Environment Setup
Objective
This lab is to be used if you're setting up your own lab environment (preferred method of performing the labs) on your own system. The instructions also assume you're using a single host operating system and installing multiple guests in VMWare - modify accordingly if you plan on achieving the same result another way (i.e. using multiple system).
We are mainly going to follow the "Pregame" chapter in the Hacker Playbook book by Kim to build the Kali Linux and Win 7 Pro VMs. Keep in mind those instructions are a bit dated on the Kali side as some of the tools mentioned are already installed in the latest release (2.0). I'd do a quick check for each tool before I attempted to install...and also use snapshots in case somethings goes horribly wrong and you break the OS or tools already installed. You can safely follow the Windows VM setup procedure and any additional tools that need to be added for future lab assignments will be posted or linked.
Materials
For the purposes of Lab 0, you will need the following:
- A working host system (Mac OSX or Windows 7/8 preferred) on which you will install VMWare Workstation (MS) or Fusion (OSX)
- A system (laptop/desktop) capable of running at least 2-3 virtual machines in addition to the host operating system. This includes enough disk storage (usually not an issue) and memory/processor capacity (usually the bottleneck).
- Access to the DePaul MSDNAA and VMWare eHub sites (as a current student the default answer is yes, but you should verify if your account is active) and have downloaded the necessary guest operating system and VMWare software packages
- When we say "Host" operating system we mean the system that is installed on the hard drive of your desktop or laptop, on which you will install VMWare software. A "Guest" operating system is an operating system running inside of VMWare software on your host system. You will likely only have 1 host operating system (unless you're dual booting) and you can have multiple guest operating systems.
- The Pregame chapter in the Hacker Playbook 2 book by Kim
- For anyone not familiar with setting up VMWare and installing a guest operating system, as we will for the lab system we are building, please see:
o https://vimeo.com/118060289 pass is: cns488
Usernames and Passwords
For the VMs you'll be using, use the following guide:
- Windows 2000/2003 Servers - administrator/student
- Windows 7 Pro Attack VM - Whatever you configure, make it easy to remember
- Kali Attack VM - root/toor (unless you custom installed your own, then it is whatever you set it to)
- Metasplotable - msfadmin/msfadmin
- DVL - root/toor (I think and hope)
Network Settings
To stay consistent with the labs as they are written for the CDM lab environments I'd strongly suggest that you use the following convention for your network addressing. Keep in mind this assumes you're using "host-only" networking on all VMs used for the lab:
- Kali - 10.0.0.11
- Windows 7 - 10.0.0.12
- Windows 2003 - 10.0.0.13
- Windows 2000 - 10.0.0.14
- Metasploiable - 10.0.0.15
- DVL 1.5 - 10.0.0.16
- Others - 10.0.0.17-20
Procedures
Install VMWare Workstation or Fusion
On your host operating system, install the necessary VMWare software.
1. For host systems running Mac OSX you should install Fusion version 8 (although 5, 6, or 7 will work just fine if you already have this installed)
2. For host systems running Microsoft Windows XP, 7, or 8 you should install VMWare Workstation 11 or 12 (although previous versions will work as well if you already have these installed)
3. Follow the prompts to complete the VMWare install - pretty straight forward and installs on all modern operating systems without a hitch
4. Google any errors you get - now or later one - and there is a very high chance that the solution is posted to the VMWare user forum or tech support pages. One thing to note if you plan to install a 64-bit guest OS and your using an Intel processor then you may need to enable VT support in your system's BIOS
Install the Guest OSs For the Attack Systems
You will download and launch or install two (2) different attack platforms as outlined in the Pregame chapter of the Hacker Playbook. One will be Kali Linux and the other will be a Windows 7 attack platform.
Downloading and Installing Kali
1. This one's really easy...use the links on D2L to download the pre-built VM version of Kali 2.0.
2. Unzip, open by double-clicking on the .vmx fil or go to VMWare Workstation/Fusion and Open a VM, point to the unzipped directory and select the Kali VM.
3. Optional Steps (something to consider):
a. Set you network card, processor, and memory for the VM as appropriate for your hardware
b. A general recommendation here would be to give this one the most power, or on par with the Windows 7 system, as you'll be interacting with the attack platforms the most throughout the labs
Installing Windows 7
1. For this one I'd follow the Pregame chapter - but basically create yourself a Windows 7 Pro VM by downloading the ISO/IMG file from the DePaul MSDNAA site and using the wizard within VMWare Workstation or Fusion to install. If I have to explain how to install a MS operating system here you may be in trouble in this course.
2. If you have a VM of Windows 7 that is already built (for example, you took SE529/CNS297 last quarter) and think the VM you built will work as your attack platform then you're already done with this step.
3. Set your hardware options (memory, cores, disk space) as you see fit.
Download and Install the Vulnerable VMs
We are obviously going to need vulnerable systems to attack during the labs. You will need a total of four (4) vulnerable virtual machines to start. Windows 2000 Server and Windows 2003 Server (downloadable from the link below) and Dame Vulnerable Linux and Metasploitable, also downloadable from the links in their respective sections below.
Downloading the Vulnerable Windows VMs
1. I'm going to attempt to host these and let you download until my provider yells at me. If you'd like to copy these off I'll have a thumb drive with me in class - if you're a DL student and can't download for some reason let me know and we'll figure out a way to get the VMs to you. Downloading is obviously preferred and should be the most expeditious way to get these VMs.
2. To download the VMs (in compressed folders), use an FTP client (FileZilla, CyberDuck, something with a download manager in case you're interrupted in the middle of a transfer).
3. Navigate to ftp.malos-ojos.com (port 21) - make sure you turn off TLS as I have this setup as (yes, an insecure) FTP site. If you leave TLS on by default it will refuse the directory listing. Easiest way to accomplish this is to use FileZilla or Cyberduck and download the configuration file for your software from the D2L site (in Content - Lab Stuff). If you're using FileZilla you need to edit the TLS setting using Site Manager under File, change to insecure FTP only.
4. The username and password are:
a. Username - [email protected]
b. Password - cnszomgp0nies! (that's a zero in the ponies and an "o" as in oh in the zomg)
5. Transfer both compressed folders (Windows 2000 and 2003) to your local system. Transfer times will obviously vary, but with a 50Mbit connection at home I was getting 3.7Mib/sec, or around 6-7 minutes per file to download.
6. Uncompress the folders and store these with your other VM folders.
Install/Launch the Vulnerable Windows VMs
1. It would be in your best interest to keep the hardware specs of these VMs as-is since they are setup to take up minimal processor/memory on your host. You won't be interacting with them that much, so power/speed is not key.
2. From VMWare select Open and point to the Windows 2000 VM folder you downloaded and uncompressed, open the VM. If promoted choose "I Moved It" so it will setup as a new VM on your system.
3. You'll notice there is a Gold snapshot already, which is fine, but I'm going to suggest that you take your own as well after you're setup is complete.
4. You may be prompted to install the latest version of VMWare tools - this is optional. I'd also setup me network connection as "host-only" as by default I have it set to bridged to support a different lab environment.
5. Once you are all setup (a reboot may be necessary) take a Gold snapshot for yourself.
6. Do the same for Windows 2003 - however, I screwed up on this one and it has a
.lck folder and file meaning he VM is locked. Not to worry, you can either delete the lck folder from the directory (along with the New Directory that I put on the FTP site my accident ?) and then power on. Or, power on the VM and select "Take Ownership" and it should work. If not power it off and delete the lck folder and power back on. Also, choose "I Moved It" for this one as well when you boot for the first time.
7. Configure the 2003 VM and again save your own Gold snapshot.
8. Check you network settings - use the guide at the beginning (these two VMs you just launched should be 10.0.0.13 and .14). Make sure you can ping between them, and if not successful troubleshoot your settings. If you have Kali and your Win 7 boxes up as well make sure they can ping/connect as well.
Downloading the Vulnerable Linux VMs
1. The vulnerable Linux VMs (not needed until later in the quarter) will be available from the interwebs for you to download directly from the source. As of the writing of this lab document we will need two (2) Linux VMs - Metasploitable, Damn Vulnerable Linux v1.5, and OWASPBWA.
2. Metasploitable download and install:
a. Get it from here: https://sourceforge.net/projects/metasploitable/files/Metasploitable2/
b. You can use this guide to get it set up if needed - https://www.offensive- security.com/metasploit-unleashed/Requirements
3. Damn Vulnerable Linux v1.5 download and install:
a. Get it from here: https://sourceforge.net/projects/virtualhacking/files/os/dvl/
b. You don't need to install this one as a VM, and the lab associated with this VM will work even if you run it as a live system that is booted from your virtual cd-rom drive from within VMWare.
c. If you really do want to install, some of these steps may come in handy: https://www.computersecuritystudent.com/SECURITY_TOOLS/DVL/less on1/
4. We are also going to use the OWASPBWA VM as a it contains broke web applications for us to test. Download and install:
a. Get it from here: https://sourceforge.net/projects/owaspbwa/files/
Final Thoughts
At the completion of this lab you should have a fully functional lab environment that you will use to conduct most all of the lab assignment this quarter. It is important to not only verify network connectivity between the VMs, but also to take your own Gold snapshots of your VMs as well as have a backup plan (i.e. I'd store a final copy of your environment on removable media or an external drive) in the event you crash and burn at some point during the quarter...that way you can get the environment back up and running quickly.