Saturday, November 28, 2009

IndySploit Pre-req Checklist

The "formal requirements" as mentioned in the IndySploit Charity Event Announcement:

What should you bring?
  1. a laptop, complete with additional power source (power adapter, additional battery, solar panels, etc.) and functioning wireless NIC
    - primary network access will be via wireless access point
  2. your donation confirmation email (a hard copy will help expedite check-in at the event -- again, this is for some basic donation verification)
    - donation/registration how-to, in case you missed it
  3. the MetaSploit Framework (MSF), in the form of one of the following:
    1. installed on your laptop (or the VM from which you intend to perform your attacks)
      - MSF installer: (v3.3 released 17 Nov 2009!)
    2. a BackTrack session, by either:
      1. booting your laptop (or a VM) from a live BackTrack CD/DVD, and then performing updates*
      2. installing BackTrack onto your laptop or a VM on your laptop, and then performing updates*
* Performing back|track 4 updates: "If you are using back|track 4 as your platform, you can always update to the latest version of the trunk by issuing a 'svn up' in the '/pentest/exploits/framework3/' directory."

What we will provide you:
  1. two (2) attack target systems per attendee -- one (1) Windows XP SP2 guest, and one (1) Ubuntu Server 7.04 guest, as described in the "Required Materials" section of the Metasploit Unleashed page
    - these attack target guests will:
    1. be housed on VMware hosts, so you need not host these on your laptop
    2. have the prescribed configurations made and packages installed
    3. be on the previously mentioned internal network
  2. DHCP address(es) on the internal network for your laptop/attack system
  3. internet access via the internal network
  4. the rest of the items mentioned in the charity event announcement (A sense of community, a networking opportunity, instruction from local security professionals, an attack lab, lunch, and you assist in Johnny's life-saving mission)

Additional notes:
  • Please have your attack machine functional/ready (tool kits, wireless networking, etc.) to go before arriving. This event focuses on using the Metasploit Framework (MSF)
  • This is not a switch/router/WAP attack session -- the gear involved in the attack lab is necessary infrastructure for everyone

1 comment:

  1. This comment has been removed by a blog administrator.