Coder Social home page Coder Social logo

f0xmulder / hackbox Goto Github PK

View Code? Open in Web Editor NEW

This project forked from strellic/hackbox

0.0 1.0 0.0 3.76 MB

Hackbox is an open-source, container-based platform that makes it easy to launch vulnerable systems to test your hacking skill!

License: MIT License

JavaScript 98.46% Shell 0.28% Dockerfile 0.88% HTML 0.39%

hackbox's Introduction

Hackbox

Hackbox is an open-source, container-based platform that makes it easy to launch vulnerable systems to test your hacking skill!

Users can sign up on Hackbox and choose one of the host-created rooms to try and hack into. They can launch boxes, which spawn Docker containers on the host, which they can then connect to via OpenVPN.

From there, they can send attacks and hack into the box. Their goal is to exfiltrate the flags from the box, which can mean finding hidden services, exploiting systems, or privilege escalating into root.

The server owner just needs to create vulnerable Docker images, and add them to the database for users to be able to hack into them. See hackbox_server/db_setup.js for an example!

Screenshots

Setup

Before starting the setup for hackbox_client and hackbox_server, the OpenVPN Docker container system needs to be created first. Make sure the user you run the commands as is root, or is in the docker group!

Run the following setup commands to initialize the OpenVPN docker container:

OVPN_DATA="ovpn-data-hackbox"
docker volume create --name $OVPN_DATA
docker run -v $OVPN_DATA:/etc/openvpn --rm kylemanna/openvpn ovpn_genconfig -u udp://vpn.example.com
docker run -v $OVPN_DATA:/etc/openvpn --rm kylemanna/openvpn touch /etc/openvpn/vars
docker run -v $OVPN_DATA:/etc/openvpn --rm -it kylemanna/openvpn ovpn_initpki

Make sure to change vpn.example.com to either a domain name or IP which resolves to your server. Make sure to remember the password you used to create the Certificate Authority, as you will need to set it in hackbox_server's .env file. You can also change OVPN_DATA, but make sure you change it as well.

Then, pull the necessary Docker images:

docker pull strellic/openvpn-client
docker pull strellic/hackbox_example_room # not required if you remove example room
docker pull strellic/hackbox_kali # not required if you remove kali room

After this, you should have created a Docker volume and have the OpenVPN Docker container up and running. From there, follow the setup instructions in each of the folders.

GOTTY Support

GOTTY can allow CLI applications to be accessible over the web. If GOTTY_ENABLED is set to true in hackbox_server, people will be able to access the example Kali room over a webshell. See GOTTY's LICENSE (MIT) here.

Contributing

Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.

License

MIT

hackbox's People

Contributors

strellic avatar

Watchers

James Cloos avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.