Create a Hacking Lab!

Hacking 101

Hacking lab VirtualBox Kali parrot

Hacking is both fun and educational. Traditionally, one would have to break the law to practice this craft. Not a wise choice nowadays, as the world is increasingly adept at catching sneaky hackers. These days, we can avoid the need for legal representation and simply build our own network, complete with servers and computers. We can then isolate this network from the internet and even our own internal network, giving us the freedom to unleash the full fury of Metasploit or programs of our own design.

First we download Virtualbox at https://www.virtualbox.org/. Click the giant ‘Download’ button and follow the instructions. If you need additional guidance, you can watch this video: https://www.youtube.com/watch?v=nwjZWHou8u0 .

Once VirtualBox is installed, we’ll need some operating systems to install on it. For our attacking machine, I recommend Kali Linux, which can be found here: https://www.kali.org/get-kali/#kali-virtual-machines

I also recommend Parrot OS, found here: https://www.parrotsec.org/download/ Both Kali and Parrot are great Linux distributions. Download either or both, and then take note of where you save them. We’ll need to navigate to these files later when we’re ready to install.

For our target machine, we will use metasploitable2. It is designed to be highly exploitable, and a very popular choice. It can be found on sourceforge at: https://sourceforge.net/projects/metasploitable/

Exploiting just one target machine can be boring. Luckily for us, there are many places to download machines with unique and varying difficulties of vulnerabilities for us to exploit! One such place is VulnHub. At the top of VulnHub, you can search for whatever you like. Some of my favorite machines are ‘Earth,’ ‘Mercury,’ and ‘Venus.’ Download whatever catches your eye and save them to the same folder where you saved the rest of your operating systems.

Start up VirtualBox and let’s add all of your machines to it. Some machines can be added by just pressing the big green plus symbol, then navigating to the folder where they are saved. If you don’t see your machine there, click ‘File’ and then ‘Import Appliance.’ See below.

Click the little folder icon and navigate to your saved file.

Click next and then click finish. See below:

Continue this process until you have every machine added. I recommend leaving all the settings on each machine at their default, except for the network settings, which we will change in the next paragraph. However, a word of warning: many of these machines, especially Metasploitable2, can be dangerous to your network as potential entry points. This is why we’re going to quarantine them off. The next step is crucial, so do not skip it! Vulnerable machines on an open network are a bad idea!

Left click the first machine, selecting it. Then click the giant orange hamburger cog that says “settings”. See below

Click the ‘Network’ tab on the left and then select ‘NAT Network’ in the ‘Attached to’ dropdown menu. In the ‘Name’ dropdown box, choose a suitable name. Repeat this for each of your virtual machines. This will place each of the machines on the same network, yet separate them from any network outside of VirtualBox. This means that not even your local machine, on which VirtualBox is installed, can see these machines when they’re running!

Your Hacking lab is all set up! Now, are you ready to learn how to scan a these machines in your new “hacking lab” network like a pro? Click here to find out how https://mad-twash.com/how-to-scan-for-vulnerabilities/

Want to learn how to exploit an unpatched Samba vulnerability? Click here: https://mad-twash.com/port-139-samba-3-x-4-x-linux-exploit/

Tags
Mad-Twash
Mad-Twash
Articles: 5

Related Posts