Wednesday, November 27, 2013

Set up your Pen Testing/Hacking Lab Network using a Single System


Contents

  • Introduction
  • Installation & Configuration
  • Installing Applications on Virtual Machine
  • Advantages of Virtual Machine
  • Take Backup & Save Trouble in Future
  • Disable the windows Firewall
  • Testing your Pen-Testing/Hack Network
  • References
  • Conclusion
Introduction

There are lots of tutorials available on the internet related to hacking but the big problem lies in testing your theoretical skills. Unless you don't have practical exposure to hacking, you cannot really understand the strength of it. The technique I will discuss here will be advantageous for those who have only single system and want to set up a testing network using it. In case you have multiple systems then you can easily test for your skills by making one system as target and other as attacker.
But what to do when we have only a single system at our disposal. Need not to worry. Virtual machine is the ultimate solution. You can set up your own hacking network and apply your skills to gain practical exposure to hacking.
Installation & Configuration
The only thing to look for is your systems hardware configuration. You should have minimum 2 GB RAM but it is highly recommended to use 3 GB RAM for a 32 bit operating system.

We will be using Oracle VirtualBox in this tutorial. You can download virtualbox from this link [Reference 1].  Once you have installed Vbox, the next step is to download the Extensions pack. You can get it from this link [Reference 2]

Once you have followed these initial steps, you are half done. The next step is to setup a target operating system. Suppose you want to set WINDOWS XP SP2 as the target operating system. You will need a bootable Windows XP SP2 iso for that. You can easily download it from Microsoft website or torrent. You can refer to this quick video tutorial on how to setup a virtual machine using VBox and WIN XP.
Installing Applications on Virtual Machine

So now you have a virtual machine where you can test all your applications and hacks. Let us install a WAMP server and run DVWA over it. For those who are not aware of DVWA can check this link [Reference 3]

How to install applications on a virtual machine? Well the process is simple. When your Windows XP Virtual machine is running, then click on the DEVICE tab, move to USB and select your pendrive from the list.
Now you can install anything from a USB drive inside your virtual machine. There is also a facility to create shared folder with your host operating system but I would prefer that you use USB. Shared folder has some issues when your host operating system is Windows 7. You can install different servers, applications, RAT clients etc and play with it.
Advantages of Virtual Machine
Here are some of the major advantages of using virtual machine.
  • You can test all the viruses and RATs without any fear as your base operating system will not be affected.
  • You can test different servers and applications easily without affecting your base operating system.
  • In case the Virtual machine gets corrupt then you can re-install it.
Take Backup & Save Trouble in Future
There are also some key factors that you should remember which will help you during your pentesting:
  • Create a clone of the virtual machine
  • This step is very helpful in case your VM gets corrupt. Creating a clone of it will prevent you from re-installing it again and again.
  • You can create a clone by Right clicking on the Virtul machine instance in VBox and click on "clone.."
  • You will notice that a cloned virtual WinXP will be created for you.
Disable the Windows Firewall
The next important thing you can do is disable the windows firewall and then perform your pentesting as the firewall may block some of the suspicious activities. Using the default Windows firewall of XP virtual machine you can also test whether your activity is traceable or not. This will give you a clear understanding why RATs are not considered as a suitable hack these days because they are easily detectable. You can disable the firewall by going to control panel, clicking on Firewall and then disable it.

In this way you can set up a suitable environment for your home experiments.
Testing your Pen-Testing/Hack Network
Well a good question to ask if you have understood the above concepts. So far we discussed how to test different tools and techniques on a virtual operating system. The next step will be how to hack one virtual machine using the other. The scenario will be similar to hacking any system on internet so this technique will give you a real time exposure.

Interesting... Lets proceed then. This time we will set up another virtual machine using BackTrack [Reference 4] operating system which is one of the most widely used penetration testing operating system by security professionals.

The reason which makes Backtrack so popular is:
  • It has all the relevant tools pre-installed
  • It is linux based.
You can download the Backtrack 5 iso from its official website. Its a must have operating system for all. You can follow this simple video to install BT on virtualbox.
DOWNLOAD backtrack HERE
 http://www.backtrack-linux.org/downloads/
 
 
Once you are done with the installation part, the next step is to make the two virtual machines (BT and WinXP) connect with each other. There is a simple setting that you will have to make in both the virtual machines. Let's check it out.

Select the Backtrack virtual machine, then click on settings tab, then move to "network" settings. You will find that "Adapter 1" is set to NAT adapter. Switch to the "Adapter 2" tab.
In the Adapter2 tab, set the adapter as "Host-Only Adapter". Set the name of adapter as "VirtualBox Host Only Ethernet Adapter" . See the figure.
Make similar setting changes in your windows XP virtual machine as well. Now your two virtual machines are ready to connect with each other. You can check the IP address of Windows machine by using the ipconfig command in the command prompt and similarly you can check the IP address of the BT machine using the ifconfig command. Also you can ping the two machines to check if both are detecting each other (don't forget to disable the windows firewall else it will filter the ping data packets).

The following image shows my two virtual machines. One is WinXP and other is BT5 with there corresponding ip addresses. Both are running ovr my host operating system Win7. So in all there are 3 operating systems running simultaneously.
Now you can use various options available in Backtrack OS to perform tests on the WinXP box. Let us quickly perform an nmap scan to check the open ports on WinXP machine.
As you can see that the target is up and has some open ports as well. Similarly you can perform several attacks and use the tools available in Backtrack to penetrate the target windows XP machine without harming your own operating system.

You can use this technique to perform several tests like,
  • You can try to hack different operating systems by installing them as a virtual machine.
  • This will have a real time simulation of original scenario.
  • You can increase the level of difficulty of your hacks by installing firewalls, IDS/IPS etc.
  • This is a self customization scenario where you can do what ever you want
References

  1. VirtualBox - Powerful x86 and AMD64/Intel64 virtualization product
  2. Extension pack for Virtual Box.
  3. Installing and working with DVWA.
  4. BackTrack - Popular Live Security Distribution for Penetration Testing
    Conclusion

    This is just a quick example for you all to get started with using VM's for pentesting and hacking. You can further take this tutorial to next level by experimenting with various flavors of operating systems and try your hands on them.

    This can be like a practice battlefield for you before you dive deep into the real fight.

    No comments:

    Post a Comment