We will be using vulnserver, that can be downloaded from here: http://thegreycorner.com/2010/12/introducing-vulnserver.html
This will be our target during several of the following exercises. This intentionally vulnerable application was created by Stephen Bradshaw to provide himself and the security community with an application that can be used to practice various security-related tasks.
Ideally, the program is to be run on a Windows-based machine; as we are trying to keep the book focused on open source and freely available programs, we will run the server on our Ubuntu_test1machine_1
machine. This will be sufficient to learn more about the fuzzing tools available in Kali.
Download the vulnserver application to your Ubuntu_testmachine_1
machine, unzip it, and review the license
and readme
files carefully. In a terminal window, enter the following:
#apt-get install wine
Start vulnserver.exe
up using the following command in the Ubuntu machine:
#wine vulnserver.exe 4444 Starting vulnserver version 1.00 Called essential function dll version 1.00 This is vulnerable software! Do not allow access from untrusted systems or networks! Waiting for client connections...
This command will use wine
to run your vulnserver.exe
application on port 4444
. To test that the server is working properly, open up a terminal session and connect it to the server using netcat
, as follows:
# nc 127.0.0.1 4444
You will be presented with an introduction screen from vulnserver:
Welcome to Vulnerable Server! Enter HELP for help.
As mentioned by the prompt, you may enter HELP
to receive information about available inputs:
HELP Valid Commands: HELP STATS [stat_value] RTIME [rtime_value] LTIME [ltime_value] SRUN [srun_value] TRUN [trun_value] GMON [gmon_value] GDOG [gdog_value] KSTET [kstet_value] GTER [gter_value] HTER [hter_value] LTER [lter_value] KSTAN [lstan_value] EXIT
We will be using different fuzzers that come preinstalled on Kali to inject malformed, random, or mutated data into these inputs. To get more familiar with the server, feel free to poke around. Here is an example of a valid input:
LTER AAAAAA LTER COMPLETE
The application expected an input, which we provided as LTER AAAAAA
. As there is no problem with this input, the application returns to the normal state.
The application expected an input, which we provided as LTER AAAAAA
. As there is no problem with this input, the application returns to the normal state.