pwnOS is a kind of training Ubuntu server image for exploit testing, much like Metasploitable or De-ICE.
There are a couple of vulnerable services that I have discovered so far, one is an out of date Webmin install, the same Debian Weak SSL ciphers used on Metasploitable (slightly annoying :-/ ) and a vulnerable linux kernel.
In the following tutorial I show you how to go from "boot to root" in around 10 - 20 minutes.
Firtsly we'll kick of the show with some information gathering; the image is installed on a box on my 10.50.60.0 network, so we'll start with a full /24 scan. followed by a Nessus vulnerability scan of the said image.
Then we look at exploitation, the some privilege escalation and finally poc (proof of concept).
I found this a lot easier that Metasploitable and was able to get root access in around 2 hours, which did annoy me slightly but still hats off to bond00 at http://heorot.net; its a good training excercise.
httpv://www.youtube.com/watch?v=YL-Jus8S26c
