about

p0wnlabs was developed by folks who enjoy hacking in the learning sense, not the criminal sense.


p0wnlabs was created in the spirit of helping people learn to defend systems by learning how systems are broken into.
Once you know how to break in, you are a much better defender.

it's not free?!

Yeah, we all like free stuff. There's free stuff here too, did you try some?


The stuff that's not free is stuff that costs money to host, create, maintain, etc.


The hosted portion is subscription based to keep the riff-raff out, create some semblance of order and to make sure you're serious about learning, not just some yahoo with a new tool and no target.

what about?

  • IP ranges?
    Glad you asked. p0wnlabs hosted challenges use the default openvpn (10.8.0.1) addresses, and the 10.0.0.0 – 10.255.255.255 RFC1918 range. If this conflicts with your own internal ranges where you plan to hack from you may have to do some internal routing to work around it.

    p0wnlabs VPN runs on the standard udp/1194 port so you'll need to ensure whatever firewall you sit behind allows this port outbound.
  • Safety?
    You should assume p0wnlabs is untrusted. You are connecting to a hostile network and even though in these scenarios you are usually the agressor there may be someone smarter then you waiting in the wings. Take proper precautions when connecting to p0wnlabs as we assume no responsibility for what goes on.

  • Rules?
    There are rules. Here they are: You are permitted to hack only the targets you are given. Intentionally hacking p0wnlabs itself in any form
    is not permitted and will result in cancellation of your subscription and possible prosecution. Intentionally hacking other subscribers is also prohibited and will result in the same consequences.

    Also, you should assume everything you do while connected to p0wnlabs is being recorded. You have no privacy while using this service as everything you do may be recorded, inspected, logged, examined, and used by p0wnlabs for various purposes.

  • what's it made of?

    p0wnlabs is open source whenever it can be. Mostly gentoo linux with wads of python, openSSL, apache, etc and a lot of scripting.
    Oh, yeah, this web site is made up of web.py innards.

  • I've got an idea!

    Great! Email us at p0wn at p0wnlabs.com and let us know! If it's an idea for a game/challenge we may even pay you for it's creation.

  • You need help?

    Why thanks for asking! Yes we do! You can help by sending an ( p0wn at p0wnlabs.com ) idea, a tool, a challenge or whatever ya got. Currently we'd most like to have a team of folks at the ready to help people through the challenges. i.e. be a mentor for someone who needs some help figuring out how to use common security tools like nmap, nessus, metasploit, etc.
    The vision is that if there is a bank of mentors at the ready to help over some channel like IRC/Skype/Webex they can get a donation via paypal to help someone learn the ropes and use p0wnlabs as the proving grounds/common grounds for experimentation and learning. If you're that person send us a note and we'll set you up with an account to get familiar with the layout, hack a bit and get setup.

  • I'm so gonna p0wn you
    You should know that there's nothing here to p0wn? p0wnlabs doesn't store anything related to members, credit cards, accounts, etc. Really! Everything we've got is already on the website and available over openvpn once you sign up. I guess you could try to p0wn paypal but that's kinda boring when there are so many banks to p0wn.
© Copyright 2009 p0wnlabs Web design released by Flash MP3 Player