Jump to content

ReneQT

Active Members
  • Posts

    11
  • Joined

  • Last visited

Everything posted by ReneQT

  1. Ahh I see, I've been implementing it with Group Policy so it's been populating both the Microsoft store and the Firefox configuration. I'd presume firefox would behave the same on Linux, not sure about iOS and Android though.
  2. I could be wrong, but from experience all browsers refer to the Trusted Root Certificate Store within certmgr.msc on windows machines. I think you'll find at least in a windows environment this will always be the case for administrative purposes. I'm not that savvy across other platforms around certificate management.. But I am interested to see if I'm wrong or not :)
  3. Indeed, you can also convert those VMDK files using other utilities into VHD and other formats to make them compatible with other virtualisation products. The process seems so much simpler in my head, it looks much more complex in writing!
  4. DHCP Server Setup So we've got a Domain controller and a DNS server, now we need to setup DHCP! Pre-Reqs IP Range - 192.168.10.0/24 DHCP Scope - 192.168.10.1-192.168.10.200 Now the easy bit.. 1. Start the Server Manager, Right click Roles and select "Add Roles" 2. Feel free to read the "Before you begin" dialog, then click "Next" 3. At select server roles, tick DHCP Server and then click "Next" 4. Give the "Introduction to DHCP Server" a read and click "Next" 5. Network Connection Bindings define which of your network connections your DHCP Server will provide addresses to, I've only got one interface for this server so the decision is easy! 6. Specify IPv4 DNS settings should already have your domain name populated, set your preferred DNS server IP address to the IP address of your Domain Controller not your loopback address. You may notice I have entered 192.168.10.254 as my secondary DNS server, this is going to be the ip address of my router. This will allow DNS to function to an extent should DNS fail on the primary domain name server. 7. Leave WINS disabled, and click "Next" 8. DHCP Scopes is the important part, click add and configure the DHCP scope as per your own network addressing. 9. Configure DHCPv6 as disabled, click "Next" 10. DHCP Server Authorisation can be left with the default settings, this means that if any other DHCP servers are added to the domain they need to be added using the same account. 11. Confirm that your settings are correct and click "Install"! And DHCP is installed! You can verify it's installed via server manager as below. Concluding.... So now we have a Domain Controller, DNS and DHCP server! Now we can join virtual machines to our network and they'll automatically get an ip address via DHCP and DNS will resolve hostnames to IP addresses within the network. The next step will be creating a Kali, Win7 and XP virtual machine, I won't cover the VMWare Fusion steps again because they're near identical for each virtual machine, give or take a few settings. I apologise if the DHCP config seems rushed, I wrote it out once already and accidentally swiped back a page.. I'm new to OSX :(
  5. Setting up your Active Directory Domain Ok so I've install Windows Server 2008 and I'm all set to create my domain! This is actually pretty straight forward but first up, you need to ensure your server has the following. 1. A Static IP, my IP range for this environment is 192.168.10.0/24, so this VM has been set with 192.168.10.253 2. Change your servers computer name to the correct name! You want to do this now so that you don't run into legacy DNS entries if you setup DNS with the wrong computer name. DNS would update pretty quick but I've had issues with this before. This machine has been set to WIN2008DC01 DCPromo With windows server 2008 you have the 'server manager' application that launches on startup, you can pretty much add what ever services you want from this application but I still us DCPromo out of habit. 1. Windows Key + R, type DCPROMO 2. When the dialog loads click Next 3. Now this dialog is worthy of a read, what it essentially is talking about is how a 2008/2008 R2 functional level domains can enforce secure communications between legacy NT machines. 4. At the "Choose a deployment Configuration" select "Create a new domain in a new forest", We aren't adding to an existing forest, we're creating a brand new one! 5. pick a domain name! I'm going with "testlab.dev" 6. Set your forest functional level to "Windows Server 2008 R2", or what ever the highest you have to work with is. 7. For additional options you want to tick "DNS Server" this server will be the DNS server for our environment. Note: You will get a warning here about external DNS lookups, because we do not have a DNS server to forward lookups to outside of our lab yet. Click Yes, we will make a forward lookup zone once we've got the router in place! 8. The next dialog will let you pick where you want logs, database and the sysvol folder for your domain. I left these as default but it is common practice to push this to an external drive in large environments. 9. Now we can set a password for our Directory Services Restore Mode account, set this to something easy to remember. If we break the environment you might want to use this to restore if your not using snapshots! 10. Have a quick review of the summary, once your happy with it click Next and Windows will cruise through and build your domain! 11. Once the process is complete, click Finish and allow the machine to reboot. You may notice that the machine takes bit longer to boot up now, once the machine is ready to login. Login with "<your domain name here\Administrator" (testlab.dev\Administrator in my case!) Once you've logged into your new domain controller, Windows + R > type sysdm.cpl (This is just a shortcut to system management found when you right click Computer and select Manage from the start menu.) You should notice the machine name has changed to include your new domain!
  6. Building your first VM Ok so, building the first VM! Now I'm not going to cover how to install windows server 2008, it's pretty self explanatory but I will cover assigning resources for your VMs. Resourcing CPU - 1 Core RAM - 1024mb HDD - 20gb The reason this machine isn't rocking 4 cores and 4gb of ram is pretty simple, it's not going to need it. It's going to be a domain controller and a DHCP/DNS server. In a production environment you'd give this a lot more resourcing but ours is only serving our DEV/Test lab so it'll be happy with the above. So here's what setting up a custom VM in VMWare Fusion looks like. First up I'm building a custom VM so I select 'Install from Disk or Image' then click "More Options..." Create a Custom VM... From here I can select the OS I'm looking to install, what Fusion is trying to do is work out what OS I'm installing so it can pre-populate the resources for the VM. So now Fusion has populated its recommended settings for the VM.. we can see it's assigned 40gb for the HDD. Now I know this machine does not need that much space for what I need so we will need to change this before we install the operating system. So now the VM is built! We can see from the Fusion console that we have a VM! I've renamed it WIN2008DC01 (Windows 2008 Domain Controller 01) Now I mentioned earlier we need to modify the resources on the machine, at the moment the machine has 2gb of ram and 40gb of hard drive space. I'm changing this to 1gb of ram and 20gb of hard drive space. So the next few screen shots are just of the settings panel, and the few settings I'm modifying. And thats that! The VM is configured and its ready for us to install 2008 server! Or is it... Ok so one thing that can be frustrating, and this goes for most virtual solutions is booting from an iso. Fusion actually does it pretty well but what I've done is mounted the iso to the VM's CD-Rom, then gone into the "Start Up Disk" setting shown in the earlier settings panel and selected the cd-rom. Ensure your virtual machines network connection is setup to a private network! I've mentioned this before but this machine will always be internal only, this also means I do not want it accessing the internet just yet. You can use a bridged network to allow your machines to also get internet via your LAN or Wireless card but this will expose your virtual machines to the internal network (Spamming DHCP etc to places I don't want). I will be providing my these virtual machines with internet but this will place a router between the virtual machines and the bridged network. (I had a screenshot of this but I've reached the limit for this post :( So now the machine is ready to install 2008 server on!
  7. As promised! I'll keep updating this thread while I build up this new environment on my newly acquired work laptop. :) Before you start any of this your going to need a PC that has the capacity to run a few VMs. The main limitation in a DEV environment that isn't under a lot of load is RAM and Storage space, my laptop has the below specs. Hardware - MacBook Pro 15 Retina CPU - 2.3 GHz i7 Quad Core (3.5 Turbo Boost) RAM - 16GB Storage - 512GB SSD Screen - 2880x1800 15" Monitor (This is really only applicable to laptops, but a 1080P and up screen helps a lot on a laptop with running VMs, it's very annoying when the VM runs at a higher res than your screen!) Now you can get away with less, my old laptop was a HP with 8gb of RAM and a Core i5 dual core, the only real limitation I had was storage and RAM. The more RAM/Storage you have the more VMs you can run! For your reference I also have a dedicated virtual server running ESXi, this machine cost me $400~ to build. CPU - Xeon 1230 v2 3.3GHz Quad Core RAM - 4x 8gb RAM modules, these are ULTRA cheap now. Mobo - Cheapest mobo I could find that would accept my CPU and RAM! (Gigabyte because they're my favourite :D) Storage - 128GB SSD, and two other HP Microservers that act as iSCSI targets in a Storage Unified Network, 8TB worth of sandbox! Virtualisation Software VMWare Fusion (OSX equivalent of VMWare Workstation) - Doesn't look like much without any virtual machines! One thing for MAC users to take into account when using VMWare Fusion is the internal DHCP and virtual interface need to be disabled and configured. The configuration file can be found under \Libraries\Preferences\VMware Fusion\networking You'll notice VNET_1_DHCP is set to "no", VNET_1 represents my internal network on my laptop. This network has no access to the internet, the reason for this is to ensure that I don't accidentally connect my virtual machines to a clients network, especially my DHCP server. No client is going to be happy if you start handing out IP addresses to their client machines! Now I'm good to go to start building up my machines inside the private internal network on my laptop! Alternative Virtualization Solutions Now the advantage of having this virtual environment on my laptop is that I can take this anywhere with me, but what if you don't have OSX and VMWare Fusion..? Luckily there are PLENTY of other solutions out there that will do the same thing! I'll list off my favourites below. Software Virtualisation (Similar to VMWare Fusion) -Windows 8 With Hyper-V Installed - If you happen to own a windows 8 machine you can install the Hyper-V role and build machines using Microsofts Virtualisation platform. I've used this before and it works very well, one thing that trips a lot of people up is the virtual switch feature. It is necessary to configure the virtual switch for internal and external switches similar to what I've done with VMWare Fusion above. -Oracle Virtualbox (Virtualbox.org) - This is a free offering from Oracle, it's super easy to use and best of all it's free! -VMWare Workstaion - This is very solid product that VMWare produce, it's the Windows version of VMWare Fusion but it's not free. A key advantage for vmware is that it's so common now to find vendors creating virtual appliances and machines as downloadable .vmdk files. This allows you to create a new VM, point it to the pre-made virtual harddrive and it's good to go! Hardware Level Virtualisation Now what if you don't need your test lab to be portable..? And you have some spare hardware around, hey ram is cheap.. if your mobo supports 32gb of ram or more you can use a hardware level hypervisor! This means the operating system on the machine is the hypervisor, you build your VMs directly on the virtual host with a much smaller footprint. Now most of these are free, and all from reputable vendors which is always good. VMWare ESXi - I highly recommend this product mainly because this is a cut down version of ESX, pretty much the most common virtualisation platform out there at the moment, and it's free! This is a very powerful virtualisation platform and on dedicated hardware it will EASILY handle anything you throw at it providing you have the hardware to back it up. Microsoft Hyper-V - This product is free, but there is no licensing model for Hyper-V! This means you have the full blown product, not a cut down version like ESXi. So you can configure features such as HA if you have multiple servers that will allow them to automatically fail over machines to one another should the other member of the HA group fail. A good, easy to use product and lots of info out there on the internet if you want more info! Citrix XenServer - This was my favourite for years, it has a free license and it's easily the easiest product out of the three listed to use. It's also the youngest, although it is based on Xen which has been around for a very long time. It's a solid platform and very much worth a look if your interested! Closing thoughts! This is all I can cover now (It's mothers day.. Gotta be semi social!) but It should help you get started on getting the base of your DEV/Test Lab setup. What you should take away from this is that you do not need to spend a lot to build a solid DEV/Test lab and it's not hard to get started! I recommend you do some research on the above mentioned products to see what fits your needs/resources, then jump in the deep end and start playing! Please let me know if you see any horribly misleading or incorrect info, and feel free to give me some feedback! The next update will cover the setup up your first VM using Windows 2008 Server to provide your other virtual machines with DHCP, DNS and Active Directory!
  8. It'll be used pretty broadly but the best term I can come up with is proof of concept. Being able to demonstrate to a client how a vulnerability/fix/application solution works with 100% zero impact to their environment. I'll also be using it to study for some industry certifications I'm aiming for.
  9. Heya Guys, I was wondering if anyone would be interested in a DEV/Test lab build walkthrough, I'm about to build another one for my new work laptop and I thought it might be some good information for people just starting out with virtualisation/security. I'll be building it all in VMotion with the following. Router - Sophos UTM or Vyatta, these are both virtual routing devices but I haven't had a lot of EXP with the Sophos solution so I'm keen to give it a shot, has some nice AV/Security features. Operating Systems - Windows Server 2012/2008/2003, Windows 8/7/XP, Ubuntu Servers such as Metasploitable and Kali (I'll probably add more but this is what I remember off the top of my head!) Services/Products - Active Directory, DHCP, DNS, Exchange, SCCM, SCOM and IIS (This will change a lot as I chew through the environment and find more things to play with!) Thats a rough overview, and about all I can think of until this coffee kicks in.. I'm aware it's rather windows based but the majority of the environments I work in are Windows based. Let me know your thoughts, no biggie if no one is interested
  10. Heya locot3, Have you got a php multi handler setup on the server? I found the best way to achieve this (Also can be seen in one of Mubix's videos on Hak5) is to use your meterpreter session to upload a php multi handler to the web server and execute it remotely, EG: Upload multihandler file TROLLOL.PHP into a php directory on the web server, navigate to the php script as below, modify for correct patching etc. 192.168.1.10/TROLLOL.php As long as you have a session handler listening you can tunnel this straight out of port 80 and boom, meterpreter shell! :D
  11. Hi JD, When you say DOA what exactly does the battery do? The only issue I had with my battery was charging it for the first time, I didn't realise you had to actually have the battery on (The green light should light up on the charger) in order for it to charge.
×
×
  • Create New...