Navigation
ZombieVM
Hacker's often penetrate poorly protected systems and turn them into zombies. These zombie computers can then be utilized as relay or proxy systems to aid the hacker in obfuscating his or her tracks. Or they might be used in distributed denial of service attacks.
ZombieVM is a Virtual Machine for VMWare. It works with the recently released VMPlayer, VMWare Server Beta and should work fine with VMWare Workstation. This VM has Gentoo Linux, Apache and Perl installed. Additionally, it has a Perl CGI script and the cross-site scripting toolkit used in some exercises in the book "Web Hacker Boot Camp".
After downloading the files, you will need to login and check the VMs TCP/IP address. The VM is configured to obtain its IP address via DHCP from VMWare's host-only adapter. Before you can execute any of the attacks shown in the book you will need to know the IP address the VM is using. If you aren't familiar with Linux, just log on to the VM using username "root" and password "vmware", then type "ifconfig eth0" and note the IP address.
** UPDATE **
ZombieVM has been revised and is now provided as an ISO image file. To use it with VMWare, set up a virtual machine with 256MB of RAM and map the CDROM drive to the ISO. No virtual hard disks required. This should allow it to work with just about any version of VMWare. You can also burn the image to CD and boot about any old system you have with it.
This Live Linux CD is a modified DSL Linux.
Get it from the Downloads page.
Web Hacker Boot Camp
This hands-on, self-paced training kit walks you through various application-layer attacks, step-by-step. Understand how hackers exploit common mistakes made by web developers.