x0n1r0n Posted February 22, 2012 Posted February 22, 2012 Hello everyone, my name is x0n1r0n, and I'm relatively new to Backtrack and the Metasploit Framework. I've been following closely the metasploit unleashed documentation, but have hit something of a hiccup when trying out different commands in msfconsole. I'm running BT5 R1 with virtualbox 4.1.8 configured with the NIST FDCC Windows XP as a Guest OS inside virtualbox. I have the settings for Virtualbox set like so: http://i.imgur.com/hntlf.png Adapter: IPv4 Address: 192.168.56.1 IPv4 Network Mask: 255.255.255.0 http://i.imgur.com/oIKDA.png DHCP Server: Server Address: 192.168.56.100 Server Mask: 255.255.255.0 Lower address bound: 192.168.56.101 Upper address bound: 192.168.56.254 http://i.imgur.com/J6WMM.png I have the settings for my XP Guest OS (fdcc-xp) like so: Adapter 1: Enabled Attached to: [Host-only Adapter] Name: [vboxnet0] Promiscuous Mode: [Allow All] (not sure if I need this to allow all, deny, or allow vms) Cable connected: [x] With these settings, virtualbox creates a virtual network adapter in BT called vboxnet0, which resides next to my only other network device, the loopback interface "lo": http://i.imgur.com/n4MAN.jpg lo Link encap:Local loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:16436 Metric:1 vboxnet0 Link encap:Ethernet HWaddr 0a:00:27:00:00:00 inet addr:192.168.56.1 Bcast:192.168.56.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 At this point, I ping from XP to BT and the reverse to make sure I can ping bidirectionally: http://i.imgur.com/NclIG.png http://i.imgur.com/2KUqk.png And both directions seem to work as I see replies in both shells. Now I'm ready to run some scanning modules from msfconsole. Here is where I encounter my first problem! As in the Guide (Metasploit Unleashed - http://www.offensive-security.com/metasploit-unleashed/Port_Scanning) I run the db_nmap scan as well as the smb_version scan just fine. Notice with "show options" both of these modules do not require an interface name: http://i.imgur.com/BZ6Vt.jpg http://i.imgur.com/EKYJn.jpg Both modules are able to communicate just fine with the XP Guest OS (target) and report open ports to me. Here is where I've been stumped for the last few hours I've worked with this. Any module that has the "optional" [interface] parameter, I enter the "vboxnet0" adapter only to get errors or failures. I've tried entering nothing (which ends up defaulting to the first 'up' device {eth0 or lo}) as well, with similar results. http://i.imgur.com/OxwKY.jpg Notice the line >set interface vboxnet0, this is the crux of my problem. I don't know what I should put here, or if it should really be vboxnet0, I don't know what the problem is. It seems that any modules that ask for the specific interface (network adapter name) should be able to use the vboxnet0 virtual interface, but I've had no success. Something I did notice while running both db_nmap and smb_version was that all the traffic seems to have been sent through my loopback interface lo because I watched the RX and TX go up as the db_nmap and smb_version commands ran, which seem to indicate to me that lo is communicating with my XP VM, whereas I thought vboxnet0 was supposed to be reserved for such communications: http://i.imgur.com/dCuBJ.jpg http://i.imgur.com/9mSiR.jpg So my questions are: 1. Is vboxnet0 the correct interface I should be specifying for msfconsole's commands that "require" an interface? 2. If it is, how do I go about reconfiguring it so that it is communicating properly with my guest XP OS 3. If it is not, what would your (anyone's) recommended setup be for how to configure the networking between the Guest XP and BT5 such that both host and guest operating systems appear on the same network with bidirectional communication unimpeded? Thank you in advance for taking the time to look at my problem. I am accumulating this knowledge in the hopes of giving back more to the community for the sake of justice. Quote
Mr-Protocol Posted February 22, 2012 Posted February 22, 2012 I would suggest changing both VMs network cards to "Internal Network" instead of the "Host-Only" I would also suggest not putting in an interface when it's "optional". It should go to the correct place based on the network you are trying to talk to and should avoid loopback all together. Quote
x0n1r0n Posted February 22, 2012 Author Posted February 22, 2012 I would suggest changing both VMs network cards to "Internal Network" instead of the "Host-Only" I would also suggest not putting in an interface when it's "optional". It should go to the correct place based on the network you are trying to talk to and should avoid loopback all together. I only have 1 VM, the xp machine, running within virtualbox installed on my host machine running Backtrack 5. As far as I can tell from the documentation, it looks like Internal is designed for 2 vms running in virtualbox, or should I try setting the one into internal mode anyway? I'll try when I get home to see how it goes, thank you. Quote
THESHade Posted February 23, 2012 Posted February 23, 2012 Go for Bridged connection Should work Let us know Quote
x0n1r0n Posted February 23, 2012 Author Posted February 23, 2012 Go for Bridged connection Should work Let us know When I set the virtualbox adapter type to bridged, I select eth0 as the host adapter. I ran ifconfig eth0 192.168.56.6 on my host to set it, and started virtualbox. I gave my guest XP static ip of 192.168.56.10. After this, I cannot ping in either direction =/ . If I type 'arp' on my host machine, the guest's IP (192.168.56.10) and it's MAC address show up with Iface set to eth0. I have nothing under iptables -L. So now that bridged doesn't work, does that mean something is misconfigured with my host machine (BT)? Quote
Mr-Protocol Posted February 23, 2012 Posted February 23, 2012 Side note: BT5 isn't ment for an every-day desktop distro. Quote
x0n1r0n Posted February 24, 2012 Author Posted February 24, 2012 Side note: BT5 isn't ment for an every-day desktop distro. Duly noted. I suppose I'm going to try installing an instance of BT into VBox to see if the internal networking will get this to work properly. Thanks for the suggestion! Quote
Infiltrator Posted February 24, 2012 Posted February 24, 2012 Duly noted. I suppose I'm going to try installing an instance of BT into VBox to see if the internal networking will get this to work properly. Thanks for the suggestion! You should give Ubuntu a try, if you plan on using it for normal or every day usage. Quote
THESHade Posted February 24, 2012 Posted February 24, 2012 Duly noted. I suppose I'm going to try installing an instance of BT into VBox to see if the internal networking will get this to work properly. Thanks for the suggestion! Hey, if u gonna use 2 VBoxes ~(I had the same problem in the thread Virtual Lab/SMFE) then use Host-only adapter, that will make ur VBoxes be on the IP level. Internal networking didn`t work for me (VBox Version 4.4) Quote
x0n1r0n Posted February 25, 2012 Author Posted February 25, 2012 You should give Ubuntu a try, if you plan on using it for normal or every day usage. Do you mean running Ubuntu as my host OS and then installing BT5 inside (as a VBox vm)? Are there any serious limitations to doing this in terms of restricting BT's functionality or hardware-level access (of wifi for instance)? This is actually what I'm in the process of doing right now, but was wondering about what kind of drawbacks there might be for running BT5 as a VM as opposed to, for instance, as a live USB install. Hey, if u gonna use 2 VBoxes ~(I had the same problem in the thread Virtual Lab/SMFE) then use Host-only adapter, that will make ur VBoxes be on the IP level. Internal networking didn`t work for me (VBox Version 4.4) As I understand it, internal networking is what I'll be needing with 2 virtual boxes set up. From http://www.virtualbox.org/manual/ch06.html : Internal networking This can be used to create a different kind of software-based network which is visible to selected virtual machines, but not to applications running on the host or to the outside world. and later in the same section on internal networking: Unless you configure the (virtual) network cards in the guest operating systems that are participating in the internal network to use static IP addresses, you may want to use the DHCP server that is built into VirtualBox to manage IP addresses for the internal network. Are you saying you have 2 virtual machines under VirtualBox communicating with eachother via host-only? Quote
THESHade Posted February 26, 2012 Posted February 26, 2012 'Are you saying you have 2 virtual machines under VirtualBox communicating with eachother via host-only?' Yes and static IP addresses didn`t work for me via itnernal entworking and I didn`t manage to set up Vbox DHCP Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.