So a teacher in my college, asked me to give some classes to his students about CTF and network security in general. i am not an expert but I know a little bit and, the goal here is to get more people interested in the fied anyway so I accepted the challenge.
My idea is, after a some introductory classes I give them some easy machines so they can see how the process works and I want that those machines are build around systems that are current being used in our college. For example I am thinking about using moodle as a vector, it is used a lot here, and we had one machine some time ago that exploited that.
With that in mind, can you guys give me some tips? I already started to built some of them but I would like some help, because I am kinda lost honestly, especially in the windows machine haha.
What I have in mind:
Machine 1: Linux. User vector: moodle. Root vector: kernel exploit.
Machine 2 Windows. User vector: ? (still researching, maybe an simple upload with extension change). Root vector: Eternal Blue.
Thanks for your help!