Tomorrow’s victory is today’s practice.

Netrunner,

After these 3 first chapters ( Have a look here: Netrunner/ITKnowledge/Security), it is time to start and create your own virtualized hacking environment. Just put the first bricks. Later we will use this new environment.

 

What do I need to create my own hacking environment?

Because you don’t want to be sued/go to jail because you tried some illegal stuffs in the real world! And to practice your hacks before taking them out into the real world also. So this environment will be a safe play ground where you will try and enhance your skills.  It is very important to master your skills on your own gear and to experiment with common hacking and information security testing tools.

 What we are going to do

In this tutorial we will install 2 system virtual machines (Full virtualization VM)  in a completely virtual environment running inside a single host computer.

So we will need

  • a recent computer to have enough ressources
  • a virtual environment
  • 2 virtual systems (Attacker and Victim)
  • a Virtualized LAN (VLAN)

Our monitoring and attack system will be an instance of a Kali Linux  virtual machine running inside an installation of the VMware player software on your computer.

  • VMware Player is a free desktop application that lets you run virtual machines on a Windows or Linux PC. I personally installed it because it is free and very easy to use.
  • Kali is an advanced Penetration Testing and Security Auditing Linux distribution.

Our victim will be an instance of Metasploitable2 , a virtual machine that exhibits vulnerabilities that can be found on  everyday computer systems and software configurations. The Metasploitable virtual machine is an intentionally vulnerable version of Ubuntu Linux designed for testing security tools and demonstrating common vulnerabilities.

Install our Virtualization software package: VMware Player

VMware Player

VMware Player

Why using Virtualization?

Because VMs can be easily backed up, snapshotted, and transferred to other host computers.

First download the latest version of VMware Play from their website:

https://my.vmware.com/web/vmware/free#desktop_end_user_computing/vmware_player/7_0

If your OS is Windows it is a full installation wizard that will install the soft.

Here is the guide of VMware Player(If you need to install it on Linux for ex)

http://www.vmware.com/pdf/vmware_player200.pdf

 

Install our Victim system: Metasploitable 2

Metasploitable 2

Metasploitable 2

 

Rapid7 (Metasploit team)  has released an excellent victim system. it is a vulnerable VMware virtual machine called ‘Metasploitable’.
The virtual machine will run on any recent VMware or VirtualBox product. The virtual machines are configured with non-persistent disk so any potential damage you do to the system will be reverted on reboot. You can find Metasploitable at their official website:

https://information.rapid7.com/metasploitable-download.html?LS=1631875&CS=web

And ifyou don’t want to give your personal info:

http://sourceforge.net/projects/metasploitable/files/Metasploitable2/

Extract the Metasploitable download. Once it is extracted you will find a directory with various virtual machine files. Double click the .vmx file and VMware player will automatically create the Virtual machine for you.

 

Install our Attacking system: Kali Linux

Kali Linux

Kali Linux

Kali Linux download link: http://www.kali.org/downloads/

Download the ISO form. From there simply install Kali with the ISO.

Choose what you want to install (I prefer to have a Graphic User Interface)

Kali Linux Install

Kali Linux Install

So now you should have these systems when you open VMware Player.

VMware Player

VMware Player

 

 Create the Virtualized LAN (VLAN)

Make sure that both of the VMs are shutdown. (Kali and Metasploitable)
From the Home screen for VMware player where all of the VMs are listed, select Kali and on the bottom right of the screen select Edit virtual machine settings.
edit VM

edit VM

In the pop up window, select Network adapter and change it to eighet NAT.  (Kali will have internet access and can be updated in the future).

Change the devices as follow
Virtual Machine Settings

Virtual Machine Settings

 

Repeat the same process for Metasploitable 2 VM.

Check if both machines have a network
Log into Kali (root/root)
open console and type # ifconfig

Log into Metasploitable (msfadmin/msfadmin)
open console and type # ifconfig

Terminate your sessions by typing #poweroff

That’s It Netrunner!

You should now have a virtualized hacking environment (LINUX based) to train your hacking skills!

 

About The Author

Active Wirehead
Owner/ Admin / Author