Virtuel lab setup for hacking

If you are planning to start hacking you will need a setup. I could give you a long talk why it’s stupid to hack on real companies but I won’t – the only thing I will say is that don’t. If your purpose is to have fun and learn about security then read on.

You could start hacking directly from your own OS (Mac, Windows or Linux) but then you need to find all the tools, install them and risk to destroy your current OS. Therefore a good way to start is to setup a virtual lab. A virtual lab is just a virtual machine running the OS from where you can do your hacking and a virtual pc/server that you can target (hack). This way everything is legal and you can concentrate on learning security.

This post is a guide to:

  1. setup an OS to hack from
  2. get a target to hack

There are several virtualization systems out there but the one I use is VirtualBox – but you could use another.

Step 1 – install VirtualBox

When you are done installing VirtualBox you have the base for your virtual lab but you still need the tools for hacking and a target to hack.

 

Step 2 – install the tools for hacking

You need several tools for hacking. The good thing is that you are not the first one 🙂 Kali is the solution.
Kali is a Linux distribution made for penetration testing (just what you need). Download a Kali distribution for VirtualBox.

 

Step 3 – add Kali to VirtualBox

Start your VirtualBox.

Now ‘Import’ the Kali distribution that you downloaded from Kali. This is done but ‘import’ and select the distribution. Just click next and import. It takes a minute or 2 to import it.

 

 

Step 4 – change the network

You need to change the network of your Kali VM to internal. The default is that Kali VM will use your internet – this means that you can browse the internet, but in our setup the target to hack is NOT on the internet but will be a virtual server that you start up inside VirtualBox and for Kali to see this target the network needs to be changed to internal.

This is done from VirtualBox by selecting the Kali VM and then the ‘settings’ menu. In the ‘settings’ menu choose ‘Network’ and change it (Attached to) to ‘Internal’ (default is NAT).

When you start up Kali VM you will no longer be able to browse the internet – but that’s ok. Username and password for the Kali VM is ‘kali’.

 

Step 5  – Target to hack

Now that you have Kali with all it tools for hacking all you need now is the target that you want to hack. Vulnhub is a website that has tons of VM that has been designed to hack. These virtual machines are servers that has some weaknesses and then it’s up to you to exploit it and get access.

A good place to start is the De-Ice disks. They are quite old but will start at beginner level and move up to a harder level. So, let’s fire up a De-ice VM in our virtual lab. Go to Vulnhub and search for De-ice. This should bring up a number of hits. Download ‘De-ICE: S1.100’.

Now, open VirtualBox and choose the ‘new’ menu from ‘tools’.

Now choose ‘Linux’ as the operating system. Linux is because the De-ICE VM is a Linux distribution (you can see this from the webpage where you downloaded it). Give it a name so you can remember what it is.

Just click ‘Next’ until it is created. You don’t have to change any default settings.

It’s still not using the De-ICE VM. So let’s make sure that it uses the De-ICE VM. In VirtualBox choose the ‘Settings’ menu.

From the ‘Settings’ menu choose ‘Storage’

If you see the ‘De-ice100.vdi’ (the above image has it) under the controller. Then you are good to go, BUT if not then you need to add it by clicking on the small ‘plus icon’ and then add the De-Ice file you downloaded from Vulnhub.

 

If you end up having 2 ‘De-ice100.vdi’ files under the controller when you are done then simply delete one of them. The goal is to have the image that you want to hack located under the controller.

 

Step 6 – change the network of the target

The target needs to have the same network as the Kali system – in order for the Kali system to see the target.

This is done the same way as described in Step 4, but just for the target (De-ICE).

 

Now you are ready to start both the Kali and the target (De-ICE) up and start to hack.

 

Troubleshooting

Error starting VM:

If you get an error concerning modprobe vboxdrv then disable secure boot. This is done from BIOS.

Kali is loosing network

Try to change the Network (see step 4) to Bridge – remember to do it for both Kali and your target. This will make you able to browse the internet but when running the tool like ‘netdiscover’ then you will scan all of your network (will be a little harder to find your target, but more realistic)

 

You may also like...