Virtual Lab Enviroment -smfe

[THESHade]

Hello,

I am watchingSecurityTube Metasploit Framework Expert and I got up to part 16 but now I want to create my own lab (I am not willing to pay for one... ) so I found some old WinXP CD (unfortunately it`s SP2) and installed it on VirtualBox VM. Now I can`t figure out how to connect them. (I figured they should be on the same LAN so that it will work, am I right? At least I think that`s what VIvek`s setup looks like. I assume there are ways to break into a machine using metapsloit and there is no need to be on a same network but I figured as a beginner it would be better to start with a LAN, especially because that`s what`s going on in the videos (still just my assumption))

So I tried Bridged connection. Didn`t work as both machines had completely different IP addresses. Then I tried Internal Network option in VirtualBox and that resulted in no IP address as the DHCP server isn`t working for that one. (I got na IP address from WinXP) So I treid t set em up manually on same network. didn`t work. I couldn't`t ping the other VM. I tried setting up BT5 to the same IP as WinXP got automatically. No success again.

Now I am lost,

Can anyone suggest my next step? (I already googled and I didn`t find anything)

Edited February 22, 2012 by THESHade

[Infiltrator]

I am not sure about virtualbox, but if you use Vmware Workstation, all you have to do is set your VM's network interface to NAT. That will provide the VM with an IP address on a different subnet range.

For instance, if your main LAN ip address is 192.168.1.1, the virtual machine IP address will be something like 192.168.48.1. When setting up the VM network interface, its a good security practice to set it to NAT NOT bridge or you could accidentally exploit one of your LAN machines and you don't want that.

By using the VM's IP subnet instead of your LAN's subnet, it completely isolates your main LAN PCs from your VMs. However, one thing to note is that, your VMs will still be able to ping your LAN machines, but not the other way around. That's because NAT is preventing your LAN machines from talking to the virtual machines.

Edited February 22, 2012 by Infiltrator

[THESHade]

Hey, ty for a reply,

If I use NAT I will indeed have a different IP address on my VM then on my host but when I have 2 VMs they still can`t connect to each other (usually they even have the same IP address as ofc. thats the job of NAT to translate them) So as far as I know it still won`t help me connect attacker`s machine with victim`s machine (both are VMs). Tell me if I am wrong though.

Ah, I see, I wasn`t clear enough. Sorry for that. I want to connect 2 Virtual Machines together. Not my host with a VM.

Might be worth mentioning that my Host Os is Win7.

Cheers

Edited February 22, 2012 by THESHade

[Infiltrator]

I also have Windows 7 as the main OS, for the virtual machines I have two, a Windows XP and a Ubuntu

I just did a ping test and I can ping both virtual machines. So I'd say there must be a misconfiguration somewhere with your setup.

Tell me something, what happens when you try to ping both vms at a time, what error do you receive?

[THESHade]

Today I managed to ping attackers machine from WinXP victim`s machine but not the other way around. When I was pining form BT5R1 it just didn`t move and got stuck on pinging [address]

I had internal network set-up and I manually set-up IP address for BT5 t o the one WinXP had via it`s DNS. There is no default gateway but from what I remember it`s not rly necessary as it`s the IP address fo router and it`s used to connect ot internet as far as I know(1 machine sends it`s request to that address and then it it is routed outside of the network from there and it also recieves the response via that address).

Then I set up all connections (NAT, Bridged and internal network) on both VMs and tried to ping the XP machine from my host as u requested. All failed. Bridged and Internal got 'general failure' and NAT got 'connection time out'. Backtrack VM didn`t have any IP address set up automatically (no default DNS I guess)

When I come back I will prob. try booting up ubuntu as well and see if it can ping WinXP and vice versa. Taht would mean that I will only have to play with BT5 config.

EDIT: Might be worth mentioning that the WinXP shows 'Limited or No connectivity'

EDIT2: So I tried 'Internal networking' for Ubuntu as well. Same ting happened. no IPv4 address and when I set it up manually I can ping it from WinXP but not vice versa.

Edited February 22, 2012 by THESHade

[blitz205]

To make this work with less trouble

you might want to turn the dhcp server on in xbox and let the ip assign themselves

And last i tried it could get internal route only so may get the windows limited connectivity cause it can't get to the outside world

On OS X and have parallels so gave up on virtual box the alternatives just work

[THESHade]

To make this work with less trouble

you might want to turn the dhcp server on in xbox and let the ip assign themselves

And last i tried it could get internal route only so may get the windows limited connectivity cause it can't get to the outside world

On OS X and have parallels so gave up on virtual box the alternatives just work

I am prob. doing something wrong when setting up DHCP on vbox

the last part of the post doesn`t make sense mate, sorry :(

[Infiltrator]

I am prob. doing something wrong when setting up DHCP on vbox

the last part of the post doesn`t make sense mate, sorry :(

Here is how my set up is, I have my main router distributing the IP addresses to each individual machine on my network.

My VMs network interface are set to NAT, and the virtual machines TCP/IP settings set to dynamic instead of static.

Also there is no need for another DHCP server, all you have to do is set your VMs network interface to NAT.

With this configuration, each VM should now be able to ping each other.

[THESHade]

I prob. have some holes in my networking knowledge but how can they ping each other when there is NAT (NAT translates only TCP, UDP as far as I know)

Let`s say that it will work... but problem is that both machiens have exactly the same IP address when I set up NAT (Maybe a vbox thing?

[Infiltrator]

I prob. have some holes in my networking knowledge but how can they ping each other when there is NAT (NAT translates only TCP, UDP as far as I know)

Let`s say that it will work... but problem is that both machiens have exactly the same IP address when I set up NAT (Maybe a vbox thing?

Just like your normal LAN machines, they are behind NAT as well as on the same subnet 192.168.1.x, and that's how they are able to ping one another.

In the case of the VMs, each one of them are also on a subnet 192.168.2.x but NOT on the same subnet as your LAN computers 192.168.1.x.

And that's because Virtualbox is using it's built in NAT capability to separate the two subnets.

For example, you main OS could have an IP address of 192.168.1.5, since Virtualbox is installed on it, its built in NAT will translate the host's IP address to something like 192.168.2.x or 192.168.40.x

Edited February 23, 2012 by Infiltrator

[THESHade]

Yea, but they won`t have a direct IP level access to each other.

Anyway, I think I solved my problem... silly me... I jsut set it up to Host-only adapter... and now both VMs are on the same network

Thnx for help though :)

Gonna test the lab ot after the weekend.

Edited February 23, 2012 by THESHade