Onus Posted December 31, 2015 Share Posted December 31, 2015 (edited) hello all. I, being new to the fabulous world of pen testing am now looking into setting up a lab with something like xenserver, but have a few noob questions.. 1. if i set up a bunch of VMs on a xenserver and connect that server to my home network via an ethernet connection, can i actually attack those VMs from a real world linux machine on the same real network, or only from another virtual machine on the xenserver? 2. what are the best options hardware and price wise for the xen server? I was looking at the really cheap ($99) Kangaroo by intel.. http://www.newegg.com/Product/Product.aspx?Item=N82E16883722001&cm_mmc=unlocked-_-article-_-kangaroopc-_-NA Idon't know if any of you have played with this little "pc." and I am wondering if you can actually ditch windows 10 on it and install xenserver. another option might be this little guy: http://www.newegg.com/Product/Product.aspx?Item=N82E16883254005 .. I know Darren and Shannon did a little diddy on using a nuc for xenserver, but being so uncertain about whether xenserver can do everything i want (see question 1), i really don't want to drop $600 (call me a cheapo, but i have spent a lot of money latly on this new little hobby) Thanks to anyone who cares to take the time to educate this noob. sincerely, onus Edited December 31, 2015 by Onus Quote Link to comment Share on other sites More sharing options...
0phoi5 Posted December 31, 2015 Share Posted December 31, 2015 (edited) I'm not sure if this is the kind of information you are looking for, but you may wish to glance at / read ; http://null-byte.wonderhowto.com/how-to/hack-like-pro-create-virtual-hacking-lab-0157333/ Personally, I prefer to pentest actual devices, rather than virtual ones. But then, as you said, it's the cost that's the issue! Get hardware where you can afford it, though, as nothing beats the real thing. Edited December 31, 2015 by haze1434 Quote Link to comment Share on other sites More sharing options...
sud0nick Posted December 31, 2015 Share Posted December 31, 2015 When you put VMs on your network it is exactly the same as if you had a physical machine on that network. You can even add WiFi adapters to the host and logically attach them to a particular VM. I currently use a NUC with ESXi for my lab environment and it works perfectly. I have a Kali VM and a few server VMs on my host and everything works perfectly. If you want to go the NUC route here is some information and here is a guide for building the ESXi image for ESXi 5 and ESXi 6. Quote Link to comment Share on other sites More sharing options...
Onus Posted December 31, 2015 Author Share Posted December 31, 2015 SudOnick, I noticed you mentioned a Kali vm? Assuming Kali is your attacker machine, why would you need a virtual one? I hope I'm being clear, my idea is to have a real Kali laptop connected to the same network as the vms on the xenserver via WiFi and conduct my attacks from there on vms.... Quote Link to comment Share on other sites More sharing options...
0phoi5 Posted December 31, 2015 Share Posted December 31, 2015 SudOnick, I noticed you mentioned a Kali vm? Assuming Kali is your attacker machine, why would you need a virtual one? I hope I'm being clear, my idea is to have a real Kali laptop connected to the same network as the vms on the xenserver via WiFi and conduct my attacks from there on vms.... It's probably recommended to learn how to hack your own OS, based on the facts that; a.) You can better understand how to protect yourself from getting hacked b.) You can use Kali's tools to better understand how your attacks show up against a target system c.) You could potentially retaliate against someone who tries to attack you, as they are most-likely using Kali or similar Quote Link to comment Share on other sites More sharing options...
Onus Posted December 31, 2015 Author Share Posted December 31, 2015 Of course.. I'm just trying to insure I can use a real machine to attack vms on xen, as the language for the different network types makes it sound like they can only talk to other vms on the xenserver Quote Link to comment Share on other sites More sharing options...
Onus Posted December 31, 2015 Author Share Posted December 31, 2015 Anyway, back to the second part of my question.. Anyone have an idea if the kangaroo can be used? Quote Link to comment Share on other sites More sharing options...
sud0nick Posted December 31, 2015 Share Posted December 31, 2015 SudOnick, I noticed you mentioned a Kali vm? Assuming Kali is your attacker machine, why would you need a virtual one? I hope I'm being clear, my idea is to have a real Kali laptop connected to the same network as the vms on the xenserver via WiFi and conduct my attacks from there on vms.... I have a Kali VM because I haven't found the perfect hardware on which I want to permanently run Kali. As I stated before, VMs function as normal systems on your network. It doesn't matter if you use a virtual one or physical hardware. I can use my Kali VM to attack physical systems on my network and vice versa. Of course.. I'm just trying to insure I can use a real machine to attack vms on xen, as the language for the different network types makes it sound like they can only talk to other vms on the xenserver I think you need to learn how networks work. VMs and physical machines can talk to each other as long as they are on the same network. There is nothing special about a network between VMs on a Xenserver or ESXi host that states only the VMs to talk to each other and not physical systems. This functionality can be set up but it's through proper networking techniques. I hope I'm being clear that a network is a network regardless of the nodes connected on it. Quote Link to comment Share on other sites More sharing options...
Onus Posted December 31, 2015 Author Share Posted December 31, 2015 Lol I understand how networks work its just the networking setup on xenserver docs that is confusing to me.. I will learn.. Thanks.. FYI I did some research on the kangaroo and apparently it is not suitable for xenserver for two reasons, in case anyone else is wondering.. 1. The bios is very limited and according to their docs only supports windows 10, you can not boot from any other device / install any other OS 2. The processor does NOT support virtualization.. Short of it all, I pulled the trigger and ordered a nuc along with two 4g ddr3l ram chip and a Kingston Digital 120GB SSDNow V300 SATA 3 2.5 All for $250 .. Thanks again all Quote Link to comment Share on other sites More sharing options...
sud0nick Posted December 31, 2015 Share Posted December 31, 2015 Where'd you get all that for $250? I think mine cost me about $600 but I also got 16GB of RAM and a 250GB 850 Evo SSD. I'm assuming you got the i3 NUC? Quote Link to comment Share on other sites More sharing options...
Onus Posted December 31, 2015 Author Share Posted December 31, 2015 The nuc I ordered is this one:Intel NUC NUC5CPYH, 4K Support via HDMI, Intel HD Graphics, SATA3 for 2.5-Inch HDD/SSD BOXNUC5CPYH. Now I'm nervous, hope it does the trick Quote Link to comment Share on other sites More sharing options...
Karit Posted December 31, 2015 Share Posted December 31, 2015 (edited) My first thought is what exactly do you want to run on the xenserver to make a hack lab? For beginning the single VM/iso from https://pentesterlab.com/ are really good. They just run fine on your desktop just need one at a time, so no need for a full server. I personally would start there. Save the money for now. Sure if want to get into more set up a xenserver so you can start making a full network to pivot through etc. Though maybe by that stage best to see if you can get a job with a Pen Test firm as then your client set up and manage the network for you :p You just need to identify the issues. Edited December 31, 2015 by Karit Quote Link to comment Share on other sites More sharing options...
sud0nick Posted December 31, 2015 Share Posted December 31, 2015 The nuc I ordered is this one:Intel NUC NUC5CPYH, 4K Support via HDMI, Intel HD Graphics, SATA3 for 2.5-Inch HDD/SSD BOXNUC5CPYH. Now I'm nervous, hope it does the trick No need to be nervous it should do everything you need. You're going to be a little more limited than I am in the number of VM's you can run at once but for a small lab you should be fine, you can expand later. For a while I used my desktop but as my lab environment became more complex I hated that I had to shut everything down every time I put my computer to sleep. Using the NUC means I can keep my systems online as long as I want. I just like having them detached from my desktop. Quote Link to comment Share on other sites More sharing options...
Onus Posted January 2, 2016 Author Share Posted January 2, 2016 No need to be nervous it should do everything you need. You're going to be a little more limited than I am in the number of VM's you can run at once but for a small lab you should be fine, you can expand later. For a while I used my desktop but as my lab environment became more complex I hated that I had to shut everything down every time I put my computer to sleep. Using the NUC means I can keep my systems online as long as I want. I just like having them detached from my deskt Do any iso's come with xenserver? I of course would like windows xp - windows 10 VMs but right now the only iso's i have in my lib are a few select free linux iso's.. any recommendations on where to find a few windows and mac isos? Quote Link to comment Share on other sites More sharing options...
sud0nick Posted January 2, 2016 Share Posted January 2, 2016 (edited) I've never used xenserver but I'm sure it doesn't come with any ISO's. I hear you can find many different kinds on the high seas if you catch my drift. Edit: you probably won't be able to run OS X in your virtual environment. It needs Apple hardware or significant modifications to the hardware you're using. I know people have built hackintosh systems but I'm not sure if it can be done easily with a virtual environment. Edited January 2, 2016 by sud0nick Quote Link to comment Share on other sites More sharing options...
Onus Posted January 2, 2016 Author Share Posted January 2, 2016 I catch your drift though I am too skeptical to download anything from the high seas, would love some help finding some windows vm isos.. Pretty pretty please Quote Link to comment Share on other sites More sharing options...
sud0nick Posted January 2, 2016 Share Posted January 2, 2016 You could always try Windows evaluation ISOs. They work exactly the same as a regular copy and you can still use them even after the evaluation ends. This link will get you Windows 8, 8.1, and 10. As for Windows 7 and earlier you will probably have to set sail or ask a friend. Quote Link to comment Share on other sites More sharing options...
Onus Posted January 2, 2016 Author Share Posted January 2, 2016 Should I send the friend request now? Quote Link to comment Share on other sites More sharing options...
Onus Posted January 3, 2016 Author Share Posted January 3, 2016 ok so right now i have a few isos in my lib. :: subuntu kali 1 & 2, windows xp, 7, 8, & 10 does anyone have any other vm suggestions for noob like myself .. wondering if there are a typical things i can virtualize in my lab, like smart phones, printers, maybe some common consumer media servers and such that might be fun to attack Quote Link to comment Share on other sites More sharing options...
phpsystems Posted January 3, 2016 Share Posted January 3, 2016 Have a look here: https:/vulnhub.com/ Mostly linux vms, but interesting range of challenges. Quote Link to comment Share on other sites More sharing options...
DoubleY82 Posted January 4, 2016 Share Posted January 4, 2016 Thanks for the information. I've been researching for the past 2 days about making a PenTest Lab. Thanks again Quote Link to comment Share on other sites More sharing options...
d3cryption Posted May 29, 2016 Share Posted May 29, 2016 Great Thread.. Lots of information in here.. Quote Link to comment Share on other sites More sharing options...
a3rd Posted May 31, 2016 Share Posted May 31, 2016 Onus, I got the same NUC running in my pen test lab. I have 16GB ram and it runs four instances Win2k8 no problems. Did you ever find windows iso online? I am trying to find some vulnhub type of labs running on windows. do they exist? Quote Link to comment Share on other sites More sharing options...
kerravon Posted June 1, 2016 Share Posted June 1, 2016 On 12/31/2015 at 5:45 PM, sud0nick said: I have a Kali VM because I haven't found the perfect hardware on which I want to permanently run Kali. As I stated before, VMs function as normal systems on your network. It doesn't matter if you use a virtual one or physical hardware. I can use my Kali VM to attack physical systems on my network and vice versa. I think you need to learn how networks work. VMs and physical machines can talk to each other as long as they are on the same network. There is nothing special about a network between VMs on a Xenserver or ESXi host that states only the VMs to talk to each other and not physical systems. This functionality can be set up but it's through proper networking techniques. I hope I'm being clear that a network is a network regardless of the nodes connected on it. I run my kali on a i5 laptop with 16GB memory and a ssd drive, runs really well, nut I also use a kali vm as well. as for vunerable platforms, there are plenty to download around the net just google them. the hacme bank from mcafee is a great series of machines to hack. But there is no point if you cant hack your own machine first, slowly, slowly catchy monkey. kerravon BTW my hacking/pentest lab will be available on the internet soon. Quote Link to comment Share on other sites More sharing options...
Captain Posted June 1, 2016 Share Posted June 1, 2016 For what it's worth, I'm a huge fan of virtualized labs. As a profession I run cloud computing platforms which lends me access to more commercial level environments. But for my home, I run a pretty beefy laptop with VMware workstation (free license as part of my VCP certifications). I run a slew of "vulnerable" systems, and can even do network segregation without ever leaving the TCP stack of the laptop itself also, another REALLY useful tool is booting from flash drives. Having a few different distro's on cheap USB keys can make a cheap laptop a Swiss army tool of sorts for at home lab work. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.