Just yesterday my "new" hardware was delivered, a Promise Ultra133 TX2. I think you can buy this piece of hardware since 2004 and I got it very cheap :-) I just installed it for testing purposes and I connected a old 80GB IDE HD. ESXi did recognize the Promise IDE controller and the attached hard drive and I could add the 80GB HD as datastore3.
If I need more cheap space in the future, I have now the option to add up to 4 IDE drives.
Thanks to vm-help.com and their list of supported hardware :-)
Friday, 23 December 2011
Thursday, 22 December 2011
Virtual Machines prepared for executing a PenTest
- BackTrack
BackTrack 5 R1 Download
- Samurai WTF
The Samurai Web Testing Framework is a live linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and free tools that focus on testing and attacking websites. In developing this environment, we have based our tool selection on the tools we use in our security practice. We have included the tools used in all four steps of a web pen-test.I've been using BackTrack now for a year and I really like it because you can work very efficient with this distribution. In the future I just want to have a look at Samurai WTF, as I've never worked with it before.
Samurai WTF
- OWASP Live-CD
OWASP Live-CD Project
Deploying UltimateLAMP to ESXi
After downloading UltimateLAMP, I wanted to copy the VM to my ESXi server. I downloaded it to my MacBook that is running Mac OS X Lion. As VMware Infrastructure Client and VMware vCenter Converter Standalone is only available on Windows, I had to start my Windows XP VM on my MacBook in VMware Fusion.
Every time, when I wanted to use VMware vCenter Converter Standalone to convert UltimateLAMP to my ESXi Server I got the following error:
UltimateLAMP was all the time in my download folder in Mac OS X and Windows XP was just accessing it through a shared folder configured in VMware Fusion. The solution was, to copy the UltimateLAMP VM into my Windows XP VM and then I could use the VMware vCenter Converter Standalone to copy it to my ESXi server without any errors.
A little circuitous, but UltimateLAMP is now also running as a VM :-)
Every time, when I wanted to use VMware vCenter Converter Standalone to convert UltimateLAMP to my ESXi Server I got the following error:
Es können keine Hardwareinformationen für die ausgewählte Maschine abgerufen werden.Also uploading the UltimateLAMP VM to my ESXi via VMware Infrastructure Client didn't work. The upload was successful and I was able to add the VMX file, but I couldn't start the VM in ESXi.
UltimateLAMP was all the time in my download folder in Mac OS X and Windows XP was just accessing it through a shared folder configured in VMware Fusion. The solution was, to copy the UltimateLAMP VM into my Windows XP VM and then I could use the VMware vCenter Converter Standalone to copy it to my ESXi server without any errors.
A little circuitous, but UltimateLAMP is now also running as a VM :-)
Installation of Damn Vulnerable Linux (DVL)
The installation of DVL is quite easy. After booting the ISO, you just have to create a partition, format it, launch the BackTrack Installer and install the boot loader. To make a long story short, here is a very good installation instruction (you can jump to "3. Partition the disk"):
DVL Installation
The installationbar in the BackTrack Installer stalled for at least 5 Minutes at 85%, but I could see through
# iostat /dev/sda 1
that still some data has been written to the disk. So just be patient :-)
Another hint: I could not execute lilo -v as described in the link, of course I had to chroot to the DVL installation first. Then everybody worked as a charm.
DVL Installation
The installationbar in the BackTrack Installer stalled for at least 5 Minutes at 85%, but I could see through
# iostat /dev/sda 1
that still some data has been written to the disk. So just be patient :-)
Another hint: I could not execute lilo -v as described in the link, of course I had to chroot to the DVL installation first. Then everybody worked as a charm.
Wednesday, 21 December 2011
Change keyboard layout in BackTrack 5 R1 to German
After installing BackTrack 5 R1, I had to change the keyboard Layout in the Terminal, because it was set to English. With two commands the keyboard layout can be changed permanently:
#sudo /usr/sbin/locale-gen de_DE.UTF-8
#sudo /usr/sbin/update-locale LANG=de_DE.UTF-8
By executing locale, the configuration can be checked. It should look like this:
root@bt:/# locale
LANG=de_DE.UTF-8
LC_CTYPE="de_DE.UTF-8"
LC_NUMERIC="de_DE.UTF-8"
LC_TIME="de_DE.UTF-8"
LC_COLLATE="de_DE.UTF-8"
LC_MONETARY="de_DE.UTF-8"
LC_MESSAGES="de_DE.UTF-8"
LC_PAPER="de_DE.UTF-8"
LC_NAME="de_DE.UTF-8"
LC_ADDRESS="de_DE.UTF-8"
LC_TELEPHONE="de_DE.UTF-8"
LC_MEASUREMENT="de_DE.UTF-8"
LC_IDENTIFICATION="de_DE.UTF-8"
LC_ALL=
In BackTrack 5 R1 this worked for me, but not in R3.
In BackTrack 5 R3 I needed to execute:
# dpkg-reconfigure console-setup
Then I was able to change the keyboard layout.
#sudo /usr/sbin/locale-gen de_DE.UTF-8
#sudo /usr/sbin/update-locale LANG=de_DE.UTF-8
By executing locale, the configuration can be checked. It should look like this:
root@bt:/# locale
LANG=de_DE.UTF-8
LC_CTYPE="de_DE.UTF-8"
LC_NUMERIC="de_DE.UTF-8"
LC_TIME="de_DE.UTF-8"
LC_COLLATE="de_DE.UTF-8"
LC_MONETARY="de_DE.UTF-8"
LC_MESSAGES="de_DE.UTF-8"
LC_PAPER="de_DE.UTF-8"
LC_NAME="de_DE.UTF-8"
LC_ADDRESS="de_DE.UTF-8"
LC_TELEPHONE="de_DE.UTF-8"
LC_MEASUREMENT="de_DE.UTF-8"
LC_IDENTIFICATION="de_DE.UTF-8"
LC_ALL=
In BackTrack 5 R1 this worked for me, but not in R3.
In BackTrack 5 R3 I needed to execute:
# dpkg-reconfigure console-setup
Then I was able to change the keyboard layout.
Setting Up a Pen-Test Lab with vulnerable VMs
Since ESXi 3.5 is installed on my server, I was looking for already vulnerable VMs that can be deployed to it. The following list contains the VMs that I found via a google search:
Description of Metasploitable
PirateBay Link
Here is the description of the Homepage for UltimateLAMP:
Description of Ultimate LAMP
Direct download Link
Distrowatch
PirateBay Link
If you know more vulnerable VMs that can be used in a penetration testing lab, leave a comment. Thx.
Besides these VMs, the OWASP Project is also hosting a website called HackingLab. You just have to register and then you are able to connect into the HackingLab with an OpenVPN Client . The OWASP Project also provides an already configured VM that can be used to connect into the HackingLab. When you are connected you are able to execute several web application pentests against the HackingLab Test Environment. Here you can find the whole list of challenges.
URL:
How to set up a penetration testing Lab
- Metasploitable
PirateBay Link
- Ultimate LAMP
Here is the description of the Homepage for UltimateLAMP:
UltimateLAMP is a fully functional environment allowing you to easily try and evaluate a number of LAMP stack software products without requiring any specific setup or configuration of these products.UltimateLAMP
Description of Ultimate LAMP
Direct download Link
- Damn Vulnerable Linux (DVL)
Distrowatch
PirateBay Link
If you know more vulnerable VMs that can be used in a penetration testing lab, leave a comment. Thx.
Besides these VMs, the OWASP Project is also hosting a website called HackingLab. You just have to register and then you are able to connect into the HackingLab with an OpenVPN Client . The OWASP Project also provides an already configured VM that can be used to connect into the HackingLab. When you are connected you are able to execute several web application pentests against the HackingLab Test Environment. Here you can find the whole list of challenges.
URL:
How to set up a penetration testing Lab
Dell PowerEdge 1600 SC
I've got a new machine for setting up a penetration testing lab at home. I just bought it recently for 50 Euro on a flea market and it was really a snip. It is a Dell PowerEdge 1600 SC.
Specification of my server:
2 x 2,8 Ghz Xeon CPU
4 x 1 GB ECC
Gigbabit Ethernet
1 x 32 GB Ultra 320 SCSI
After I checked the Windows XP installation on this machine (and I didn't found anything useful or interesting), I decided to install VMware ESX Server 3.5 immediately. This is the latest version that can be used on 32-Bit Hardware. Version 4 and 5 of ESX Server can only be operated on 64-Bit Hardware.
With this little hint by vm-help.com, I was able to install ESX Server 3.5 to an old 160 GB IDE HD.
Now I have an IDE datastore (datastore1) with 148 GB of space and a SCSI datastore (datastore2) with 29 GB of space.
Datastore2 will be used as space for ISOs, Datastore1 will be used as space for the virtual machines.
Links:
Official specification by Dell
Great information ressource for ESXi 3.5
Compatible Hardware with ESXi 3.5
Specification of my server:
2 x 2,8 Ghz Xeon CPU
4 x 1 GB ECC
Gigbabit Ethernet
1 x 32 GB Ultra 320 SCSI
After I checked the Windows XP installation on this machine (and I didn't found anything useful or interesting), I decided to install VMware ESX Server 3.5 immediately. This is the latest version that can be used on 32-Bit Hardware. Version 4 and 5 of ESX Server can only be operated on 64-Bit Hardware.
With this little hint by vm-help.com, I was able to install ESX Server 3.5 to an old 160 GB IDE HD.
Now I have an IDE datastore (datastore1) with 148 GB of space and a SCSI datastore (datastore2) with 29 GB of space.
Datastore2 will be used as space for ISOs, Datastore1 will be used as space for the virtual machines.
Links:
Official specification by Dell
Great information ressource for ESXi 3.5
Compatible Hardware with ESXi 3.5
Subscribe to:
Posts (Atom)