Skip to content

Latest commit

 

History

History
54 lines (35 loc) · 1.78 KB

security-gallery.md

File metadata and controls

54 lines (35 loc) · 1.78 KB
Raw

Security: The Gallery

An exercise to illustrate a security flaw.

Get your public SSH key

You can display your public SSH key in your terminal with the following command:

$> cat ~/.ssh/id_rsa.pub

You should copy the output of this command. You will need it later.

Launch a virtual server

You will launch a virtual server to deploy the vulnerable application.

  • Access the Azure portal and go to the Virtual machines section:

    Azure Portal

  • Create a new virtual machine with these settings, then go to the Disks settings:

    Gallery virtual machine

  • Keep the default Disks settings.

    Go to the Networking settings:

    Azure: go to the networking settings

  • In the Networking settings, enable the option to automatically Delete public IP and NIC when VM is deleted:

    Gallery virtual machine

  • Create the VM.

Set up the image gallery application

Follow the instructions in this repository.

Be sure to do this on the gallery server you just launched. You can connect to it with ssh gallery@W.X.Y.Z (where W.X.Y.Z is the IP address of the server, which you can find in the Azure portal).