC2
• Active Directory
• IIS
• SQL Server
• WAF
• NGFW
• AWS S3
• Real sh*t scenario
21.
22.
23.
24.
25. Step of demo#2
• Pwn client with any method (in this demo, I used psexec
but actually can be any client side attack method)
• Dump password and enumerate information inside client
• Create Socket Server on Attacker and forward package to
client via session of Metasploit for pivoting network
• Pwn Windows AD on AWS with psexec by using
credential of domain user.