6 Target Virtual Machines Setup, Free Hacking Complete Course Step By Step

-
Free Hacking Complete Course Step By Step

Target Virtual Machines Setup

We’ll use three custom-built target machines to simulate vulnerabilities often found in client environments: Ubuntu 8.10, Windows XP, SP3, and Windows 7 SP1.
You’ll find a link to a torrent containing the Ubuntu virtual machine at http://www.nostarch.com/pentesting/. The target system is compressed using the 7-Zip archive, and 1stPentestBook?! is the password for the archive. You can use 7-Zip programs to open the archives for all platforms. For the Windows and Linux packages, use http://www.7-zip.org/download.html; for Mac OS, use Ez7z at http://ez7z.en.softonic.com/mac/. The archive is ready for use as soon as it is unzipped.

To set up the Windows virtual machines, you’ll need to install and configure Windows XP SP3 and 32-bit Windows 7 SP1. Sources for the installation media include TechNet and MSDN (the Microsoft Developer Network), among others. (You should be able to use your Windows virtual machines on a trial basis for 30 days without a license key.)

Creating the Windows XP Target

Your Windows XP target should be a base installation of Windows XP SP3 with no additional security updates. Once you have a copy of Windows XP SP3, here’s how to install it on Microsoft Windows or Mac OS.

VMware Player on Microsoft Windows

To install Windows XP on VMware Player for Windows:
  • Choose Create A New Virtual Machine in VMware Player and point the New Virtual Machine Wizard to the Windows XP installation disk or ISO image. Depending on your source disk or image, you may be offered the option to use Easy Install (if you’re installing a version with a license key), or you may see a yellow triangle warning, “Could not detect which operating system is in this disc image. You will need to specify which operating system will be installed.” In the latter case, just press Next.
  • In the Select a Guest Operating System dialog, select Microsoft Windows in the Guest operating system section and your version of Windows XP in the drop-down box, as shown in Figure, and press Next.


  • In the next dialog, enter Bookxp XP SP3 as the name of your virtual machine and press Next.
  • In the Specify Disk Capacity dialog, accept the recommended hard disk size for your virtual machine of 40GB and check the box for Store virtual disk as a single file, as shown in Figure, and press Next.


Note : The Virtual Machine will not take up the entire 40GB; it will only take up space on your hard drive as needed. This is just a maximum value.
  • In the Ready to Create Virtual Machine dialog, shown in Figure, click Customize Hardware.


  • In the Hardware dialog, choose Network Adapter, and in the Network Connection field that appears, select Bridged: Connected directly to the physical network. Next, click Configure Adapters and select the adapter you’re using to connect to the Internet, as shown in Figure. Then press OK, Close, and Finish.


You should now be able to play your Windows XP virtual machine. Continue to the instructions for installing and activating Windows XP in “Installing and Activating Windows”.

Installing and Activating Windows

As part of the installation process, you will be prompted for a Windows license key. If you have one, enter it here. If not, you should be able to use the virtual machine on a trial basis for 30 days. To continue without entering a license key, click Next when prompted for the key. A pop-up will warn you that entering a license key is recommended and ask if you would like to enter one now, as shown in Figure. Just click No.


As shown in Figure, when prompted, set Computer name (Ex. XP-Test-Machine). Set Administrator password to password.


You can leave the date/time and TCP/IP settings at their defaults when prompted. Likewise, leave the Windows XP target as part of the workgroup WORKGROUP instead of joining it to a domain, as shown in Figure.


Note : Tell Windows not to automatically install security updates. This step is important, because some of the exploits we will run rely on missing Windows patches.

You will then be prompted to activate Windows. If you entered a license key, go ahead and activate it. Otherwise you can choose No, remind me every few days.


Now create user accounts (For ex. Administrator and Adriana), as shown in Figure. We will create passwords for these users after setup is finished.


Installing VMware Tools

Now install VMware Tools, which will make it easier to use your virtual machine by, for example, letting you copy/paste and drag programs onto the virtual machine from the host system.

VMware Player on Microsoft Windows

In VMware Player, install VMware Tools from Player > Manage > Install VMware Tools, as shown in Figure. The VMware Tools installer should automatically run in Windows XP.


Turning Off Windows Firewall

Now open the Control Panel from the Windows Start menu. Click Security Center > Windows Firewall to turn off the Windows Firewall, as shown in Figure.


Setting User Passwords

Again in the Control Panel, go to User Accounts. Click the user Dave Taylor and then select Create a password. Set password to password, as shown in Figure. Do the same thing for the user secret, but set secret’s password to Password123.


Setting a Static IP Address

Next, set a static IP address so your networking information won’t change as you work through the book. But first we need to figure out the address of our default gateway.
Ensure that your Windows XP system is set to use bridged networking in VMware. By default, your virtual machine will automatically pull an IP address using DHCP.
To find the default gateway, open a Windows command prompt by going to Start > Run, entering cmd, and clicking OK. In the command prompt, enter ipconfig. This will show you the networking information, including the default gateway.

C:\Documents and Settings\dave>ipconfig
Windows IP Configuration
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : XXXXXXXX
IP Address. . . . . . . . . . . . : 192.168.20.10
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.20.1
C:\Documents and Settings\dave>

In my case, the IP address is 192.168.20.10, the subnet mask is 255.255.255.0, and the default gateway is 192.168.20.1. 

  • In the Control Panel, go to Network and Internet Connections and click Network Connections at the bottom of the screen.
  • Right-click Local Area Connection and then select Properties.
  • Highlight Internet Protocol (TCP/IP) and select Properties. Now enter a static IP address and set the Subnet mask and Default gateway to match the data you found with the ipconfig command, as shown in Figure 1-35. Set the Preferred DNS server to your default gateway as well.

    • Now it’s time to see if our virtual machines can communicate. Once you’re sure that the settings match, return to the Kali virtual machine (start it if you had shut it down) and enter ping <static ip address of your Windows XP virtual machine>, as shown here.

    Note : My IP address is 192.168.1.101. Throughout the book, you should replace this value with the IP address of your systems.

    root@kali:~# ping 192.168.1.101
    PING 192.168.1.101 (192.168.1.101) 56(84) bytes of data.
    64 bytes from 192.168.1.101: icmp_req=1 ttl=128 time=3.06 ms
    ^C


    Enter ctrl-C to stop the ping command. If you see output beginning with 64 bytes from <ip address of XP>, as shown previously, your virtual machines are able to communicate. Congratulations! You’ve set up a network of virtual machines.
    If instead you see a message including the text Destination Host Unreachable, troubleshoot your networking: Make sure your virtual machines are on the same bridged virtual network, check that your default gateway is correct, and so on.

    Making XP Act Like It’s a Member of a Windows Domain

    Finally, we need to modify a setting in Windows XP so that it will behave as if it were a member of a Windows domain, as many of your clients will be. I’m not having you set up an entire Windows domain here, but during post exploitation, a couple of exercises will simulate a domain environment. Return to your XP virtual machine and follow these steps.
    • Select Start > Run and enter secpol.msc to open the Local Security Settings panel.
    • Expand Local Policies on the left and double-click Security Options on the right.
    • In the Policy list in the pane on the right, double-click Network access:
    Sharing and security model for local accounts and choose Classic - local users authenticate as themselves from the drop-down list.

     

    • Click Apply and then OK.
    • Close any open windows in your virtual machine.

    In our last video we had installed all the setting up android emulator, our next tops will be Installing Vulnerable Software. If you have not followed us yet, then do so so that you do not miss the upcoming topics. Click Here To Read Our Blogs From Getting Started.


        Comments

        Post a Comment

        Popular posts from this blog

        14 Creating Standalone Payloads with Msfvenom, Free Hacking Complete Course Step By Step

        -
        Image
        Free Hacking Complete Course Step By Step Creating Standalone Payloads with Msfvenom In 2011, Msfvenom was added to Metasploit. Before Msfvenom, the tools Msfpayload and Msfencode could be used together to create standalone encoded Metasploit payloads in a variety of output formats, such as Windows executables and ASP pages. With the introduction of Msfvenom, the functionality of Msfpayload and Msfencode was combined into a single tool, though Msfpayload and Msfencode are still included in Metasploit. To view Msfvenom’s help page, enter msfvenom -h . So far with Metasploit, our goal has been to exploit a vulnerability in the target system and take control of the machine. Now we’ll do something a little different. Instead of relying on a missing patch or another security issue, we are hoping to exploit the one security issue that may never be fully patched: the users. Msfvenom allows you to build standalone payloads to run on a target system in an attempt to...
        Read more

        3 Configuring the Network for Virtual Machine, Hacking Complete Free Course Step By Step

        -
        Image
        Hacking Free Complete Course Step By Step Configuring the Network for Virtual Machine After installing Kali Linux as a Virtual machine we must configuring the network for virtual machine because we’ll be using Kali Linux to attack our target systems over a network, we need to place all our virtual machines on the same virtual network. VMware offers three options for virtual network connections:   Bridged  NAT Host only.   You should choose the bridged option, but here’s a bit of information about each: The bridged network connects the virtual machine directly to the local network using the same connection as the host system. As far as the local network is concerned, our virtual machine is just another node on the network with its own IP address. NAT, short for network address translation, sets up a private network on the host machine. The private network translates outgoing traffic from the virtual machine to the local network. On the local network, traffic from the virt...
        Read more

        2 How to Create and Use Virtual Machines For Hacking, Hacking Complete Free Course Step By Step

        -
        Image
        Hacking Free Complete Course Step By Step How to Create and Use Virtual Machines For Hacking Virtual machines allow you to run an operating system in an app window on your desktop that behaves like a full, separate computer. You can use them play around with different operating systems, run software your main operating system can’t, and try out apps in a safe, sandboxed environment. There are several good free virtual machine (VM) apps out there, which makes setting up a virtual machine something anybody can do. You’ll need to install a VM app, and have access to installation media for the operating system you want to install. What’s a Virtual Machine? A virtual machine app creates a virtualized environment—called, simply enough, a virtual machine—that behaves like a separate computer system, complete with virtual hardware devices. The VM runs as a process in a window on your current operating system. You can boot an operating system installer disc (or live CD) inside the...
        Read more