Build and Configure your White Hat Hacking Lab

0:00Someone once told me that a journey of 1,000 miles

0:03begins with a single step, and the challenge

0:05is if we don't take that single step we're not on the journey.

0:09So I would start off by recommending

0:11that you and I schedule time to go through these Nuggets.

0:14So regarding scheduling your time,

0:16take a look at what would be reasonable,

0:18perhaps 15 or 20 minutes a day at a certain time,

0:21and then block that off.

0:22And the great news is that most of the Nuggets in this course

0:25are less than that time-wise, so you could easily

0:28enjoy about one and maybe even two Nuggets a day

0:30just by carving out a little bit of time.

0:32And then during that time, let your friends and family

0:34know that you are studying.

0:36I've also noticed that when people publicly

0:39commit to studying, for example 10 or 15 minutes a day,

0:42there's a little bit added pressure because they've

0:44committed to that publicly.

0:46So if you would like to commit to me publicly,

0:48either on Twitter or on Facebook-- and just post,

0:51I commit to 10 minutes a day or 15 minutes a day--

0:54I will be right there rooting for you along

0:56with your friends and family who also want to see you succeed.

1:00Another big aspect is practicing hands-on.

1:03Now, as part of that, the good news

1:04is I walk you through how to build your own virtual lab

1:07so you can practice many of the techniques

1:09that we'll be learning.

1:10And as you practice hands-on, I would

1:12encourage you to be aware that you would never

1:14want to do anything illegal or unethical against any systems

1:20that you're not authorized to perform that type of activity

1:23on.

1:23So when you're practicing hands-on, especially

1:25with hacking tools, do it in a safe and legal environment.

1:29And again, I walk through how to build the labs in this class,

1:32but if you also want to go out and purchase labs separately,

1:35that's also an option as well.

1:36ECCouncil.org, if you go up to their website

1:39and purchase their labs, they call

1:41them iLabs for certified ethical hacker.

1:44So for a person who doesn't want to build

1:46their own virtualized environment,

1:48the iLabs are one solution to the problem

1:50of getting hands-on practice in a safe environment where

1:52you're not going to damage production systems.

1:55And the third secret of getting the most out of our time

1:57together is to enjoy the journey.

1:59Have fun.

2:00In every single Nugget, I had fun creating it with the intent

2:04that you and I would be going through it together,

2:06enjoying the content, and having a boatload of fun learning it.

2:09So that's the basic three elements--

2:11schedule time, practice what you learn, and enjoy your time.

2:15So I'm keeping this intro really, really

2:17short so we can get right to the content, which

2:19starts in the next Nugget.

2:20So I'll see you there.

2:21Meanwhile, I hope this has been informative for you,

2:24and I'd like to thank you for viewing.

0:00I remember a friend telling me many, many years ago saying,

0:03Keith, the best way to really learn something

0:06is to actually get your hands dirty and do it.

0:09And you know what?

0:09He was absolutely right.

0:11Well, a big part for you and I as we go through this course

0:13together is to make sure that you get the hands-on practice

0:16that you deserve to have to really learn the content.

0:19And a great way of doing that is building your own hands-on lab.

0:23So in this Nugget, you and I get to take a look

0:25at some options we have in building a lab

0:27to provide that environment for hands-on practice.

0:30And, my friend, also equally important,

0:33to keep us out of trouble.

0:35So let's begin our discussion of a lab idea with a user, Bob.

0:38So Bob is sitting here at this computer right here.

0:41And he wants to start practicing, which by the way,

0:43is a great idea.

0:45However, it could be really bad news for Bob

0:47if he loads the tools those computer and start using them

0:49on this network, especially if Bob is not

0:52in charge of that network and doesn't have written permission

0:55to use the tools.

0:57So instead of using a live network

0:58that Bob is not responsible for and doesn't have permission

1:01for, here's another idea.

1:03Bob could create his own network,

1:07and then as part of his lab he can have other computers,

1:09including Kali Linux.

1:11And Kali Linux as a Linux distribution

1:13with tons and tons of attack tools

1:15pre-built into the distribution.

1:17Also in his test network, we might

1:18want to have some various Windows servers and also

1:21some Windows hosts.

1:23That might include windows.

1:247, Windows 8, Windows 10, et cetera.

1:27So up here I'll put WIN S. for servers and WIN H. for hosts.

1:30There's also some really cool machines out there

1:32that we can put on our network to test our attack tools,

1:35like Metasploitable, which has some open vulnerabilities

1:38ready to go, as well as OWASP BWA, which is the Broken Web

1:44Applications Project.

1:46So maybe we add another machine for the Metasploitable

1:49and another one for the Broken Web Applications Project

1:51from OWASP.

1:52And the challenge that Bob might very quickly realize

1:54is that, holy schneikers, where am I

1:57going to get all these different machines?

1:59And the great news is that most of these can be virtualized,

2:02so we don't have to have physical systems for each

2:04of them.

2:05What Bob could do is, he could go ahead and have his computer

2:08right here, this is Bob's PC.

2:11And Bob could be using an application

2:13called a hypervisor.

2:14One of the most popular hypervisors out there

2:17is from VMware, and it's a product

2:18called VMware Workstation.

2:20They also have an equivalent version or similar version

2:23for the Mac called Fusion, and there are other vendors'

2:26products as well.

2:27And what these hypervisors like VMware Workstation

2:29allows us to do is to create virtual machines

2:32on the same computer.

2:33Let's say this is the 192.168.1.0 network.

2:38What Bob could do is, he could create a Kali Linux

2:41box as a virtual machine, so I'll put k there for Kali.

2:44He could create virtual machines for Windows servers,

2:46Windows hosts.

2:48He could create a virtual machine for Metasploitable,

2:50and the list goes on.

2:51Now, here's the trick.

2:53If this is Bob's PC, and this is a production environment,

2:56we really don't, especially without permission,

2:58want to allow these virtual machines to have access

3:00to this network.

3:02So what we could do in VMware Workstation,

3:04and in other virtualization tools--

3:06it's very similar-- we could create additional networks.

3:09In VMware Workstation, we can create VMNet1.

3:14So just think of VMNet1 as a separate, virtualized network,

3:18meaning it's separate from the physical adapter on Bob's PC.

3:21And then if we logically place the Linux box, and the Windows

3:26servers and/or hosts, and the Metasploitable box,

3:29and we connect all their virtual network

3:31adapters on those virtual machines to this VM Net 1,

3:33they could all talk to and work with each other,

3:36and we could keep that traffic isolated and off

3:38of the production network.

3:39Now, on the other hand, if this is Bob's home network,

3:43and he's totally in charge of it,

3:44and he wants to use this network as well, another option would

3:47be to, instead of using a VM Net 1,

3:49we could bridge each of those adapters

3:51from Metasploitable, from Windows,

3:53and from the Kali Linux box, over to that physical network.

3:57And if we did the bridging option, as opposed

3:59to assigning those VMs a separate network,

4:01then it's as if each of those virtual machines

4:04is directly connected to the same VLAN, which

4:06corresponds to the subnet.

4:08In my case, it's 192.168.1.0.

4:11And as an additional option, if Bob had two physical network

4:14interface cards-- so let's say this is the 192.168.1

4:16network in and up here he's connected to the 10.2.2.0 2.0

4:20network.

4:21So lets call this adapter down here

4:22adapter number one, and this one connected to the 10.2.2 network

4:25physical adapter number two.

4:26Bob could then make decisions on where

4:28he wants to connect the virtual machines.

4:30Does he want them to connect to the VMNET1

4:33or some other virtualized network?

4:34Or does he want to bridge them to the network

4:36interface one or, or does he want to bring them to network

4:38interface two, or do we want to have multiple network adapters

4:41in these virtual machines?

4:42And I wanted to point out these options conceptually,

4:45because I want to make sure that you are not accidentally

4:49placing virtual machines, especially with attack tools

4:51that you plan on testing and working with,

4:53you do not want to have those actively working on networks

4:56where you're not authorized to use those tools.

4:58So as you and I go through these Nuggets together,

5:00I'm going to use the 192.168.1 network.

5:03That's my physical/wireless network

5:05that's all bridged together in my home office.

5:08And I'm going to bridge all of my virtual machines

5:10to that network.

5:11So as you build your lab environment,

5:13just be aware of whether or not you

5:15want to actually put those virtual machines

5:16on the real network that you're physically connected

5:19to or wirelessly connected to, versus connecting all

5:22your virtual machines to some virtualized network that's

5:24created instead of VMware Workstation.

5:27In this Nugget, we've taken a look

5:28at the concept of using virtualization

5:30to create our virtual machines that we can use as a test

5:33bed for our lab environment, as well

5:35the concepts of how we can make sure we're keeping that traffic

5:38and those virtual machines separate

5:40from any type of production or other networks

5:42that we're not authorized to use the tools on.

5:44I hope this has been informative for you,

5:46and I'd like to thank you for viewing.

0:00In our Nugget regarding the building a lab concepts,

0:03we talked about connecting virtual machines

0:05to specific virtual networks.

0:07The question might be, how easy is that to configure inside

0:10of VMware workstation?

0:12And the answer is it's a piece of cake.

0:13So let's imagine that this is the host computer that's

0:17going to be running VMware workstation, which

0:19is acting as our hypervisor.

0:20And maybe this is Bob's PC.

0:23And it's connected to a physical network,

0:26which it could also be connected to a wireless network.

0:28It's going to be the same concept here.

0:30As part of VMware workstation, there's

0:31going to be multiple VMNETs.

0:34Now, whenever we see the concept or the word "VMNET",

0:37we can think to ourselves, that's a logical network.

0:40So VMNET1, VMNET2, VMNET3, et cetera, each of those

0:46represent a different logical network space,

0:48very similar to the concept of a VLAN, a separate network.

0:51And these VMNETs only exist logically

0:54as part of VMware workstation.

0:56Now, here's the cool part, how we can leverage those.

0:58When we deploy a virtual machine,

1:01as part of the configuration for that virtual machine,

1:03we can associate that virtual machine with a VMNET.

1:07So if we have one network adapter in the virtual machine,

1:09we could associate it, for example, with VMNET1.

1:12And then as part of being in VMNET1,

1:14we could associate VMNET1 with, for example, the 10.1.1.0

1:19network, or any other IP addressing scheme

1:22that we want to choose to associate with VMNET1.

1:25And maybe VMNET2 is the 10.2.2.0 network.

1:29Again, it's up to us with what IP addresses

1:31we use on the machines that are connected

1:33to the respective VMNETs.

1:35Now for the physical network down here, it's 192.168.1.0.

1:41And maybe this is also VLAN 10.

1:44From the physical network's perspective,

1:46we would have the option of bridging

1:47the network adapter on the VM over to that physical network.

1:51Or if we had a VMNET-- let's take VMNET0--

1:55and we had configured VMNET0 to be bridged

1:58to this physical network interface card,

2:00then if we associate the VM with VMNET0, its like algebra

2:03in high school.

2:04If a equals b and b equals c then a equals c.

2:08And how that applies here is that if this VM is associated

2:11with VMNET0 and VMNET0 is associated

2:14to be bridged with this physical network interface card,

2:16effectively this VM is on that same network, the 192.168.1,

2:20in our case.

2:21And one other item I'd like to share with you before we

2:23demo this is, what if we wanted Bob's PC

2:26to also take part in and play a role on the 10.1.1 network?

2:31One of the options we have when we work with the networking

2:34portion of VMware Workstation is to configure the host computer

2:39to have a logical virtual network interface

2:41card on one of these VMNETs.

2:43So we could configure VMNET1 to represent the 10.1.1 network.

2:47And if we check the box that says

2:48we want Bob's PC to also be present and participate

2:52on that network, we could check that box and Bob's PC

2:55would be given an IP address on that 10.1.1 network

2:58as part of VMNET1.

2:59We also have an option of being a DHCP server on a VMNET

3:04if we choose to.

3:04And those are in the controls of the VMware Workstation, which

3:07we're going to look at right now.

3:09So here on Bob's machine, I've launched

3:11VMware Workstation just to verify

3:13what version we're running.

3:14And I click on Help and go to About VMware Workstation

3:17from the dropdown.

3:18And what this reveals is that we're

3:19running VMware Workstation 12 pro, version 12.1.

3:23And if you're running version 11 or version 10

3:26of VMware workstation, it's going

3:27to be very similar in its configuration.

3:30Now, to configure the networking, the VMNETs

3:32inside of VMware workstation, we're

3:34going to go up here to Edit.

3:36We're going to click on Edit.

3:37And then from the dropdown we're going to select the Virtual

3:40Network Editor.

3:42And here we can view the settings

3:44for the virtual networking.

3:45And if we want to change the settings,

3:47we need to click on this little button

3:49right here, which will allow us to change the settings.

3:52So we'll click on the Change Settings button right here.

3:55I have Windows User Account Control saying,

3:57are you sure you want to allow this to happen?

3:59I'm going to click on Yes.

4:00And now with VMNET0 highlighted, it's

4:02showing me that it's currently bridged to my network interface

4:06card.

4:06So down here, because the radio button for bridged

4:09is selected, also from this dropdown,

4:11if I have multiple network interface cards,

4:12I can control which network interface card

4:15on the host computer, Bob's PC, that VMNET0 is currently

4:19being bridged to.

4:20So I've got a pluggable network interface adapter

4:23that goes in a USB port.

4:24And I've also got the one that was

4:25built into the motherboard on the host computer

4:27that I'm using.

4:28So next let's click on VMNET1.

4:30And in my current configuration is configured

4:32as a host-only network.

4:34It's a logical network that's being

4:36created on this host that's running VMware workstation.

4:39And if we had three virtual machines

4:41and each of the virtual machines were connected logically

4:44to VMNET1, they could all talk to each other on that network.

4:48I've also identified what the subnet address range is

4:51going to be for that network.

4:53And the reason that's important is if we're going to also add

4:56a network interface card from Bob's PC, the host computer,

4:59by clicking this check box right here--

5:01connect a host virtual adapter to this network--

5:03and that would give this computer

5:04the IP address of 10.1.1.1 on the 10.1.1 network.

5:08And if we wanted VMware workstation

5:10to be a DHCP server to hand out IP addresses,

5:13we could click this check box and say use local DHCP service

5:16to hand out IP addresses to virtual machines.

5:19And another option is if we wanted

5:21to set up network address translation,

5:22we could click this radio button.

5:24And that would allow VMware workstation

5:26to act as a router to route the packets from the 10.1.1

5:29subnetwork out to the physical network

5:32that it's connected to on its other interface.

5:34And then here's VMNET2, which is also

5:36just another logical network.

5:38And if we wanted to add a new network,

5:39we could click on Add Network.

5:41It's going to recommend VMNET3 as our next logical number.

5:44We can click on OK.

5:45It came up with some wacky address space it wants to use.

5:48If we want that to be 10.3.3.0, we could.

5:51And then we could decide whether or not

5:52we want to be a DHCP server for that logical network

5:55and whether or not we want to connect a network interface

5:58card from the host computer, Bob's PC,

6:00also to that network, which would be important

6:02if we want direct communication from this host

6:04computer to that VMNET.

6:07Or rather, I should say, to the devices in that VMNET.

6:10So if you need that interface, you check that box.

6:12If you don't, you can de-select it.

6:14And I'm going to click on Apply.

6:16Now the lab that we're going to build together

6:18as part of these Nuggets, I'm going

6:19to connect all my virtual machines directly

6:22to my physical/wireless network here in my home office.

6:25So to do that, I could associate the network interface

6:28cards of the virtual machines either with VMNET0, and that

6:31would do it, because it's bridged to my ethernet card.

6:34Or there's another option that says, please bridge the network

6:37interface card directly to the physical interface.

6:39And that would also have the same logical function.

6:42So I'm going to go ahead and click on OK here.

6:44And to demonstrate the connectivity,

6:46let's go to one of my virtual machines

6:48that I already have in place.

6:49Here's a Windows 8 machine, a virtual machine.

6:52So by clicking on this virtual machine here,

6:54it has the settings.

6:55And what we're focused on here is networking.

6:57So this shows that this virtual machine, its network adapter

6:59is connected to VMNET2.

7:02If we wanted to change that, we could go ahead and simply

7:05right click on this virtual machine.

7:07From the dropdown we'll go ahead and select Settings,

7:09down here near the bottom.

7:11And then for the network adapter,

7:12we would highlight that.

7:14And here's where you and I would specify

7:16where we want the virtual network interface

7:18card on that virtual machine, where we want that to connect.

7:21If we want it to connect to VMNET1,

7:23we would select VMNET1 from the dropdown.

7:25If we wanted to connect it to VMNET0,

7:27we'd click on or select VMNET0 from the dropdown.

7:30And in our case, in my current topology,

7:32VMNET0 is bridged to my ethernet adapter.

7:35And if the goal for you and I is to bridge

7:37this virtual machine's network card to our physical machine's

7:40network interface card, another way

7:42of doing that exact same logic is by clicking on

7:44the bridged option here, which says

7:47connect directly to the physical network.

7:49And then I usually replicate the physical network connection

7:51state to the virtual machine.

7:53And little interesting thing, see

7:55how we made that change here, but over here

7:57it still shows VMNET2?

7:58If we clicked on something else-- for example,

8:00let's click on processors--

8:02that refreshes the screen.

8:03And now it shows that it's bridged.

8:05And if you have multiple network interface cards

8:07and you want to make sure you're bridging it

8:09to the right network interface card,

8:11it might be a good idea to go ahead and specify

8:14a VMNET0 which is bridged over to a specific network interface

8:17card.

8:18And that way you don't have to guess about which network

8:20it's connected to.

8:21So we'll say Custom VMNET0.

8:24And then we'll click over here somewhere else

8:26once more so it refreshes.

8:27And now once we click on OK and then we

8:30start that virtual machine, that virtual machine

8:32is now logically connected to the same network that the host

8:36computer--

8:37in our example, Bob's computer-- is connected.

8:39So I'm going to leave that change and click on OK.

8:43In this Nugget, we've discussed and demonstrated

8:45how to work with VMware Workstation to control

8:47the networking and to associate which network a virtual machine

8:51is connected to.

8:52This will become really important

8:53as we start building virtual machines, which we'll

8:55do in our very next Nugget.

8:57So thanks for joining me.

8:59I hope this has been informative for you.

9:01And I'd like to thank you for viewing.

0:00It has been proven that it's really tough

0:02to use the features in Kali Linux

0:04if we don't have Kali Linux deployed.

0:06In this Nugget, you and I are going

0:07to walk through how simple it can

0:09be to download, deploy, and then snapshot a Kali Linux

0:13virtual machine.

0:14There's three basic steps in getting a virtual machine up

0:18and running in VMware Workstation.

0:20First of all, we need the software.

0:21So we can download the software.

0:23We can either download the virtual machine itself

0:25and just run it, or we can download an ISO

0:28and then install it into VMware Workstation

0:31as a virtual machine.

0:32Personally, I think the downloading of the VM

0:34is a lot faster, because we don't have

0:36to wait for the full install.

0:38And as a security note, we want to make sure

0:40that we are getting the actual Kali Linux distribution

0:43from a reliable source.

0:45And that would start by using one of these two sites

0:48and the links that are part of these two sites.

0:50Then, once we've downloaded it and deployed it

0:52as part of a VMware Workstation, we're

0:54going to configure networking for that virtual machine.

0:57In our lab environment, or specifically

0:59I should say in the lab environment

1:00that I'm going to demonstrate, I'm

1:02going to bridge the virtual network interface

1:04card of the Kali Linux box to my physical slash wireless

1:08network, which in my case is being

1:10represented by VM Net 0 in VMware Workstation's

1:13networking.

1:14I'm also going to go ahead and apply updates

1:16once I have internet connectivity to that Kali Linux

1:19box.

1:20I also want to point out that in my network environment, when

1:22I connect a virtual machine to my 192.169.1 subnet,

1:27there is a DACP server running on that network.

1:31So, if we want to, we can go ahead and either

1:33statically configure an IP address

1:34on this virtual machine, the Kali Linux box,

1:36or we can have it pick up an IP address via DACP.

1:40And my default gateway on this 192.168.1 network

1:43is a little router at .1.

1:47And then, once this virtual machine has been updated

1:49and it's current, we're then going

1:51to go into the VMware Workstation tools

1:53and we're going to create a snapshot.

1:56And the benefit, and the reason that I'm demonstrating it,

1:58is because we're going to want to make

2:00sure we have some snapshots that we can go back to if we need

2:03to at any given point in time.

2:05And this applies not only to our attack machine,

2:07in this case this can be our Kali Linux box,

2:09this is going to be delivering many of our attacks,

2:11but also to victims.

2:13So that way, if we want to hammer a machine,

2:16and then roll it back to its pre-hammered or pre-compromised

2:19state, if it's a virtual machine and we have a snapshot,

2:22we can roll back to that state in VMware Workstation.

2:24So here on the host that's going to be

2:26running VMware Workstation, let's go ahead

2:28and open up a browser.

2:29And let's to http://www.kali.org.

2:34And from here we can scroll down and simply

2:36click on download Kali Linux.

2:38It's then going to give us options for which image

2:40do we want to download.

2:42Here we have a bunch of ISO options,

2:44but if we want the VMware version,

2:46we just scroll down even further.

2:48And here are the links for Kali virtual images.

2:50So I'm going to click on Kali virtual images.

2:53In it, you'll notice up in the URL,

2:54it's now taking us to offensive-security.com.

2:57And so from here, we can follow the links

2:59for downloading the VMware version of Kali Linux.

3:02Or if we'd gone here originally to offensive-security.com,

3:05we'd go to the main page.

3:07From here, we could go to projects,

3:09so I'll click on projects, and then

3:11there's a link for Kali Linux.

3:13So go ahead and click on Kali Linux over here.

3:15And you'll notice we're once again brought to the downloads

3:17area.

3:18And their website over time may change a little bit,

3:21but the key is we want to make sure we download the Kali Linux

3:23image from the reliable source.

3:26And that reliable source is offensive-security.com.

3:29So if we scroll down just a little bit,

3:31currently we have the prebuilt Kali Linux VMware

3:34images selected.

3:35And then we can download the 64-bit or the 32-bit flavor.

3:38So let's go ahead and click on the 64-bit VM.

3:40That's the one I want to install as part of our lab.

3:42So I'll go ahead and click on that.

3:44And also as that's downloading, it also

3:46has, right here, a SHA-1 checksum.

3:48And we can use that SHA-1 checksum

3:50to validate that the image that we downloaded

3:52is the actual, literal image.

3:54It's not a tampered or modified version.

3:56And the documentation on Offensive Security's site

3:59has the details, depending on what platform

4:01you're downloading it to, on how to use that checksum

4:04to verify that.

4:05But there's a great chance that if you are using HTTPS

4:08and you're at the right site, you're

4:10getting an untampered with download.

4:12So in the bottom here, it says it's about 2 gigs.

4:15It says it's almost downloaded completely.

4:17That's great.

4:18And then what we do is we go to that file.

4:20We'd unzip it, because this is going

4:21to be a compressed file that we downloaded.

4:23So if we go to our downloads folder on this computer,

4:26there's the Kali Linux image and it is compressed.

4:29So it needs something that can decompress that.

4:32On this computer, I also have a decompress tool called Win7 Zip

4:36that I downloaded from SourceForge for free

4:38that's able to go ahead and decompress that.

4:41If we open up a new browser and we did a Google search for Win7

4:44Zip and we typed in site:sourceforge.not,

4:48it's going to show us the Win7 Zip Zip results,

4:52but only for SourceForge.net.

4:54So here's one right here.

4:56We'll click on that.

4:57We also want to verify that we have HTTPS,

4:59we're going to the right location,

5:01and then we click right here, and that

5:03would download the 7 Zip utility for us

5:05so that we could then use, as one of many archive utilities,

5:08to decompress our Kali File we downloaded a moment earlier.

5:12So, I've already got 7-Zip installed on this computer.

5:15So because it's installed, it's already associated with .7z

5:18extension.

5:19I'll click on extract, and then it's

5:22going to ask me, where do I want to extract these files to?

5:24So, I'm going to select a location I have already

5:26set up on my X drive, which is a solid state drive.

5:29I'll navigate to that location, and I'll

5:31go ahead and click on OK to extract,

5:33and that will extract the contents of that download

5:35we did over to this folder.

5:37And that's going to be our virtual machine for Kali Linux.

5:41And now, through the magic of editing,

5:42that happened really, really fast.

5:44So the next thing we're going to do

5:45is we're going to go ahead and double click

5:47on the configuration file for that virtual machine

5:50from the file system.

5:51So we'll go to the file system on the X drive,

5:53go to the Kali Linux folder, and here is the VMX file.

5:57And because I have VMware Workstation installed on this

6:00computer, that .vmx is associated with VMware

6:03Workstation.

6:04So what we're going to do is just

6:05double click on that virtual machine,

6:07and that adds it into VMware Workstation.

6:09Now, before we launch this, we need

6:11to make sure we get the networking set up correctly.

6:13So, for this virtual machine, it's got two gigs of memory.

6:16It's got two processors.

6:19It's got a 30 gig hard disk.

6:20And for the network adapter, it's currently

6:22set up to use network address translation,

6:24and what we want to do, at least in my lab environment,

6:26I'm going to go ahead and bridge that

6:28directly to the same network that the host

6:30computer, the Windows 8 machine, that it's connected to.

6:33And we could do that either by bridging it or linking it

6:36to VM NET Zero, which is bridged to my physical interface

6:39on the host computer.

6:40So I'll go ahead and click on the network adapter.

6:43That brings up the settings for this virtual machine,

6:45and let's specify that we want to go ahead

6:46and associate the network adapter

6:49with VM NET Zero, which is bridged

6:51to my ethernet interface on the physical host machine.

6:54Also, because I'm not going to need a sound card at all,

6:57I'm going to go ahead and remove that while I'm here.

6:59And because I've got a few cores on the host machine,

7:02I'm also going to modify the processors

7:05and I'm going give it two cores on two processors.

7:07And while I'm at it, because I do have a little bit

7:09more memory, I'm going to go ahead and give

7:11this guy four gigs of RAM, too.

7:13So a little more memory, a little more CPU,

7:14but if you're in a limited environment,

7:16you don't have a lot of CPU and memory to spare,

7:19you don't have to raise them up.

7:20But I do want to show you everything

7:22that I'm doing, in the event that you want to replicate it.

7:24So we'll go ahead and click on OK.

7:26So our next step would be to start the machines.

7:28We could right click it and go to power

7:30and then click on startup guest, or we

7:31can click on this green arrow, or that green arrow,

7:34it all does the same thing, starts up the virtual machine.

7:36So let's start with the guest.

7:37It's saying, hey, this machine may have been moved or copied,

7:40and I'm simply going to say say, moved.

7:42That way it's not going to mess with the layer two ethernet

7:44address or anything else like that.

7:46And then it's just going to go ahead

7:48and boot up this virtual machine, including bringing us

7:50to a graphical user interface.

7:52So we'll go ahead and click here to put the cursor

7:54control in this field, and we'll type in root as the username,

7:58and the default password is the word root backwards.

8:02So it's toor.

8:05So the user is root and the default password is toor.

8:09And then we'll go ahead and press enter to sign in.

8:11In VMware Workstation, I can also click on this icon right

8:14here, and that will enter fullscreen mode, which

8:16gives the full real estate of the screen

8:18to that virtual machine.

8:20To get that control back, we can take

8:21the mouse, hover near the top of it, that brings down the menu

8:24again.

8:25We can click on the full screen option.

8:26That would undo that feature.

8:28So, for now, I'm going to leave it full screen.

8:30Now, to verify the IP address that this machine has,

8:34there's a few ways we can do it.

8:35Number one, we can use the graphical user interface.

8:38Number two, we could go to a command line, or three,

8:40we could bring up a browser and just see if it actually works.

8:43So, let's start off with the command line interface first.

8:45We'll bring up a terminal.

8:46We'll click over here on the icon for terminal.

8:49And we'll type in F and press enter.

8:52And this reveals that we have the IP address of 192.168.1.26,

8:56which implies we got that from a DHCP server.

8:59In fact, let me make this window a little bit bigger

9:01so we don't have a wrapping issue.

9:03So I'll scroll that over there and just bring

9:05that over a little bit.

9:06There we go.

9:07Or, if we want to look at the IP information

9:09from a graphical user interface here in Kali Linux,

9:11we can click on this little networking icon right here.

9:14From the dropdown, we can select wired connection,

9:16click on that.

9:18And then go to wired settings.

9:20Here we have the wired connection highlighted.

9:22We can click on the little gear icon in the bottom right hand

9:25corner, and here it's showing us the details.

9:27So we've got a gigabit interface.

9:29There is its IP address.

9:31It also has an IP v-6 address.

9:33There's the layer 2 address.

9:35And the default gateway is set up as 191.168.1.1.

9:39And it's also using 192.168.1.1 as a DNS server.

9:44So I've got this router on my 192.168.1 network, it's at .1.

9:49And that router is acting both as a default gateway,

9:52it's also providing DNS services,

9:54or at least relaying those DNS requests,

9:57for clients who make DNS requests to the router.

10:00So those all look great, so we'll go ahead and click on

10:02cancel because we're not going to change anything there.

10:05And we could also do a quick ping just

10:06to verify that we can reach, for example, something

10:09on the internet.

10:09We'll have pinged 8.8.8.8.

10:11That's one of Google's servers.

10:12We'll click on control-c to stop that.

10:15We can also do a trace route out to 8.8.8.8,

10:18and that will verify the path that we're

10:20taking, or attempting to take, out to the internet.

10:23So those parts look great.

10:24So now that we have connectivity out the internet,

10:26the other thing we want to do is update this distribution

10:29of Kali Linux.

10:30And to do that, we're going to type in apt-get update

10:35and press enter.

10:37And that's going to chew on that for a little while.

10:40Fantastic.

10:41And when that's done, we're going

10:42to do in apt-get dist-upgrade.

10:50Now, this is going to prompt us to continue.

10:52It's going to use the additional space.

10:54I'll go ahead and put in a y for yes.

10:56Press enter.

10:57It's also going to prompt for additional confirmations

10:59about stopping and restarting services.

11:01So effectively, we're just going to want

11:03to say yes to everything until the entire process finishes.

11:07And this could take up to a half hour or more

11:10depending on your CPU, and your processor,

11:12and your internet connection involved.

11:14And due to the magic of editing, what you and I get to do

11:16is I'm going to fast forward until all of this

11:18is done so we can continue on with the final step,

11:21and that is to take a snapshot of the freshly updated Kali

11:24Linux box.

11:26So, back at Kali Linux, I'll go head press

11:28enter to enter my password for root, which I haven't changed

11:31yet, so it's still toor.

11:33We'll press Enter.

11:34And that confirms for us that the update is done.

11:36So, next, what I'm going to do is

11:37we're going to go ahead and close that window.

11:40And I'm also going to shut down Kali Linux.

11:42I'm going to go to the power button up here.

11:44And from the drop down, go to the power icon

11:48and select power off.

11:49Whenever we do a snapshot, it's best for timelines

11:53if we have the virtual machine powered off

11:55and take a snapshot of that machine in a powered off state.

11:58It will save you a boatload of time and disk space.

12:01I'm going to go ahead and go up here and take

12:03it non full screen.

12:06Actually, it's in the process of powering off still.

12:08And as soon as the little green arrow is no longer here,

12:11that virtual machine will be powered off.

12:13So now that that virtual machine is powered off,

12:15let's right click on it.

12:16And to make a snapshot, we can go down here to snapshot.

12:20Click on take a snapshot.

12:21So we can take a snapshot by clicking here

12:23from the side mini, menu, or there's also

12:25a shortcut, same icon, right here

12:29that we could create a snapshot with.

12:30Or, if we wanted to the Snapshot Manager, which

12:32we'll do in a moment, we could either use this option,

12:35or there's also a little shortcut up here as well.

12:37Let's go ahead and take a snapshot,

12:39and then call this Kalie right after initial update,

12:43and you can put a description there if you want to,

12:45and click on take snapshot.

12:47And because it's powered off, it doesn't

12:49have to take a snapshot of the entire memory state.

12:51Which, if we had a virtual machine that was running,

12:53we'd have to back up all that memory state as well,

12:55and that would take a lot more disk space and a lot more time.

12:58So now, in the future, if we ever

12:59want to go back to this exact state,

13:01we could right click on that virtual machine,

13:03from the dropdown, select snapshot.

13:05I like to get a Snapshot Manager so I can see

13:07exactly what my snapshots are.

13:09We can click on that snapshot, and then click on go to.

13:12And that would rollback any changes past that snapshot back

13:16to that exact moment in time.

13:18And then, as we progress through the course,

13:20and as you progress through your lab,

13:22you can delete the snapshots that are older, because you'll

13:25no longer need them.

13:26But I always like to have at least one snapshot

13:28of the previous state so I can roll back to that spot

13:31if I need to.

13:33In this Nugget, we've downloaded, deployed,

13:35and updated a Kali Linux box as one of our tools

13:38in our arsenal and our virtual lab environment.

13:41As homework, I would strongly encourage

13:42you to build your own practice lab

13:45and practice virtually everything that you

13:47see us do together in class.

13:49Practice it on your own as well to help reinforce those skills.

13:52Hey, I'm glad you joined me for this Nugget.

13:54I hope this has been informative for you,

13:56and I'd like to thank you for viewing.

0:00In a love environment, we are going

0:01to want several machines that we can

0:03work with, both as attack machines and also victims,

0:06the machines we're going to attempt to discover

0:08and potentially compromise.

0:10So in addition to machines that may

0:12be fully patched and ready to go,

0:14we also want to stack the deck and make

0:16sure we have some machines that are fairly easy to exploit

0:19as well so we can see some measurable results

0:21with our tools.

0:22One of those tools that we can use

0:24is a virtual machine called Metasploitable.

0:27Now, Metasploit is a fascinating attack tool, a suite of tools,

0:30actually, that we're going to cover

0:32in more detail in this course.

0:33And now, in preparation for that,

0:35we're going to download a virtual machine

0:37for Metasploitable 2 and make it part of our lab.

0:40So there's two basic steps.

0:41Number one, we want to download it from Sourceforge.net,

0:45we want to configure it to put it on the right network,

0:47and then make sure it's up and running,

0:49and we'll also snapshot it so we can restore it

0:51back to its original state if we need to.

0:54Let's download Metasploitable 2.

0:56And one easy way of doing that is to type in Metasploitable 2,

1:01and I'm also going to narrow it down to the site where

1:03we want to download it from.

1:04And I'm going to type in site:sourceforge.net

1:06sourceforge.net and press Enter.

1:12As we do this narrowing down to a certain site,

1:15if you think that's a pretty cool tool inside of Google,

1:18oh, my gosh, there are so many cool quote unquote,

1:20hacks that we can do as part of Google searches,

1:23and we'll have separate Nuggets just on that.

1:25And here, my friend, is the download

1:27that we want to get right now.

1:28It's Metasploitable 2 at sourceforge.net,

1:30so we'll go ahead and click on this link.

1:33We can also see up here that we have https in use.

1:35We're at SourceForge.net.

1:37Those are all good indicators.

1:39There's a read-me dot txt file along

1:42with the actual downloaded zip file,

1:43and I'm just going to click on this link

1:45right here for the latest version.

1:46So we'll click on Download, and it is on its way right here.

1:51So Metasploitable is a flavor of Ubuntu Linux that

1:55intentionally contains many vulnerabilities,

1:58and so is great for testing and verifying

2:00that our tools are working.

2:01And once again, it's just nice to have

2:03a little bit of low-hanging fruit in our lab environment

2:06so we can readily verify our tools.

2:07Also, we might want to throw in some older windows machines.

2:11For example, if you throw in Windows XP,

2:13that has tons and tons of vulnerabilities

2:16built in if you don't apply the updates and patches.

2:18Windows 8, without the updates and patches,

2:21has lots of vulnerabilities as well.

2:23Windows Server 2003, Windows Server 2012,

2:26without the updates and patches, has many, many vulnerabilities

2:29as well.

2:30And so here's the downloaded .zip file for Metasploitable

2:33Version 2.0, and I have it sitting in a folder on my file

2:37system, and I'm going to go ahead and unzip this file,

2:40and then we'll deploy that virtual machine.

2:42So after I do that, I'm going to right click.

2:43I'm going to select Extract All, this using the Windows

2:46native unzip tool.

2:47And then I'm going to browse to the location

2:49where I want to put this VM.

2:51I'm going to select that, and then we'll

2:53click on Make New Folder.

2:55And we'll call this Metasploitable 2

2:58as the destination folder for the unzipping,

3:00and we'll click on OK.

3:01And then we'll go ahead and click on Extract

3:03to start the extraction process.

3:07So now that that's done, let's go into that folder.

3:10Here's the VMX file, the descriptor file,

3:12for that virtual machine.

3:13We'll go ahead and double click on it.

3:15And on my host computer, because I

3:17have VMware Workstation installed,

3:19that virtual machine now shows up here.

3:22Now, before we fire up this bad boy,

3:24let's also configure the networking portion of it.

3:27So with the Metasploitable VM selected,

3:30we'll go over here to the network adapter.

3:31Click on it.

3:33That brings up the VM settings, and let's go out and also put

3:37the network adapter on VM net zero, which is bridged over

3:40to my physical slash wireless network, which is the 192.168.1

3:44subnet.

3:45And we'll click on OK.

3:47And also, just to make sure it's working,

3:49let's go ahead and selected it, and we'll

3:50power on that virtual machine by clicking

3:52one of the green arrows that shows up here

3:56with that machine selected.

3:57So we'll power it on.

3:58I just want to verify that it comes up.

4:00It's asking me, did I copy it, or did I move it?

4:02I'm going to say I moved it, and that way it

4:04won't attempt to change layer 2 information

4:06for the ethernet adapter and so forth.

4:09So it's now booting up, and an indicate tray

4:12here if we want to log on.

4:13And we log on with the username of msfadmin,

4:16and the password of msfadmin to get started.

4:19So let's log in to make sure we're good to go.

4:21So we'll log in as msfadmin with the password of msfadmin.

4:25And here it's giving us a heads up in Ubuntu

4:27of how we're going to run an application as an administrator

4:30using the sudo command.

4:32And we'll include additional tips and tricks

4:34and basic functionality regarding Linux

4:35commands as we continue through this course.

4:38So just to verify our IP information,

4:40if we do an ifconfig here and press Enter, look at that.

4:43That looks pretty good.

4:44We have an IPv4 address of .61 that we picked up from my DHCP

4:48server on the 192.168.1 subnet, and we have an IPv6 address

4:53as well, which I'm not using in my network.

4:55And it's also pretty helpful, from an attack perspective.

4:58If a customer or host has a protocol stack running,

5:00like IPv6, they don't even know it's running

5:02or aren't aware that it's running.

5:04That's just another attack vector

5:05that we can use to go ahead and discover and potentially

5:08compromise that virtual machine or that host.

5:11And just for grins, let's do a ping of www.Google.com,

5:16and that's going to verify several things for us.

5:18Oh, that's great.

5:18I'll do a control-C to stop that.

5:20That verifies that name resolution is working, DNS,

5:23because it translated Google.com over to this IP address.

5:27And because the pings are successful,

5:29it's also indicating that we have internet connectivity

5:32through the router that's sitting at 192.168.1.1.

5:35That's fantastic.

5:36One other thing I'd love to do is

5:38go ahead and power off this virtual machine

5:40and then take a snapshot in VMware Workstation

5:42if we need to return to this state.

5:44Now, currently my mouse and cursor

5:46are kind of stuck inside of this virtual machine.

5:49To get it out over here to the console

5:50and to the controls in the Windows host computer,

5:53we can do a Control Alt on the keyboard,

5:55and that should release our mouse.

5:58Also, the fact that it doesn't release the mouse automatically

6:00is a good indicator that VMware Tools is not

6:04installed as part of this virtual machine.

6:07So if you're working with some virtual machines,

6:09and you take your mouse, and you move it from here, for example,

6:11and you move it over here, and it just

6:13goes and goes between console and the host computer

6:15no problem, that's because the virtual machine has

6:17a thing called VMware Tools installed as part

6:19of that virtual machine.

6:21Also, if we have VMware Tools as part of a virtual machine,

6:24if we right click on that virtual machine,

6:25and go to power, and select Shut Down Guest,

6:28that will perform a graceful shutdown

6:30of that virtual machine courtesy of the VMware tools

6:33that's facilitating that shut down.

6:35However, in an environment where the virtue machine does not

6:39have VMware tools, the Shut Down Guest

6:41is pretty much the equivalent of a Power

6:43Off, where you're just cutting the power

6:45to the virtual machine.

6:46And it's really not a good idea to just pull

6:48the power from a system, including a virtual machine,

6:51because it could leave files and configurations

6:53in an unknown state.

6:55So in the event, like on this Metasploitable 2

6:57virtual machine, where it doesn't

6:59have VMware Tools installed, the proper thing

7:02to do before we snapshot this virtual machine

7:04would be to gracefully shut it down.

7:06And to do that, here in this Ubuntu flavor of Linux,

7:08we can type in sudo--

7:10that allows us to run commands as an administrator--

7:13and the command Power Off, and press Enter.

7:16It's going to ask us for the password for msfadmin,

7:19so we'll supply it.

7:20It is msfadmin.

7:22We'll press Enter, and that's going

7:24to go ahead and stop all the services

7:26and shut down the power, or at least

7:28that's what I hope it's going to do.

7:29On some flavors of Linux, you can use the command shutdown

7:31dash H for halt, or shut down dash P for Power Off, capital

7:36P, and also schedule a time when you want it to happen.

7:39So for example, if you wanted to shut down now,

7:41you can use the command shut down dash H space now,

7:44and that would give us similar results as we have right here.

7:47Now, the concerning part, just a little bit,

7:49I see that everything's been shut down and stopped,

7:510 and the system's been halted, which is great.

7:53But if you notice up here, from a VMware Workstation

7:56perspective, VMware Workstation still

7:58thinks that VM is running.

8:00So because the virtual machine itself

8:02thinks it's all halted and powered off,

8:03we could now safely go over here to VMware Workstation,

8:07go to the Power menu, and simply say Shut Down Guest.

8:10And we're not at risk of having open files

8:12and half-baked configurations on that virtual machine

8:14because it logically shut itself down.

8:17I would feel better if VMware Workstation also

8:20felt that that VM was off by itself,

8:23but sometimes we have to take what we can get.

8:25So now, with this virtual machine powered off,

8:26I'm going to go ahead and go up to the Snapshot Manager, which

8:29is this icon right here, or we could right click,

8:33and from the snapshot menu, we could go to Snapshot Manager.

8:37And I'm going to go ahead and take a snapshot.

8:39So to take a snapshot, we'll click on Take Snapshot.

8:42And let's title this before hacks and attacks.

8:47And we could also put in the description

8:48other details regarding what this snapshot represents,

8:51and that way we can go back to it if we want to.

8:54So we'll go ahead and click on Take Snapshot,

8:56and now we have that snapshot right here,

8:58and we'll close that dialog window.

9:00In this Nugget, we've downloaded and deployed Metasploitable

9:04as a virtual machine that we can leverage and use

9:07as part of our lab environment.

9:09We specified in the networking details

9:10where we wanted that virtual machine to connect to.

9:12In our case, I connected it to my 192.168.1 network

9:16through the logical VMnet0 network connection in VMware

9:19Workstation, and we also powered off that virtual machine,

9:22and we made a snapshot of it in VM Workstation.

9:26And, my friend, my intention is for you

9:27to also include this virtual machine as part of your lab.

9:31So that way, when we're working through the labs together,

9:34and we're doing attacks, and discovery, and reconnaissance,

9:37you can have the benefit of not only seeing it happen

9:39but also doing the hands-on practice right alongside me.

9:43I'm glad you joined me for this Nugget,

9:45I hope this has been informative for you,

9:47and I'd like to thank you for viewing.

0:00Is it possible that we might want to have some Windows

0:02devices as part of our lab?

0:04And the answer is a resounding yes.

0:06And those can be physical machines that are in Windows,

0:08or virtual machines, or both.

0:10In this Nugget, we'll take a look

0:12at integrating and documenting what VMs and real Windows

0:15machines we have and making sure we

0:17have good snapshots of any windows based VMs.

0:21The idea I'd like to chat with you about regarding this Nugget

0:24and adding Windows to your live environment

0:26is one word, and that is options.

0:31For example, if we have an existing computer network,

0:34and it could be wireless or wired,

0:36and we have a computer on that network that's running Windows,

0:39that computer can be part of your lab

0:42environment for the purposes of testing as a potential victim,

0:46or if you want to use it to launch attacks.

0:48You could do that as well from the Windows operating system

0:50itself by using some native tools that are part of Windows

0:53or by downloading and installing tools in the Windows OS.

0:56Now, if this is our Windows computer in our example

0:58that's Windows 8 and it's a physical machine,

1:01let's put some documentation in place

1:03for getting what IP addresses we're going to use.

1:05So for the Windows 8 computers that's

1:06on the 192.168.1 network, let's say its IP address is .200.

1:14Now, one word of caution, if we're

1:15going to run attack tools from a virtual machine

1:18against this Windows computer that's

1:20hosting our virtualized environment,

1:22we definitely want to be careful about not taking down

1:25this computer because if the machine crashes and it happens

1:28to be running VMR Workstation, we

1:30have other VMs running inside of it, that's

1:32going to cause a bigger problem as part of our lab.

1:34So we might want to reserve the machine that's

1:36running VMR Workstation as a machine we are not

1:39going to try to compromise, but instead only launch

1:42attacks from this machine and the physical interface

1:45using the IP address of .200 on the 192.168.1 network.

1:49I've also got another physical computer

1:51that's running Windows, and it's actually running Windows 10.

1:55And what I'd like use for the IP address on it is .201.

1:58Also, each of those computers are using the default gateway

2:02of .1.

2:02That's my router.

2:04Now, as far as other additional Windows machines

2:07we might want to bring in, I also

2:08have a virtual machine running Windows 8

2:11that's running in VMR Workstation that's

2:13running as Windows host.

2:14So I've got another copy of Windows 8 as a VM

2:17on this machine.

2:18And let's say we want that virtual machine to have

2:20the IP address of .199.

2:23We would just configure the network interface

2:25card of this virtual machine to be either bridged

2:28to the physical interface or we could link it to a VM Net 0

2:33if VM Net 0 is bridged to the physical interface.

2:36Both of those concepts we've talked

2:37about in previous Nuggets in this course.

2:40On the other hand, if we were trying

2:41to keep these VMs completely separate from our physical

2:44network we could associate them with VM Net 1 or VM Net 2

2:48and not perform NAT services instead of VMR Workstation.

2:51And that would keep those virtual machines off

2:53of our production or the network that you

2:55don't want them to be on.

2:57I also got another Windows device as a virtual machine

2:59and it is a Windows 2012 server.

3:03And it's at the IP address of .111.

3:06And that Windows 2012 server has lots of services running,

3:09including DNS, web services, directory services, and others.

3:14So what we could do if we wanted to,

3:16we could have all these Windows machines as part

3:18of our lab environment, physical and virtual,

3:21we could have them point to .111 for DNS services.

3:26And then if DNS is configured and working on that 2012

3:29server, and the server's running and available,

3:31it can perform DNS services.

3:32We could also configure a backup for DNS

3:35as 8.8.8.8, which is a Google DNS server out on the internet,

3:39so that way if, for whatever reason, DNS isn't configured,

3:42or that virtual machine--

3:44the Windows 2012 server-- is not up and running,

3:46the host will have a fallback to go to an alternate DNS

3:49server of 8.8.8.8.

3:51So as a summary, it's going to look like this.

3:55Also what we'd want to do on our virtual machines, this guy

3:58and this guy, is once they're configured,

4:01we'd want to power them down and then make a snapshot so that we

4:04can return to that state in the future, if we ever need to.

4:09So here on my Windows host computer

4:11that's running VMware workstation,

4:13let me just check out my two VMs, one for Windows 8 as a VM,

4:19and also the one for Windows Server.

4:20So let's verify the network connections.

4:22For Windows 8, it shows us that the network adapter

4:25is connected to VMnet0, which in my case

4:27is bridging to my wired/wireless wireless 192.168.1 network,

4:32which is great.

4:33And the active directory virtual machine, if we click on that,

4:38has lots of network adapters.

4:41But at least one of those is connected to VMnet0.

4:44Also when I mentioned that VMnet0 is bridged over,

4:47as a reminder of how that works, if we go to Edit and select

4:50from the dropdown Virtual Network Editor,

4:53and click on Change Settings, and click on Yes

4:56for User Account Control, here it

4:58shows us that VMnet0 is bridged over to my ethernet adapter.

5:02Now just so you know, the ethernet adapter,

5:04which is a wired connection from this host,

5:06connects to the 192.168.1 network.

5:10Also, what you should be aware of

5:12is that that same network is also

5:14connected to a wireless network here at my home office.

5:18So effectively, anybody connect to the 192.168.1 network,

5:21whether they're connected via wireless here in my home

5:24office, or whether they're directly

5:25connected with a wired connection,

5:27are all on that same layer two broadcast domain.

5:31And we'll bring up the Windows 8 machine by clicking on Start.

5:33And we'll click on the active directory Windows 2012 server,

5:37and click on Start.

5:38And I just want to verify the IP addresses, the default gateway,

5:42as well as the DNS configuration on each of those.

5:45So let's go to Windows 8.

5:46I'll go ahead and log in.

5:48So I'll log in as a user called user.

5:51And let's go to full screen by clicking on this little icon

5:53right here for full screen mode.

5:56And we'll click on the networking icon,

5:59and click on Open Network and Sharing, and Change Adapter

6:03settings.

6:04And here's our network adapter.

6:05We'll right click, go to Properties,

6:07we're going to go down to IP version 4, double click on it,

6:11and we want this virtual machine to have the IP address of .199.

6:17So let's go ahead and change that to 199.

6:21Default gateway is 1.1.

6:23The preferred DNS server is .111,

6:26which is our VM for the Windows 2012 server,

6:28and the alternate DNS is 8.8.8.8.

6:31That looks great.

6:31We'll click on OK, click on OK, close the dialog

6:35boxes for Control Panel.

6:36And let's just do a quick ping out to the internet,

6:39just to verify we have connectivity.

6:41So we'll ping www.google.com And if that works,

6:45that means DNS is working.

6:46It also implies that we have internet connectivity, which

6:49is great.

6:50So let's go ahead and shut down this VM, this Windows 8

6:53computer, using the Windows 8 methodology for doing that.

6:56And that'll gracefully shut down.

6:58Then we'll go back, we'll take off full screen mode,

7:00and we'll go to our Active Directory virtual machine.

7:03We'll go to full screen mode, and we'll

7:04log in here to verify its IP address as well.

7:07So to log in here, it says Control Alt Delete.

7:10That would be if it wasn't a virtual machine.

7:12Because this Windows computer is a virtual machine

7:15inside a VMware workstation, we're

7:16going to press Control Alt Insert,

7:19and that will go ahead and allow us to log on.

7:22So we'll log on as administrator with my lab password.

7:25And there's several ways of verifying the IP address here.

7:27We could go to the properties of the network adapters.

7:30That would work.

7:30Or we could go to local server.

7:32And here it shows me that I've got my first network interface

7:36card labelled as management with the IP address

7:39of 192.168.1.111.

7:42We could also right click on the network adapter,

7:44go to Open Network and Sharing Center, Change Adapter

7:47Settings, and then look at the details of that interface

7:50as well by going to properties, double clicking

7:53on IP version four, and verifying the details here.

7:56So here's our IP address.

7:58There's the default gateway.

7:59The preferred DNS server is a loop-back address,

8:01which is the Windows 2012 server saying,

8:04hey, I am my own DNS server, and if I can't reach my own DNS

8:07service, I'm going to try a Google DNS server at 8.8.8.8.

8:11So that all looks great.

8:12So we'll click on Cancel, close the dialog boxes.

8:15So let's go to Command Prompt and just verify

8:17we have basic connectivity.

8:18So I'm going to type in CMD, and let's do a ping out

8:22to www.google.com.

8:25And that is working as well.

8:26So that is great.

8:27And we'll shut down this puppy as well.

8:29So to do that, I'm going to click on the Windows

8:31icon, and the Power icon, and Shut Down, and Continue,

8:35and that will gracefully close that down.

8:37Now, because VMware Tools is installed on this Windows 2012

8:41server, I could have also just gone in VMware workstation,

8:45right clicked on that active directory server

8:48and clicked on Power, selected Shutdown Guest,

8:51and that also would have gracefully shut it down

8:53because I have VMware Tools installed.

8:55So then now what I want to do is make

8:56snapshots of each one of those.

8:57So to take a snapshot, we can go to Windows 8.

8:59First of all, right click.

9:00And if we want to remove full screen mode,

9:02we can do that, too.

9:03I'll go up here, take off full screen mode

9:05if we want to have the toolbar up here as well.

9:07However, the right click also works.

9:09So we'll go to Windows 8, right click.

9:11We'll go to Snapshot and Snapshot Manager.

9:14And I'm going to go ahead and remove--

9:16I'm going to delete my old snapshot by clicking on Delete.

9:23And then click on Take Snapshot.

9:25I'm going to call this Basecamp, just to represent a time

9:27and space before we started compromising or messing

9:31with this virtual machine from an attack perspective.

9:34So we'll take that snapshot, we'll click on close,

9:36and we'll do the same thing with active directory, that Windows

9:392012 server.

9:40Right-click, Snapshot, Snapshot Manager,

9:43we'll delete the old snapshot, click on Delete.

9:47Then we'll click on take snapshot,

9:49and we'll call this Basecamp as well.

9:52And click on Take Snapshot.

9:53I would also encourage you not to keep multiple snapshots

9:56of the same virtual machine.

9:57It's going to eat up a lot of space.

10:00And if you don't have a lot of disk space, that's a problem.

10:02So usually, as I'm building the labs,

10:04I'll keep the single previous snapshot.

10:06So I'll delete the old one, I'll create a new one,

10:09and then I'll move forward.

10:10Then, at any time we want to, we can roll back to that snapshot

10:13that we have saved in VMware workstation.

10:16So that looks great.

10:17And now, let's go ahead and check the IP addresses

10:19for our two physical hosts, as well.

10:21The first physical host is the Windows 8 computer that's

10:24running VMware workstation.

10:26So if we want to verify its IP address and information,

10:28we can right-click on the network icon,

10:30open Network and Sharing Center, click

10:32on Change Adapter Settings.

10:34Here's our physical network interface card.

10:36We'll right click, go to Properties, we'll scroll down,

10:39we'll double click on IPv4.

10:41There's its IP address of .200.

10:43The default gateway looks good.

10:45The primary DNS server looks good.

10:47And these secondary or alternate DNS servers,

10:50we're going to change to 8.8.8.8.

10:53And click on OK, and OK again.

10:56So that looks good.

10:57And the last physical computer I need to check

10:59is my Windows 10 computer.

11:02So my Windows 10 computer, let's go

11:04to Network and Sharing Center, Change Adapter settings--

11:08so this computer has a wireless adapter

11:10that's currently disabled.

11:11It's got some VMware adapters, as well,

11:14because it also has VMware workstation installed on it.

11:17And it also has a pluggable gigabit ethernet adapter

11:19that's in a USB port on this computer that

11:22happens to be the only one that's currently connected

11:25to the physical network.

11:26So we'll right click on the pluggable, go to Properties,

11:29scroll down to IPv4, we'll double-click on that.

11:32And it has the IP address .201, that looks good.

11:35The default gateway is .1.

11:37The primary DNS server is our Active Directory Windows 2012

11:40server, .111.

11:42And the alternate DNS server is 8.8.8.8, which looks perfect.

11:44So I'm going to click on Cancel, because I'm not

11:46changing anything there.

11:48I just want to verify all the IP addresses that

11:50are in place on our four Windows computers, two of which

11:53are virtualized, and two of which are physical computers.

11:57The other thing I wanted to point out--

11:58and I almost forgot-- was that if we want our physical Windows

12:02computer, which is running VMware workstation,

12:05to participate in VMnet1, or VMnet2,

12:08or some other virtualized network it's created,

12:11we'd simply go the Properties of Networking.

12:12In fact, let's do that real quick.

12:14So here's the Windows physical computer.

12:16We'll go to VMware workstation.

12:18And in VMware workstation, we'll go to Edit.

12:21And select from the dropdown Virtual Network Editor,

12:23click on Change Settings, click on Yes

12:26for User Account Control.

12:27And if we wanted this host, for example,

12:29to have a logical interface on the VMnet1 network,

12:33with VMnet1 selected, we'd come down here

12:34and check the check box that says

12:36connect a host virtual network adapter to this network.

12:39And then we would have a new virtual interface on the host

12:42computer that could then communicate

12:44with other devices that are also connected

12:46to the virtual 10.1.1 virtual network

12:48inside of VMware workstation.

12:50Now in my lab environment, I'm not

12:52going to actually connect a host to VMnet1,

12:54because we're actually bridging everything

12:56over to my 192.168.1 network.

12:58But I wanted to remind you that if you are using, for example,

13:01VMnet1 or VMnet2 and you want direct connectivity

13:04to those logical networks, this is how you do it--

13:07by adding a logical adapter, a virtual adapter,

13:10to the host computer that's running VMware workstation.

13:13So in this Nugget, we've taken a look at four Windows computers.

13:16We documented what their IP addresses are going to be.

13:19We verified those IP addresses along with the default gateway

13:22and DNS information that each of them can use.

13:24And, for the virtual machines, we

13:26powered them down gracefully.

13:28We also took snapshots of those so that you and I

13:30can return to those snapshots of those VMs if we need to.

13:34And that can be very handy in the event we try an attack

13:37and it maybe works too well and we cause a virtual machine

13:40to go toes up.

13:41We're like, oh [BLEEP],, did that really happen?

13:43If we have a snapshot, we can restore

13:45back to the previous state before the attack.

13:47And that can help a virtual machine be ready, once again,

13:50for the next attack without being

13:51crippled before it starts.

13:53Hey I'm glad you joined me for this Nugget.

13:55I hope this has been informative for you.

13:57And I'd like to thank you for viewing.

0:01We may decide for a couple of different reasons

0:03to set a static IP address on our Kali Linux box

0:07as opposed to using DHCP.

0:09Number one, it's handy in a learning environment

0:12to know exactly what the IP address is that you're using.

0:14And secondly, if we're doing a penetration test,

0:17we probably don't want the first thing that comes out

0:19of our Kali Linux box is a DHCP request

0:22to the network it's trying to investigate

0:24trying to find an IP address.

0:25In either case, the basic steps in getting an IP address set up

0:29are to number one, identify what IP address we want to use.

0:32And in our case, we're going to use

0:33the IP address of 192.168.1.109, and we'll

0:39specify a default gateway of .1, and a DNS server of .111,

0:43and also backup DNS server of 8.8.8.8.

0:47And then once we have it configured, we'll test it.

0:49And we'll also take a moment to create a VMware snapshot

0:52of that virtual machine.

0:54So let's power up our Kali Linux virtual machine

0:56inside of VMware workstation by clicking on the Go icon,

0:59and then we'll click on the expand to full screen option

1:02right here.

1:03And we'll log in as root with the default password

1:06of T-O-O-R, and press Enter.

1:09Now there are a couple of different ways

1:11that we could use to change the IP information

1:13statically on this Kali box.

1:16We could go to the command line and get a text editor

1:18and find the files.

1:20The files involved would be if we go the file system and do

1:22a PWD, which stands for Present Working Directory,

1:26and we change directory over to /etc/network, and press Enter.

1:33And then use command ls to list the contents of this directory,

1:36this file right here, interfaces,

1:38we could go ahead and edit that with a text

1:40editor of our choice.

1:41And that's one way of configuring the IP address

1:43information for this Linux box.

1:45Or we could go ahead, since we have a graphical user interface

1:49right here, we could click on the Network icon

1:51up here in the upper right hand corner.

1:53From the drop down, we could select Wired Connection.

1:57And then further, we could go down to Wired Settings.

1:59And with the Wired Connection highlighted,

2:01we could click on the Configure symbol in the bottom right hand

2:04corner to configure those settings.

2:06If we wanted to have a static IP address,

2:08we could go ahead and specify that we don't want to use DHCP,

2:11we want to have a manually configured IP address.

2:13Then we can put in the IP address that we want to use.

2:16And in our case, what we want to use

2:17is we're going to use .109 for this Kali Linux box.

2:21It's got a 24-bit mask.

2:23So we'll put that in as well.

2:25And the default gateway is going to be my router at 192.168.1.1.

2:29For the DNS information, we're going

2:30have you use the server at 192.168.1.111,

2:35and we're going to add a backup of 8.8.8.8 which is a Google

2:38server on the internet.

2:40Then we click on Apply.

2:41And then we go ahead and close this.

2:43I'm going to use the ifconfig command,

2:45and we'll specify eth0, and we'll simply say down.

2:49We'll give it a second to bring itself down.

2:52And when it comes back up, it should

2:54be using the new information that we just configured for it.

2:57So hit the up arrow key and back off the down,

2:59and we'll type in up, and press Enter.

3:02Now we type in ifconfig and press Enter.

3:07Here's our IP address that we just statically configured.

3:10And if you do a ping out to www.google.com,

3:13this should verify whether or not DNS is working as well.

3:15It's internet connectivity.

3:17And the rest-- the reason that it's very likely

3:21taking a little bit longer is that the primary DNS

3:23server at .111, the Windows 2012 server

3:27in my virtualized environment, is not up.

3:29It's powered off at the moment.

3:30So it timed out.

3:31It went to the Google DNS server to do the name resolution.

3:34So we're going to do a Control-C to stop that.

3:36And now we have statically configured the IP address

3:39on our Kali Linux box as 192.168.1.109.

3:45I hope this has been informative for you,

3:47and I'd like to thank you for viewing.