Hello everyone, my name is x0n1r0n, and I'm relatively new to Backtrack and the Metasploit Framework. I've been following closely the metasploit unleashed documentation, but have hit something of a hiccup when trying out different commands in msfconsole.
I'm running BT5 R1 with virtualbox 4.1.8 configured with the NIST FDCC Windows XP as a Guest OS inside virtualbox.
I have the settings for Virtualbox set like so:
http://i.imgur.com/hntlf.png
Adapter:
IPv4 Address: 192.168.56.1
IPv4 Network Mask: 255.255.255.0
http://i.imgur.com/oIKDA.png
DHCP Server:
Server Address: 192.168.56.100
Server Mask: 255.255.255.0
Lower address bound: 192.168.56.101
Upper address bound: 192.168.56.254
http://i.imgur.com/J6WMM.png
I have the settings for my XP Guest OS (fdcc-xp) like so:
Adapter 1:
Enabled
Attached to: [Host-only Adapter]
Name: [vboxnet0]
Promiscuous Mode: [Allow All] (not sure if I need this to allow all, deny, or allow vms)
Cable connected: [x]
With these settings, virtualbox creates a virtual network adapter in BT called vboxnet0, which resides next to my only other network device, the loopback interface "lo":
http://i.imgur.com/n4MAN.jpg
lo Link encap:Local loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
vboxnet0 Link encap:Ethernet HWaddr 0a:00:27:00:00:00
inet addr:192.168.56.1 Bcast:192.168.56.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
At this point, I ping from XP to BT and the reverse to make sure I can ping bidirectionally:
http://i.imgur.com/NclIG.png
http://i.imgur.com/2KUqk.png
And both directions seem to work as I see replies in both shells.
Now I'm ready to run some scanning modules from msfconsole. Here is where I encounter my first problem!
As in the Guide (Metasploit Unleashed - http://www.offensive-security.com/metasploit-unleashed/Port_Scanning) I run the db_nmap scan as well as the smb_version scan just fine. Notice with "show options" both of these modules do not require an interface name:
http://i.imgur.com/BZ6Vt.jpg
http://i.imgur.com/EKYJn.jpg
Both modules are able to communicate just fine with the XP Guest OS (target) and report open ports to me.
Here is where I've been stumped for the last few hours I've worked with this. Any module that has the "optional" [interface] parameter, I enter the "vboxnet0" adapter only to get errors or failures. I've tried entering nothing (which ends up defaulting to the first 'up' device {eth0 or lo}) as well, with similar results.
http://i.imgur.com/OxwKY.jpg
Notice the line >set interface vboxnet0, this is the crux of my problem. I don't know what I should put here, or if it should really be vboxnet0, I don't know what the problem is. It seems that any modules that ask for the specific interface (network adapter name) should be able to use the vboxnet0 virtual interface, but I've had no success.
Something I did notice while running both db_nmap and smb_version was that all the traffic seems to have been sent through my loopback interface lo because I watched the RX and TX go up as the db_nmap and smb_version commands ran, which seem to indicate to me that lo is communicating with my XP VM, whereas I thought vboxnet0 was supposed to be reserved for such communications:
http://i.imgur.com/dCuBJ.jpg
http://i.imgur.com/9mSiR.jpg
So my questions are:
1. Is vboxnet0 the correct interface I should be specifying for msfconsole's commands that "require" an interface?
2. If it is, how do I go about reconfiguring it so that it is communicating properly with my guest XP OS
3. If it is not, what would your (anyone's) recommended setup be for how to configure the networking between the Guest XP and BT5 such that both host and guest operating systems appear on the same network with bidirectional communication unimpeded?
Thank you in advance for taking the time to look at my problem. I am accumulating this knowledge in the hopes of giving back more to the community for the sake of justice.