ITU Ethical Hacking Lab Setup Guide Use this setup guide to prepare your lab environment for the Ethical Hacking course activities. Host Hardware Checklist Your computer can be a laptop or desktop. It should meet the following minimum requirements: Intel Core i5 3.2 GHz 64-bit CPU or better (multiple cores is preferred) 16 GB RAM (32 GB or more is recommended) 200 GB free disk space, 7200 RPM or faster drive (SSD is preferred) DVD drive 1 Ethernet network adapter 17” LC monitor Mouse, sound card Internet access Wireless network adapter (built-in or USB) Operating System Checklist You will use the following operating systems: Kali 2018.3 VM 64 Bit 7z o https://images.offensive-security.com/virtual-images/kali-linux-2018.3-vm-amd64.7z Windows Server 2016 ISO (licensed or evaluation) o https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2016 Windows Server 2012 R2 ISO (licensed or evaluation) o https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2012-r2 Windows 8.1 64-bit ISO - be SURE to select 64-bit! o https://www.microsoft.com/en-us/software-download/windows8ISO Ubuntu 16.04.3 Desktop 64bit ISO o http://old-releases.ubuntu.com/releases/16.04.3/ubuntu-16.04.3-desktop-amd64.iso Metasploitable 2 o https://sourceforge.net/projects/metasploitable/files/Metasploitable2/ Support Tools: You will need the following support software: VMWare Workstation 15 Player for Windows (alternatively, VMWare Workstation Pro or Oracle Virtual Box) o https://www.vmware.com/products/workstation-player/workstation-player- evaluation.html 7zip for 64-bit Windows o https://www.7-zip.org/a/7z1805-x64.exe Opera Browser for Windows o https://www.opera.com/computer/thanks?ni=stable&os=windows
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
ITU Ethical Hacking Lab Setup Guide Use this setup guide to prepare your lab environment for the Ethical Hacking course activities.
Host Hardware Checklist Your computer can be a laptop or desktop. It should meet the following minimum requirements:
Intel Core i5 3.2 GHz 64-bit CPU or better (multiple cores is preferred)
16 GB RAM (32 GB or more is recommended)
200 GB free disk space, 7200 RPM or faster drive (SSD is preferred)
DVD drive
1 Ethernet network adapter
17” LC monitor
Mouse, sound card
Internet access
Wireless network adapter (built-in or USB)
Operating System Checklist You will use the following operating systems:
Kali 2018.3 VM 64 Bit 7z
o https://images.offensive-security.com/virtual-images/kali-linux-2018.3-vm-amd64.7z
Windows Server 2016 ISO (licensed or evaluation)
o https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2016
Windows Server 2012 R2 ISO (licensed or evaluation)
o https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2012-r2
Windows 8.1 64-bit ISO - be SURE to select 64-bit!
o https://www.microsoft.com/en-us/software-download/windows8ISO
Ubuntu 16.04.3 Desktop 64bit ISO
o http://old-releases.ubuntu.com/releases/16.04.3/ubuntu-16.04.3-desktop-amd64.iso
Metasploitable 2
o https://sourceforge.net/projects/metasploitable/files/Metasploitable2/
Support Tools: You will need the following support software:
VMWare Workstation 15 Player for Windows (alternatively, VMWare Workstation Pro or Oracle
Virtual Box)
o https://www.vmware.com/products/workstation-player/workstation-player-
evaluation.html
7zip for 64-bit Windows
o https://www.7-zip.org/a/7z1805-x64.exe
Opera Browser for Windows
o https://www.opera.com/computer/thanks?ni=stable&os=windows
6. In the Policy pane on the right, double-click Enforce password history.
7. In the Do not keep password history field, change the setting to 0 and click OK.
8. Similarly, set the Maximum and Minimum password age to 0.
9. Set the Minimum password length to 4 characters.
10. Set the Password must meet complexity requirements to Disabled.
11. Set the Store passwords using reversible encryption to Enabled.
12. Close the Group Policy Management Editor.
Add Domain Users 1. Return to Server Manager.
2. In Server Manager Dashboard, on the left side navigation pane, click AD DS.
3. In the SERVERS middle pane, right-click SERVER2012R2 Active Directory Users and
Computers.
4. Expand example.com, then right-click UsersNewUser.
5. Create a user named Joe Smith, with a user logon name of joe.
6. Click Next.
7. On the next page, set Joe’s password to Pa22word
8. Unckeck the User must change password at next logon checkbox
9. Click Next.
10. Click Finish.
11. In the Users container, verify that you see Joe Smith.
12. Similarly, create the following users and passwords . Make sure that they do NOT need to
change their password at next logon:
Sally Storm / apple
Moo Dharma / password
Sue Waters / letmein
Bwalya Banda / hello
Mannie Nsofwa / Password!
Add Joe, Sally, and Moo to the Domain Admins and Administrators Groups 1. In Active Directory Users and Computers, in the Users container, locate and right-click Domain
AdminsProperties.
2. In the Domain Admins Properites sheet, click the Members tab.
3. In the Members tab, click the Add button.
4. In the Enter the object names to select text box, enter Joe and click OK.
5. Ensure that you see Joe Smith as a member.
6. Similarly, add Sally and Moo.
7. Verify that you see Joe, Moo, and Sally in the Members tab.
8. Click OK.
9. In the left pane under example.com, locate and click the Builtin container.
10. Locate and double-click the Administrators group.
11. Using the technique you just learned, add Joe, Moo, and Sally to Members.
12. Close Active Directory Users and Computers.
Add DNS Records 1. Return to Server Manager Dashboard.
2. On the left pane, locate and click DNS.
3. In the Servers middle pane, right-click SERVER2012R2DNS Manager.
6. In the New Host popup dialog box, in the Name field, enter www
7. In the IP address field, enter the IP address of Server 2012.
8. Click Add Host.
9. Click OK.
10. Similarly, add an A record for mail with the IP address 192.168.75.250.
11. Click Done.
12. Right-click example.comNew Alias (CNAME).
13. In the Alias name field, enter ftp
14. In the Fully qualified domain name (FQDN) for target host: field, enter www.example.com
15. Click OK.
16. Verify that your example.com DNS records look similar to this:
17. Close DNS Manager.
Configure WWW to Require Basic Authentication 1. In Server Manager, at the top right, click ToolsInternet Information Services (IIS) Manager.
2. In the IIS manager popup window, under Start Page, expand SERVER2012R2 (local computer). If
prompted by a popup window, click No.
3. Expand Sites.
4. Click Default Web Site.
5. In the Default Web Site Home, scroll down and in the IIS section locate and double-click
Authentication.
6. Right-click Anonymous AuthenticationDisable.
7. Right-click Basic AuthenticationEnable.
8. In the Actions pane on the right, under Manage Server, click Restart.
9. Close IIS Manager.
Disable the Firewall and Windows Updates 1. Click the Start button and enter Command Prompt.
2. Right-click Command Prompt Run as administrator. When prompted by User Account
Control, click Yes.
3. Type this command and press enter:
netsh advfirewall set allprofiles state off
4. Enter sconfig
5. Enter 5
6. Enter M
7. When the Update Settings popup window appears, click OK.
8. Close the command prompt.
Configure SNMP 1. At the Desktop, in the lower left corner, click Start.
2. On the Start page, click the Administrative tools tile.
3. In Administrative Tools, scroll down and double-click Services.
4. In Services, scroll down, locate, and double-click SNMP Service.
5. In SNMP Service Properties, click the Security tab.
6. In the Security tab, under Accepted community names, click Add.
7. Change the Community rights: dropdown list to READ WRITE.
8. In the Community Name field, enter public and click Add.
9. In the Security tab, click the Accept SNMP packets from any host radio button.
10. Ensure that your settings look like the following and click OK.
11. Close Services.
12. Close Administrative Tools.
Enable Remote Desktop Connections 1. At the desktop, if necessary launch Server Manager.
2. On the left pane, click Local Server.
3. In the PROPERTIES middle pane, ensure that Remote Desktop is set to Enabled.
4. Close Server Manager.
Install Vmware Tools on the Guest Use a similar method that you used with Server 2016, install the VMware tools on Server 2012.
1. Ensure that you are logged into Server 2012.
2. In Vmware Player, click Player ManageInstall Vmware Tools.
3. In Server 2012, on the taskbar on the left, click File Explorer (folder icon)
4. Verify that you see DVD Drive (D:) Vmware Tools, and double-click it
5. When the Vmware Tools Setup wizard appears, click Next, Next, Install.
6. When the wizard is through, click Finish.
7. When prompted to restart, click Yes.
Shut Down Server 2012 R2 1. Make sure you are logged in as Example\administrator with the password of P@ssw0rd
2. At the desktop, move your mouse into the far lowest right corner until the Charms Bar appears.
3. Click Settings (gear icon).
4. Click PowerShut DownContinue.
Create the Windows 8.1 VM
End Result You have a Windows 8.1 x64 Guest VM with the following features:
Disk = Default size
2048 MB (2 GB) RAM
Name = Windows8
User = Admin
Password = Pa$$w0rd
Ethernet0 IP Address = 192.168.75.8 (Your subnet ID might be different)
Subnet Mask = 255.255.255.0
Default Gateway =192.168.75.2
Preferred DNS = 8.8.8.8
Installed software:
o Google Chrome browser
Windows Firewall off
Windows Update off
VMware Tools installed
Install the Operating System 1. Create a Windows 8.1 VM using the same method you used to install the other Windows VMs.
Be sure to configure:
a. Windows 8.x x64 as the guest operating system
b. PC name = Windows8
c. Express Settings
d. Sign in without a Microsoft account
e. Local account
f. User name = admin
g. Password = Pa$$w0rd
h. Password hint = standard lab password
2. When the installation is complete, click the Desktop tile
Change the Computer Name You should not need to change the computer name in Windows8, but in case you wish to, use these
steps:
1. On the desktop, move your mouse to the lowest left corner of the task bar to display and click
the Start thumbnail
2. On the Start page (with the app tiles), start typing Control Panel
3. When the Control Panel app appears, click it
4. Click System and Security
5. Under System, click See the name of this computer
6. Under Computer name, domain, and workgroup settings, click Change settings
7. In the System Properties dialog box, on the Computer Name tab, click the Change… button
8. Change the computer name to Windows8, click OK twice, and when prompted restart the VM.
Hard-Code the IP Address 1. Locate and right-click the network icon in the lower right on the task bar Open Network and
Sharing Center
2. Click Change adapter settings
3. Using the same method that you used for Windows 10 and the servers, change the IP settings
to:
a. Address = 192.168.75.8
b. Subnet Mask = 255.255.255.0
c. Default Gateway = 192.168.75.2
d. DNS = 8.8.8.8, 8.8.4.4
Install Google Chrome Browser 1. Download and install the Google Chrome Browser.
Turn off Windows Firewall 1. On the desktop, move your mouse down to the far lower left corner to reveal the Start tile.
2. Click the Start tile.
3. On the Start page, start typing Control Panel (you do not have to click anything).
4. When Control Panel appears, click it.
5. Click System and Security.
6. Click Windows Firewall.
7. Click Turn Windows Firewall on or off.
8. Under Customize settings for each type of network, click the Turn off Windows Firewall (not
recommended) radio button for both Private network settings and Public network settings.
9. Click OK.
10. On the breadcrumb trail at the top of the window, click System and Security.
Disable Windows Update 1. In the Control PanelSystem and Security, under Windows Update, click Turn automatic
updating on or off.
2. Under Choose your Windows Update settings, under Important updates, click the dropdown
list and select Never check for updates (not recommended).
3. Click OK.
4. Close the Control Panel.
Install Vmware Tools on the Guest 1. Using a similar method that you used with the servers, install the VMware tools on Windows
8.1.
Shut Down Windows 8.1 1. At the desktop, move your mouse into the farthest lower right corner until the Charms Bar
appears.
2. Click Settings (gear icon).
3. Click Power->Shutdown.
Open the Kali Linux 2018.3 VM
End Result You will have a Kali Linux 2018.3 Guest VM with the following features:
Default disk size
2048 MB (2 GB) RAM
Hostname = Kali
Username = root
Password = toor
Software installed:
o Thunderbird Email Client
Open the Virtual Machine 1. Locate the downloaded zipped virtual machine file.
2. Use 7-zip to unzip the VM to a folder called “Kali”.
3. Double-click the VMware Workstation 15 Player launcher.
4. Click Open a Virtual Machine.
5. Browse into the Kali folder.
6. Select Kali-Linux-2018.3-vm-amd64.vmx and click Open.
7. Start the Kali VM.
8. When the splash screen appears, click anwhere inside it and then press the spacebar on your
keyboard. Alternatively, click and drag the bottom of the screen up. The splash screen should
lift, revealing the login page.
9. At the login page, log in as root with the password of toor
Install Thunderbird 1. Ensure that Server2016 is running, as this is the email server.
2. Ensure that you know the IP address of Server2016.
3. Open an terminal and enter:
apt install thunderbird
4. If prompted during install, press Y
5. Launch Thunderbird. At the top left, above the Desktop, click ApplicationsUsual
ApplicationsInternetThunderbird.
Alternatively, on the left pane Favorites Launcher bar, click the terminal icon to open a
terminal, type thunderbird and press Enter. (Note: if you use this method, do not close the
terminal window until you are ready to close Thunderbird!)
6. Set up Thunderbird for the user Moo using the same method you used in Server2016.
Shut Down Kali 1. Make sure you are logged in as root / toor.
2. In the upper right corner above the desktop, click the power button icon.
3. In the dropdown box, click the power button icon again.
4. When prompted, select Power Off.
Open the Metasploitable Virtual Machine
Open the Virtual Machine 1. Locate the downloaded zipped virtual machine file. It will be named something like
metasploitable-linux-2.0.0.zip.
2. Unzip the zip file to a folder called “Metasploitable”.
3. Double-click the VMware Workstation 15 Player launcher.
4. Click Open a Virtual Machine.
5. Browse into the Metasploitable folder.
6. Select Metasploitable.vmx and click Open.
7. Start the Metasploitable VM.
8. Log on as msfadmin with the password of msfadmin
9. There will be no GUI. You will not perform any configuration. To find out your DHCP-provided IP
address, enter ifconfig
Shut Down Metasploitable 1. Make sure you are logged in as msfadmin / msfadmin
2. Enter sudo init 0
3. When prompted, enter the password msfadmin
4. All the shutdown to proceed. When the last message says “System halted”, press Ctrl+Alt to
release your mouse.
5. In VMware Player, click PlayerPowerShut Down Guest.
6. When prompted, click Yes.
Create the Ubuntu 16.04.5 VM
End Result You have an Ubuntu 16.04.5 LTS 64-bit Desktop Guest VM installed with the following features:
Disk size 20 GB
2048 MB (2 GB) RAM
Hostname = Ubuntu
Username = ubuntu
Password = toor
Installed software:
o Thunderbird Email Client
Install the Operating System 1. If necessary, launch VMware Workstation 15 Player.
2. Click Create a New Virtual Machine.
3. Select Installer disc image file (iso), browse to and select the Ubuntu ISO, and click Open.
4. Click Next.
5. Select the Linux radio button, and ensure that in the Version dropdown box, Ubuntu 64-bit is
selected.
6. Click Next.
7. On the Easy Install Information page, enter the following:
Full name: Student
User name: ubuntu
Password: toor
Confirm: toor
8. Click Next twice.
9. Select Store virtual disk as a single file, and click Next.
10. Click Finish.
11. Allow the installation to finish.
Test the Installation 1. Log into Ubuntu as the user ubuntu with the password toor
2. On the desktop, in the upper left corner, click the Search your computer icon and
type terminal
3. When the terminal icon appears, click it.
4. In the terminal window, enter ifconfig
5. Identify the name of the Ethernet interface. It is probably ens33 or something similar.
6. Identify the IP address assigned to the Ethernet interface.
Install Thunderbird 1. Using the same procedure that you used in Kali, open and terminal and install and configure the
Thunderbird email client for the user Moo.
Shut Down Ubuntu 1. Make sure you are logged in as ubuntu / toor.
2. In the upper right corner above the desktop, click the gear icon.
3. In the dropdown menu, click Shut Down…
4. When prompted, click Shut Down.
Make Backup Copies of All Virtual Machines 1. If necessary, log into and shut down all of the virtual machines.
2. Locate the folder on your host where the VMs have been installed. If you performed a default
installation, they are likely to be in this location:
C:\Users\<your user name>\Documents\Virtual Machines\
3. Copy all of the VMs to a disk with sufficient space, such as an external hard drive. If you have
enough space on your C: drive, that would be preferred.
Troubleshooting Here are some troubleshooting steps you can use if you encounter specific difficulties during setup.
Mouse trapped in VMware If your mouse gets trapped in a VMware virtual machine, press Ctrl+Alt to release it
Chrome and Internet Explorer Refuse to Download Hacking Tools Even with your antivirus program turned off, Google Chrome and Microsoft Internet Explorer may refuse
to download some of these hacking tools, especially LOIC and HOIC. If this happens, use Opera.
Uninstalling Hyper-V Microsoft Hyper-V is not compatible with other virtualization products such as VMware or VirtualBox.
Additionally, when you uninstall Hyper-V, it will still leave an artifact of itself in the computer’s boot
record which you will need to remove manually.
If you uninstall Hyper-V and you still get an error message when you try to launch VMware Workstation
Player, perform this task:
1. Open a command prompt in administrator mode
2. Enter the following command:
bcdedit /set hypervisorlaunchtype off
3. Reboot the computer.
Specifying the Alternate Source Path When Installing Windows Roles Although Windows loads most source files onto the hard drive during installation, to save space some
are left on the source DVD. When installing some of the less popular features, such as .NET 3.5, you
might have to point to that DVD as an alternate source during installation.
1. As you specify roles and features, if you are prompted “Do you need to specify an alternate
path?...” click the Specify an alternate source path link at the bottom of the page.
2. Leave the installation windows open. Temporarily navigate to the Task Bar and click the File
Explorer icon at the bottom. In the This PC popup window, identify the drive letter for the DVD
Drive. It is most likely D: Ensure that the ISO you connected to the VM (to install the server)
appears as a DVD.
3. Return to the Add Roles and Features window.
4. In the Path: text box, enter D:\Sources\sxs\
5. Note: If your DVD is some other drive letter, substitute D with that letter.
6. Click OK, Next, or Install as prompted
Drag and Drop Between Host and Guests Does Not Work If you installed VMware tools on your Guest VMs, you should be able to drag and drop between your
host and the Guest (at least Windows guests). If this does not work, then use any of these alternate
methods to move the files:
Use a USB Removable Drive to Move the Files 1. Plug a USB removable drive into your host.
2. If a popup message appears asking you to choose where you would like to connect the disk,
select Connect to the host and click OK.
3. Copy the necessary files for that activity from C:\Hacking onto the USB drive. If you have enough
space, copy the entire folder to the drive.
4. Switch to VMware Player for whichever VM needs the tools.
5. Click PlayerRemovable Devices<name of the disk>Connect (disconnect from host).
6. Click OK.
7. In the guest VM, in the File Explorer, check to make sure the drive appears.
8. Proceed to copy the files to the guest desktop.
Share the C:\Hacking Tools Folder 1. On your host, navigate to C:
2. Right-click Hacking ToolsProperties
3. Click the Sharing tab
4. Click the Advanced Sharing button
5. In the Advanced Sharing dialog box, click the Share this folder checkbox.
6. Click the Permissions button
7. In the Group or user names box, ensure that Everyone appears and is selected.
8. In the Allow column, click the Full Control checkbox.
9. Click OK twice.
10. Click the Security tab
11. Click the Edit button
12. Click the Add button
13. In the Enter the object names to select text box, type everyone and press Enter.
14. Back in the Security tab, ensure that Everyone is selected.
15. In the Allow column, click Full control.
16. Click OK.
17. Click Close.
18. Open a command prompt and enter ipconfig
19. Scroll through the results and look for the Ethernet adapter VMware Network Adapter Vmnet8.
This is the interface the host uses to connect with the guests. Make note of the IP address.
20. Switch to the VM that needs the tools and log in.
21. Click StartRun
22. At the Run line, enter the IP address you discovered in Step 19 Precede it with \\. For example:
\\192.168.75.1
23. Click OK.
24. In the Windows Security popup dialog box, enter the username and password for your HOST.
25. Locate Hacking Tools share and double click it to open it.
26. Copy the tools to the guest.
Create an ISO from C:\Hacking and Use the ISO to Move the Files 1. On your host, download a copy of Folder2Iso from here: