Remote hack on Damn Vulnerable Linux

This video is made by EXALT and shows a reenactment of a remote hack he did on a Damn Vulnerable Linux (DVL) box. The DVL box was set up by a fellow student during an hacking course at his university.

This video is made by EXALT and shows a reenactment of a remote hack he did on a Damn Vulnerable Linux (DVL) box. The DVL box was set up by a fellow student during an hacking course at his university.

Hacking

Hacking

Penetration testing

Penetration testing

Ex alt

Source

About the YouTuber

No information available.

Connect

About the YouTuber

No information available.

Resources

p

What is the Damn Vulnerable Linux?

Damn Vulnerable Linux (DVL) is a Slackware and Slax-based live DVD. It has been created by Thorsten Schneider and and Kryshaam from the French Reverse Engineering Team.

It has been discontinued.

No doubt DVL will find a virtual home on any student’s machine trying to learn about security

Hopefully other Universities will pick up on Thorsten’s idea and starting using DVL for its own courses on security. Read more

How to install DVL

During this tutorial you will install the Damn Vulnerable Linux live CD on a virtual machine. This can come in handy if you want to make changes to Damn Vulnerable Linux. Read more

Resources

p

What is the Damn Vulnerable Linux?

Damn Vulnerable Linux (DVL) is a Slackware and Slax-based live DVD. It has been created by Thorsten Schneider and and Kryshaam from the French Reverse Engineering Team.

The primary goal was to design a Linux system that is as vulnerable as possible, in order to teach and demonstrate a variety of security topics, including reverse code engineering, buffer overflows, shell code development, web exploitation and SQL injection.

It has been discontinued.

Download Damn Vulnerable Linux

The latest version is Damn Vulnerable Linux 1.5 (Infectious Disease) released on 26-01-2009. Download this version

Materials that allows anyone to gain practical 'hands-on' experience

VulnHub tries to create a catalogue of ‘stuff’ that is (legally) ‘breakable, hackable & exploitable’ – allowing you to learn in a safe environment and practise ‘stuff’ out. Read more

No doubt DVL will find a virtual home on any student’s machine trying to learn about security

Hopefully other Universities will pick up on Thorsten’s idea and starting using DVL for its own courses on security. Read more

How to install DVL

During this tutorial you will install the Damn Vulnerable Linux live CD on a virtual machine. This can come in handy if you want to make changes to Damn Vulnerable Linux. Read more

Articles

Related videos

DeepSec 2013: Cracking and analysing Apple iCloud protocols

DeepSec 2013: Cracking and analysing Apple iCloud protocols

Vladimir Katalov Vladimir Katalov presents the results of analysing the Apple iCloud protocol and its impact on iCloud services.

RFID hacking

RFID hacking

Learn about the security and social aspects of RFID technology

DEF CON 13: Google hacking for penetration testers

DEF CON 13: Google hacking for penetration testers

Johnny Long reveals basic and advanced search techniques, basic and advanced hacking techniques, multi-engine attack query morphing, and zero-packet target foot printing and recon techniques.

NOTACON 3: Network printer hacking

NOTACON 3: Network printer hacking

This presentation will cover techniques that can be used to control and extract data from network printers.

Introduction to Trusted Computing

Introduction to Trusted Computing

This course is an introduction to the fundamental technologies behind Trusted Computing. You will learn what Trusted Platform Modules (TPMs) are and what capabilities they can provide both at an in-depth technical level and in an enterprise context.

OWASP AppSecUSA 2012: Bug bounty programs

OWASP AppSecUSA 2012: Bug bounty programs

A panel discussion with Michael Coates (Mozilla), Chris Evans (Google), Jeremiah Grossman (WhiteHat Security), Adam Mein (Google), Alex Rice (Facebook)

DeepSec 2010: Debugging GSM

DeepSec 2010: Debugging GSM

The talk discusses a GSM debugging tool that consists entirely of open source software and open radio hardware. We will demonstrate how to record and decode GSM calls, even encrypted ones.

DeepSec 2011: The security of non-executable files

DeepSec 2011: The security of non-executable files

This talk presents an overview of the security risks in non-executable files such as PDF, rich media and office documents. The talk aims to range from global considerations to individual cases.

24C3: Why Silicon-Based Security is still that hard: Deconstructing Xbox 360 Security

24C3: Why Silicon-Based Security is still that hard: Deconstructing Xbox 360 Security

We describe the design of the Xbox 360 security system from a very high-legel point of view. In the second part we will discuss the details of the Xbox 360 system and security architecture.

The Honey project and CIC News Engine

The Honey project and CIC News Engine

An update about the Honey project and the development of the CIC News engine.

Battery firmware hacking

Battery firmware hacking

Charlie Miller will take an in depth look at a common embedded controller used in a battery and reverse engineer the firmware.

Black Hat USA 2010: Jackpotting automated teller machines redux 1/5

Black Hat USA 2010: Jackpotting automated teller machines redux 1/5

I will demonstrate both local and remote attacks on ATMs, and I will reveal a multi-platform ATM rootkit. Finally, I will discuss protection mechanisms that ATM manufacturers can implement to safeguard against these attacks.

OHM2013: Should law enforcement have hacking powers?

OHM2013: Should law enforcement have hacking powers?

In several European countries proposals for vast expansion of the powers of law enforcement in the digital realm are floating about. The panel focuses on the pros and cons of such powers.

25C3: Hacking the iPhone

25C3: Hacking the iPhone

This talk will summarize what we have learned about the internal architecture of the iPhone platform, its security, and the ways we have found to defeat these security measures.

DEF CON 17: MetaPhish

DEF CON 17: MetaPhish

This talk will focus on building a phishing framework on top of Metasploit that pentesters can use to automate phishing and increase their overall capabilities.

24C3: Mifare (Little security, despite obscurity)

24C3: Mifare (Little security, despite obscurity)

We analyzed the hardware of the Mifare tags and found weaknesses in several parts of the cipher.

DeepSec 2010: Circumventing common Pitfalls when auditing sourcecode for security vulnerabilities

DeepSec 2010: Circumventing common Pitfalls when auditing sourcecode for security vulnerabilities

This presentation describes the technologies behind advanced static and dynamic vulnerability analysis tools. We conclude with a discussion of new ways to ensure that bugs get fixed before it’s too late.

Attacking SMS. It’s no longer your BFF

Attacking SMS. It’s no longer your BFF

This talk will conclude with a proof-of-concept web application demo that demonstrates the techniques and issues mentioned as well as thoughts for solving the next generation of spam.

Remote hack on Damn Vulnerable Linux

Remote hack on Damn Vulnerable Linux

This video is made by EXALT and shows a reenactment of a remote hack he did on a Damn Vulnerable Linux (DVL) box.

BruCON 2010: Embedded system hacking and my plot to take over the world 1/4

BruCON 2010: Embedded system hacking and my plot to take over the world 1/4

This presentation analyzes common vulnerabilities in popular embedded systems that carry sensitive data every day.

Testing SQL injection with sqlmap

Testing SQL injection with sqlmap

Sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications.

ICS Cybersecurity Advanced Training Day 4

ICS Cybersecurity Advanced Training Day 4

The vlog about the fourth day of the 2011 International ICS Cybersecurity Advanced Training. This day is what it’s all about, the Blue Team / Red Team exercise.

DEF CON 17: Making fun of your malware

DEF CON 17: Making fun of your malware

This talk evenly distributes technical knowledge and humor to present the funniest discoveries related to malware authors and the fight against their code.

DEF CON 16: Forensics is ONLY for Private Investigators

DEF CON 16: Forensics is ONLY for Private Investigators

This is a talk about the struggles of becoming a Private Investigator and what the laws are for computer forensics going forward.

Owning bad guys (and mafia) with JavaScript botnets

Owning bad guys (and mafia) with JavaScript botnets

In this talk MITM schemas in anonymous services are discussed. Attendees will see how easily a botnet using JavaScript can be created to analyse that kind of connections and some of the actions people behind those services are doing.

DEF CON 18: Your ISP and the Government: Best Friends Forever 1/3

DEF CON 18: Your ISP and the Government: Best Friends Forever 1/3

Although many companies claim to care about end-user privacy, none seem to be willing to compete on the extent to which they assist or resist the government in its surveillance activities. This talk will pierce the veil of secrecy surrounding these practices.

SOURCE Barcelona 2010: Carders.cc, the rise and fall of an underground forum

SOURCE Barcelona 2010: Carders.cc, the rise and fall of an underground forum

29C3: Russia’s surveillance state

29C3: Russia’s surveillance state

Privacy International, Agentura.Ru and Citizen Lab have joined forces to launch a new project ‘Russia’s Surveillance State’. The project aims to undertake research and investigation into surveillance practices in Russia.

Related videos

Videos from the same category or videos related to the subject.

You will find something new to watch and expand your knowledge.

24C3: Mifare (Little security, despite obscurity)

24C3: Mifare (Little security, despite obscurity)

We analyzed the hardware of the Mifare tags and found weaknesses in several parts of the cipher.

DEF CON 16: Forensics is ONLY for Private Investigators

DEF CON 16: Forensics is ONLY for Private Investigators

This is a talk about the struggles of becoming a Private Investigator and what the laws are for computer forensics going forward.

DeepSec 2013: Cracking and analysing Apple iCloud protocols

DeepSec 2013: Cracking and analysing Apple iCloud protocols

Vladimir Katalov Vladimir Katalov presents the results of analysing the Apple iCloud protocol and its impact on iCloud services.

Attacking SMS. It’s no longer your BFF

Attacking SMS. It’s no longer your BFF

This talk will conclude with a proof-of-concept web application demo that demonstrates the techniques and issues mentioned as well as thoughts for solving the next generation of spam.

Battery firmware hacking

Battery firmware hacking

Charlie Miller will take an in depth look at a common embedded controller used in a battery and reverse engineer the firmware.

Owning bad guys (and mafia) with JavaScript botnets

Owning bad guys (and mafia) with JavaScript botnets

In this talk MITM schemas in anonymous services are discussed. Attendees will see how easily a botnet using JavaScript can be created to analyse that kind of connections and some of the actions people behind those services are doing.

Testing SQL injection with sqlmap

Testing SQL injection with sqlmap

Sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications.

DeepSec 2010: Circumventing common Pitfalls when auditing sourcecode for security vulnerabilities

DeepSec 2010: Circumventing common Pitfalls when auditing sourcecode for security vulnerabilities

This presentation describes the technologies behind advanced static and dynamic vulnerability analysis tools. We conclude with a discussion of new ways to ensure that bugs get fixed before it’s too late.

DEF CON 13: Google hacking for penetration testers

DEF CON 13: Google hacking for penetration testers

Johnny Long reveals basic and advanced search techniques, basic and advanced hacking techniques, multi-engine attack query morphing, and zero-packet target foot printing and recon techniques.

DeepSec 2010: Debugging GSM

DeepSec 2010: Debugging GSM

The talk discusses a GSM debugging tool that consists entirely of open source software and open radio hardware. We will demonstrate how to record and decode GSM calls, even encrypted ones.

29C3: Russia’s surveillance state

29C3: Russia’s surveillance state

Privacy International, Agentura.Ru and Citizen Lab have joined forces to launch a new project ‘Russia’s Surveillance State’. The project aims to undertake research and investigation into surveillance practices in Russia.

The Honey project and CIC News Engine

The Honey project and CIC News Engine

An update about the Honey project and the development of the CIC News engine.

24C3: Why Silicon-Based Security is still that hard: Deconstructing Xbox 360 Security

24C3: Why Silicon-Based Security is still that hard: Deconstructing Xbox 360 Security

We describe the design of the Xbox 360 security system from a very high-legel point of view. In the second part we will discuss the details of the Xbox 360 system and security architecture.

NOTACON 3: Network printer hacking

NOTACON 3: Network printer hacking

This presentation will cover techniques that can be used to control and extract data from network printers.

ICS Cybersecurity Advanced Training Day 4

ICS Cybersecurity Advanced Training Day 4

The vlog about the fourth day of the 2011 International ICS Cybersecurity Advanced Training. This day is what it’s all about, the Blue Team / Red Team exercise.

OWASP AppSecUSA 2012: Bug bounty programs

OWASP AppSecUSA 2012: Bug bounty programs

A panel discussion with Michael Coates (Mozilla), Chris Evans (Google), Jeremiah Grossman (WhiteHat Security), Adam Mein (Google), Alex Rice (Facebook)

Remote hack on Damn Vulnerable Linux

Remote hack on Damn Vulnerable Linux

This video is made by EXALT and shows a reenactment of a remote hack he did on a Damn Vulnerable Linux (DVL) box.

BruCON 2010: Embedded system hacking and my plot to take over the world 1/4

BruCON 2010: Embedded system hacking and my plot to take over the world 1/4

This presentation analyzes common vulnerabilities in popular embedded systems that carry sensitive data every day.

Introduction to Trusted Computing

Introduction to Trusted Computing

This course is an introduction to the fundamental technologies behind Trusted Computing. You will learn what Trusted Platform Modules (TPMs) are and what capabilities they can provide both at an in-depth technical level and in an enterprise context.

DEF CON 17: MetaPhish

DEF CON 17: MetaPhish

This talk will focus on building a phishing framework on top of Metasploit that pentesters can use to automate phishing and increase their overall capabilities.

RFID hacking

RFID hacking

Learn about the security and social aspects of RFID technology

SOURCE Barcelona 2010: Carders.cc, the rise and fall of an underground forum

SOURCE Barcelona 2010: Carders.cc, the rise and fall of an underground forum

DeepSec 2011: The security of non-executable files

DeepSec 2011: The security of non-executable files

This talk presents an overview of the security risks in non-executable files such as PDF, rich media and office documents. The talk aims to range from global considerations to individual cases.

OHM2013: Should law enforcement have hacking powers?

OHM2013: Should law enforcement have hacking powers?

In several European countries proposals for vast expansion of the powers of law enforcement in the digital realm are floating about. The panel focuses on the pros and cons of such powers.

25C3: Hacking the iPhone

25C3: Hacking the iPhone

This talk will summarize what we have learned about the internal architecture of the iPhone platform, its security, and the ways we have found to defeat these security measures.

DEF CON 17: Making fun of your malware

DEF CON 17: Making fun of your malware

This talk evenly distributes technical knowledge and humor to present the funniest discoveries related to malware authors and the fight against their code.

DEF CON 18: Your ISP and the Government: Best Friends Forever 1/3

DEF CON 18: Your ISP and the Government: Best Friends Forever 1/3

Although many companies claim to care about end-user privacy, none seem to be willing to compete on the extent to which they assist or resist the government in its surveillance activities. This talk will pierce the veil of secrecy surrounding these practices.

Black Hat USA 2010: Jackpotting automated teller machines redux 1/5

Black Hat USA 2010: Jackpotting automated teller machines redux 1/5

I will demonstrate both local and remote attacks on ATMs, and I will reveal a multi-platform ATM rootkit. Finally, I will discuss protection mechanisms that ATM manufacturers can implement to safeguard against these attacks.

Share This