In my April webinar, I showed how you could both attack and defend a vulnerable web application, using Manish Kishan Tanwar’s capture the flag system, “Billu B0x.” In the attack, I chained together exploits against three vulnerabilities: SQL injection, local file inclusion, and a kernel vulnerability. It took all three to get “root” administrative privilege. Once I got root, it was time to put on the defensive white hat, where we had at least four different ways that we could break the attack.
view on-demand webinar
Each of these defenses are things you could do proactively, as hardening measures you take before you even know that you have a vulnerability. Here’s what you could do:
- Use rate-limiting with iptables to break the web scanning that helped the attacker find the vulnerable web pages.
- Use ModSecurity, a free web application firewall, to catch and break the SQL injection attack.
- Use AppArmor to contain the attacker once he compromises the web application.
- Use a best practices iptables egress rule set to break the attacker’s reverse shell.
There may even be more proactive hardening steps you could take that would break the attack! If you find another one, find me on Twitter and let me know!
Check out the webinar and play along using your own copy of Kali Linux, attacking the Billu B0x virtual machine you’ll find on VulnHub.com.
Once you have that, check out the webinar: "Attack and Defense Episode 4: Breaking Into the Billu-Box Virtual Machine"
![Photograph of Jay Beale](https://assets.beyondtrust.com/assets/images/user-photos/_people/Jay-Beale-2021-headshot.jpg?auto=format&q=80)
Jay Beale, CEO, CTO at InGuardians, Inc.
Jay Beale is CTO and CEO for InGuardians. He works on Kubernetes, Linux and Cloud-Native security, both as a professional threat actor and an Open Source maintainer and contributor. He's the architect of the open source Peirates attack tool for Kubernetes and Bustakube CTF Kubernetes cluster. Jay helps create and run DEF CON's Kubernetes CTF, is a member of the Kubernetes organization, and previously co-led the Kubernetes project's Security Audit Working Group. Since 2000, he has led training classes on Linux & Kubernetes security at public conferences and in private training.