The Lab

Before we get into the technical aspects we need a place to work to test out tools and ideas. If we did this on any website it would be called hacking, and we don't want to do that. So, to that end I have created a lab that is sheltered from the Internet (and my normal home network for that matter). Other then some Windows licensing everything else I use is free.

The physical

I have one system with a dual core Xeon processor, 5 GB of RAM and 150 GB of hard drive space. I know it's fairly dated hardware, but it will be enough for our needs. Of course you can use anything you have, there is no real need to go out and buy something new just for this.

Software

I am running CentOS as the main operating system with Virtual Box to host multiple virtual machines (guests). I'm using CentOS because I'm comfortable with it. I've been running Red Hat based systems since it came on floppies, but I digress.

Let's move on to selecting what we want in our lab. Here is my short list of systems I have running; BackTrack5R2, 2 x Windows XP, Metasploitable, DVL (Damn Vulnerable Linux), Linux web server hosting Web Goat, and Windows 2003. I also created a simple VM that I can load a bootable ISO image into.  You may have noticed I have two Windows XP machines running.  This is so I can use one for Windows based tools (as an attacker) and one as a target.

Now that you have an idea as to what operating systems you want to run it's time to build some VMs.  To help maximize hardware resources I do not run a GUI on the hosting server, which means we'll have to set up the VMs from the command line.  Don't worry, it's easier then you think.  In fact here's a quick script I put together to make it even easier.  Of course this is something I wrote with my needs in mind. I would recommend examining each option and tweak it to meet your needs.

#!/bin/bash


# Vars
# -----
LOGFILE="VM_Setup_Log.log"
VMNAME="BackTrack"
OSTYPE="Linux"
HDSIZE="20000" # 20GB
ISOPATH="/VM/ISOs/"
ISONAME="BT5R2-GNOME-32.iso"
VMPORT="5007"
RAM="1024"
BASEFD="/VM/Machines/"
BASEHD="/VM/HardDrives/"
NIC="eth1"



# Build the VM
VBoxManage createvm --name $VMNAME --ostype $OSTYPE --register --basefolder $BASEFD
VBoxManage createhd --filename $BASEHD$VMNAME".vdi" --size $HDSIZE
VBoxManage modifyvm $VMNAME --memory $RAM --acpi on --boot1 dvd --nic1 nat --nictype1 Am79C973 --nic1 bridged --bridgeadapter1 $NIC --cableconnected1 on --pae on --audio none --clipboard disabled --usb off --snapshotfolder $BASEFD$VMNAME"/SnapShots"

VBoxManage storagectl $VMNAME --name "IDE Controller" --add ide --controller PIIX4
VBoxManage storageattach $VMNAME --storagectl "IDE Controller" --port 0 --device 0 --type hdd --medium $BASEHD$VMNAME".vdi"
VBoxManage storageattach $VMNAME --storagectl "IDE Controller" --port 0 --device 1 --type dvddrive --medium $ISOPATH$ISONAME
VBoxManage modifyvm $VMNAME --vrdeport $VMPOR

 

Much like CentOS, I'm utilizing Virtual Box due to my familiarity level. Since I'm not running a GUI on the host (the actual physical server) all VMs run in “headless mode”. This can easily be accomplished by starting the VM from a command line with something like: VBoxHeadless --startvm BackTrack (where BackTrack is the name of your VM).

Tip:  Put an ampersand (&) sign after the command to run it in the background.

 Now that the VM is running in headless mode we need a way to log into it.  Point your remote desktop client (rdesktop on Linux) at the IP address of the host server and the port number you set in the script (the VMPORT variable).  It should look something like rdesktop -g 90% 192.168.1.1:5007.  This will give you access to the console of that virtual machine.

Tip:  Don't forget to allow the ports you use through your host firewall.

And here is what it looks like.  If all has gone well you should now have a basic lab up and running, ready for use to test out tools.