VulnOSv2 is a purpose build Vulnerable VM specifically build with design flaws via remote access (RSH). Privilege levels are then escalated to gain admin rights.
Test#
Brief Test Vector Detail
Vulnerability
1
Basic Network Service Scans
Several open ports are found to be vulnerable. Attacker can select attack method and exploit the machine further
2
Access found to the Admin area of the Web Application
Broken Access Control allows the attacker to access normally restricted administrative areas
3
SQLi is used to access the backend Data Base
Sensitive information can be retrieved, further access to the admin area exploited or indirect access to the Host machines Operating System could be established
4
Remote access login via RSH
Host compromise Through a Secure Shell (SSH) protocol enables an attacker to gain access to the Hosts Command line and Operating System
Test#
Brief Test Vector Detail
Vulnerability
5
Code is executed on the machine with standard privileges to escalate the privilege level
Once the privilege level of the machine has been escalated complete machine compromise is effective.