Linux / amd64
Machine Author: Nathan Schwartz (NVIDIA)
Contributors: Will Pearce (Microsoft)
Warning:
Pull the container to your local machine.
docker pull nvcr.io/nvidia/product-security/mintnv:v5
Run the container, exposing ports 22 and 80. The environment can be accessed at 127.0.0.1
docker run -p 22:22 -p 80:80 -dt --rm --hostname mintnv.ctf nvcr.io/nvidia/product-security/mintnv:v5
You can ensure that the container is running with docker ps
You can connect from the container to your host machine at host.docker.internals
MintNV is a vulnerable environment that showcases how an adversary can bypass defensive Machine Learning (ML) mechanisms to compromise a host. It has the following features:
This educational exercise was created to give hands-on experience attacking ML applications. The user is expected to take on the role of an attacker to learn skills in the following areas:
Engagement | Learning Objectives |
---|---|
Foothold | Machine Learning, Web exploitation, Chaining vulnerabilities, Enumeration |
Privesc 1 | Networking Protocols, Enumeration |
Privesc 2 | Administrative functions, Enumeration |
You can access a guided learning document for MintNV from the environment itself.
http://127.0.0.1/writeup/MintNV-Writeup.zip
OffensiveMachineLearning2021
MintNV-Writeup.pdf
MintNV is a bridge between AI/ML researchers and cybersecurity professionals throughout the ML landscape. It enables the offensive security community to practice adversarial ML techniques. While anyone may attempt it, the target audiences are:
We hope that this contribution to the community inspires more creations of this kind.
We recommend running the educational exercise in a safe environment without outside internet connection.
MintNV is an unpatched environment. You can access a list of CVEs this environment is vulnerable to by following these steps:
http://127.0.0.1/writeup/vulnerability-scans.txt
MintNV
Copyright (c) 2021, NVIDIA CORPORATION. All rights reserved.
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS," WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
We really hope you all enjoy this educational exercise. We care a lot about education within the cybersecurity community, so making these is always a pleasure.
We encourage you to hack, reverse engineer, and explore anything you want within the environment. Learn something new and share it with someone you know.
If you have any questions, comments, or feedback please send an email to psirt@nvidia.com.