Posted on 26 Comments

How to create pen testing lab in VirtualBox.

Good evening everybody. Sometime back, I wrote an article on how to set up a virtual penetration testing lab using Vmware Workstation. But Vmware Workstation is a commercial product.

Today I am going to show you how to create a pen test lab in VirtualBox absolutely free of cost. I hope this tutorial will be helpful for many beginners into cyber security domain.

What do we need?

1. Oracle VirtualBox. (Download)

2. Kali Linux. (Download)

3. Metasploitable 2. (Download)

Oracle VirtualBox is the virtualization software we will be using to create our lab. We will be using Kali Linux as the attacker machine and Metasploitable 2 as the victim machine. Install Kali Linux and Metasploitable 2 in VirtualBox.

See how to install Kali Linux in VirtualBox.

See how to install Metasploitable in VirtualBox.

Select Kali Linux, Go to settings > network. Enable “network adapter 1″. Set the “Attached to” option to “internal network”. Set the name of the network adapter to “intnet”. Click on “OK” to save the settings.

Do the same for Metasploitable virtual machine.

Power on the metasploitable VM. Log into the system. Default username and password are “msfadmin”.

Type the command “ifconfig” to see the IP addresses of interfaces.

The ‘lo’ interface is the loopback. Now we are going to set the IP address on the interface “eth0”. Type the command “sudo ifconfig eth0 10.10.10.2 netmask 255.0.0.0 up”. The sudo password is “msfadmin. Verify that the IP address is set by typing command “ifconfig”.

Power on Kali Linux. In the terminal, type command “ifconfig eth0 10.10.10.1 netmask 255.0.0.0 up”. Verify if the IP address is set by typing command “ifconfig”.

Test whether this system can communicate with victim system by pinging the victim machine as shown below.

The connection is successful. Our penetration testing lab is ready. Happy practicing.

Posted on 2 Comments

How to connect Vmware with GNS3

I am self learning for CCNA. A few months back, I got a thought if we can simulate routers in Vmware Workstation. While I was searching for it I found a different solution, GNS3. After simulating routers in GNS3 and practicing CLI interface, I had another idea if we can simulate CISCO Graphical User Interface on our PC. This article is  result of that.

In this article, we are not only going to see how to connect Vmware with GNS3 but also see how to simulate CISCO Graphical user Interface (GUI). For this I use,

1. Vmware Workstation .

2. Windows XP as Guest OS.

3. Cisco Security Device Manager v25.

4. GNS3.

5.  C7200 Router Image.

Open Vmware Workstation. On the menu Select “Edit>Virtual Network Editor”. On the Virtual network editor, click on “Vmnet1″ network. It is a default Host-only type network adapter of Vmware. Observe its settings. Enable DHCP server.

Install Windows XP as a guest. On its virtual machine settings, change the network adapter to “Vmnet1″.

Power on the machine. Install Cisco SDM ( I leave the getting Cisco SDM part to you ). Open CMD and type “ipconfig” to see its IP address. Take note of this.

Open GNS3. Click on “Browse all devices”.

Select Router “c7200″ and drag it to the workspace. Do the same with “Cloud”.

Close the All Devices tab. Right click on the Cloud.  Select “Configure”, a ‘node configurator’ window will open. On this window, click on “C1″.

On the NIO Ethernet tab, in the “Generic Ethernet NIO tab” dropdown menu, select our network adapter (Vmnet1) from the dropdown menu and click on “Add”. Click on “OK” to close the window.

Right click on the router. Select “Configure”, click on “R1″. Select slots tab. In the Slot 1 dropdown menu, select “PA-4E”. Click on Apply an close the window. The selection PA-4E creates four Ethernet ports on the router. Right click on the router and start the router.

Add a link from “cloud( Vmnet1)” adapter to the “e1/0″ port on the router.

Hover your mouse over the router. We can see all the ports.

Similarly hover your mouse over the cloud to see its connections.

Right click on the router and select “Console”. In the global configuration mode, type the following commands.

ip http server”

ip http secure-server”

These commands set up http and https servers respectively which are needed for Cisco SDM.

Type the command “interface Ethernet 1/0″. We are entering into specific configuration mode of our connected interface. Type the command “ip address 192.168.10.3 255.255.255.0″. This sets the interface IP address and subnet mask. Make sure the router IP address is in the same subnet as that of our guest OS in Vmware workstation. Type “no shut” and exit to the privileged mode.

Let’s ping our guest from the router. to ensure that we are connected to Vmware Guest.

Since success rate is 100%  we have successfully connected Vmware and GNS3. Now let’s do the Cisco SDM part. On our Guest machine click on Cisco SDM. A SDM launcher window will open. Type the IP address of the router and click on Launch.

Internet Explorer will open as below. Make sure Internet Explorer is configured to allow pop ups and to allow Activex to run from the computer.

After some time the following popup will open. Don’t close it.

Then we might see a certificate warning. Click on Yes.

After some processing, Cisco SDM will open.

We have successfully simulated Cisco GUI on our PC. Happy practice friends.

Posted on 4 Comments

Setup a virtual pen testing lab : Step by Step guide

Virtual penetration testing lab is a lab created on a single system using any virtualization software. It can be very helpful for people practicing for CEH or similar certification. Any penetration testing lab has two machines, attacker and victim. In this lab we will set up Kali Linux as the attacker and Windows XP( most favorite victim machine ) as the victim. I am going to set up this lab in Vmware Workstation 9. Hope this will be helpful.

First of all install Kali Linux and Windows XP in Vmware Workstation.

Shut them down. In the Vmware Workstation menu, Select Edit” and click on Virtual Network editor.

The window below will open showing the virtual network adapters. Click on “Add network”.

Vmware provides nine virtual networks from 0 to 9. Vmnet0, Vmnet1 and Vmnet8 are automatically assigned for  bridged, Host-only and NAT types of network respectively. Select the network “Vmnet3″.

We can see that our network is added as Host-Type with a automatically assigned subnet IP.

Click on our network. We can see its settings below.

Deselect the option ‘Connect a host virtual adapter to the network’. This’. This‘.This will make our network a custom type. Change the subnet IP to 10.10.10.0( choice is yours).  Select the ‘Use local DHCP service to distribute IP address to VMs‘ option. This will automatically assign IP addresses to our machines. Click on ‘DHCP settings‘.

You will see the below window. Make changes if you like. I am going to leave it default. Click OK twice to exit.

We have successfully created our custom network. Now let’s add our machines to the network. Open the tab of Kali Linux and click on ‘network adapter‘ setting.

In the settings, select the ‘custom radio button and select the network Vmnet3 from the dropdown menu. Click on OK.

Do the same for Windows XP. Then let’s boot up our victim machine and check it’s IP address by typing ‘ipconfig‘ in the command line. The DHCP server has automatically assigned it the IP address 10.10.10.129.

Boot the attacker machine and check it’s IP address by typing ‘ifconfig’ in the terminal. It has been assigned the address 10.10.10.128.

Ping the victim IP machine (10.10.10.129) to see whether the two machines can communicate.

We have successfully created a virtual penetration testing lab. Happy testing.