Dedicated Weak Patched — Nejicomisimulator Tma02 My Own
diff weak_scan.txt patched_scan.txt
The simulator typically presents a weak configuration: default credentials, unpatched services, misconfigured firewalls, or known CVE vulnerabilities. Students or researchers are asked to analyze, exploit, and then patch the weaknesses. nejicomisimulator tma02 my own dedicated weak patched
# Before patch (weak snapshot) nmap --script vuln 192.168.56.101 > weak_scan.txt nmap --script vuln 192.168.56.101 > patched_scan.txt diff weak_scan
#!/bin/bash # Run inside NEJICOMISimulator TMA02 as root echo "Starting custom patching routine" mysql -e "ALTER USER 'root'@'localhost' IDENTIFIED BY 'StrongPass123';" Fix 2: Remove default SSH keys rm -f /etc/ssh/ssh_host_* dpkg-reconfigure openssh-server (or ssh-keygen -A) Fix 3: Manual backport of Apache patch cd /usr/local/src wget https://archive.apache.org/dist/httpd/patches/apply_to_2.2.15/CVE-2011-3192.patch patch -p0 < CVE-2011-3192.patch make && make install weak_scan.txt nmap --script vuln 192.168.56.101 >