Web Content Display Web Content Display

Summeries of Labtainer Exercises

The following labs are packaged within the Labtainer distribution.  There is no separate download step required for any of the labs.  Whenever they are run the first time, the framework automatically downloads whatever is needed from the Docker Hub.  Labs are organized into the following categories:

Web Content Display Web Content Display

Software Vulnerabilities
Lab Description difficutly
bufoverflow An example program vulnerable to a stack buffer overflow. 3
formatstring Explore C library printf function vulnerabilities. 2
retlibc  Exploit a program using a buffer overflow and return-to-libc. 3
gdblesson An introduction to using gdb to debug a simple C program. 1

Web Content Display Web Content Display

Lab Description difficutly
telnetlab The student uses telnet to access a remote computer, and employs the tcpdump tool to view plaintext passwords, and to observe how use of ssh mitigates that vulnerability.  1 
nmap-discovery The nmap utility is used to locate an ssh server on a network and to discover the port number being used by the service. 2
pcapanalysis The tshark network traffic analysis tool is used to identify and display a specific network packet containing a plaintext password. 2
wireshark-intro Intorduction to the use of Wireshark analyze network traffic. 2
nmap-ssh The nmap utility is utilized in combination with the tshark network traffic analysis utility to demonstrate a security problem with an ssh server. 2
routing-basics A simple routing example with two LANs and an internet connection via NAT 2
iptables The iptables utility is used to configure a “firewall” component to only forward selected application service traffic between a client and a server. 2
tcpip TCP/IP protocol vulnerabilities, including SYN flooding, RST attacks and session hijacking.  Derived from the SEED lab. 2
arp-spoof Use of ARP spoofing for Man-in-the-middle attacks. 2
local-dns DNS spoofing and cache poisoning on a local area network.  Derived from the SEED lab. 3
remote-dns DNS spoofing remotely using the Kaminski attack 3

Web Content Display Web Content Display

Crypto Labs
Lab Description difficulty
macs-hash Exploration of cryptographic hashes and the potential for hash collisions. 2
onewayhash  Introduction to generating cryptographic hashes using the openssl utility. 1

Explore public key certificates from a variety of web sites


Use of a public/private key pair to access a server via ssh.


 Exploration of symmetric key encryption modes.


 Example use of OpenVPN to protect network traffic.

vpnlab2  Similar to vpnlab, but with the use of a vpn gateway. 2

Web Content Display Web Content Display

Web Security Labs
Lab Description difficutly
webtrack Illustrates web tracking techniques and the role of ad servers 1
xforge  Cross Site Request Forgery with a vulnerable web site 2

 Cross site scripting attacks on a vulnerable web server.

sql-inject  SQL injection attacks and countermeasures. 2

Web Content Display Web Content Display

System Security & Operations
Lab Description difficutly
acl Acess Control Lists (ACLs) on Linux 2
backups Using tar and dump/restore for file backups. 1
capabilities Use of Linux capabilites to limit program privileges. 2
sys-log System log basic usage and configuration on an Ubuntu system. 2
centos-log  System log basic usage and configuration on a CentOS system. 2
file-deletion Data recovery from deleted files within EXT2 and NTFS file systems. 2
file-integrity File integrity checking and intrustion detetion with AIDE 2
pass-crack  Introduction to passwords and elementary cracking schemes. 2
nix-commands Introduction to Linux and shell commands. 1

Web Content Display Web Content Display

Industrial Control System Security
Lab Description difficulty
softplc Program a software-based programmable logic controller (PLC) 3
plc-forensics  Forensic analysis of a PLC session from a rouge client. 4
plc Simulated example of a vulnerable Programmable Logic Controller system. 2