Network & Security Home Lab:

banner

in progress June 24, 2024

Part 5 - Cyber Range setup

VM 1: Metasploitable 2

For the Metasploitable 2 download,

Go to: Metasploitable: 2 ~ VulnHub

You will have to open the .ZIP and look for the .vmdk to extract. It will be the largest file in the folder, and you should extract it to the same directory of your choosing.

Image Ref. (click me!)

vbox101

Creating the Metasploitable 2.0 VM

  • Launch VirtualBox. Then click on New from the toolbar.

  • Input the name as “Metasploitable 2.0”, and make sure that the Folder location is set where the rest of the VMs for the Home Lab are going to be saved.

Leave the ISO Image option empty.

  • Select the Linux Debian (64 bit) as shown below and then click on Next.
Image Ref. (click me!)

vbox102

On the next page,

  • Reduce the Memory to 1024MB and click on Next.
Image Ref. (click me!)

vbox103

Next, Select “Do Not Add a Virtual Hard Disk” and click on Next.

Image Ref. (click me!)

vbox104

The .vmdk file we downloaded is the Hard Disk, so no need to create one. All we have to do is attach it.

  • Confirm that everything looks correct and click on Finish.
Image Ref. (click me!)

vbox105

  • You will get a Warning as shown in the below image. Ignore it and click on Continue.
Image Ref. (click me!)

vbox106

Adding VM to Group

Right-click on the Metasploitable VM. Select Move to Group -> [New].

Right-click on the group that is created and select Rename Group. Call the group Cyber Range.

Image Ref. (click me!)

vbox107

  • The output should look as follows:

vbox108

Right-click on the Cyber Range group and select Move to Group -> Home Lab.

  • The final output should look as follows:

vbox109

Configuring the VM

Select the Metasploitable 2.0 from the sidebar and then from the toolbar click on Settings.

Go to Storage and select Controller: SATA then click on the small “Add Hard Disk” icon on the right.

Image Ref. (click me!)

vbox110

This will open the Hard Disk Selector menu.

Click on Add and then select the .vmdk file. Then click on the Open button to use the Hard Drive.

If done correctly under Controller: SATA the Hard Disk will be visible.

vbox111

Go to System -> Motherboard. For Boot Order ensure that the Hard Disk is on the top followed by Optical. Disable Floppy.

Image Ref. (click me!)

vbox112

Go to Network -> Adapter 1. Change the Attacked to field to Internal Network and in Name select LAN 1. Click on OK to save the changes.

Image Ref. (click me!)

vbox113

Testing Connectivity

From the sidebar select Metasploitable 2 and then click on Start.

Once the VM boots use the following credentials to log in.

Username: msfadmin
Password: msfadmin
Image Ref. (click me!)

vbox114

After login use the following command to check if we have an IP address:

ip a l eth0
Image Ref. (click me!)

vbox115

vbox118

  • We can see that we have been assigned the IP 10.6.6.11 (IP may be different) which we know is inside the DHCP address range for the CYBER_RANGE interface.

We can ping Google to test if we have an Internet connection.

ping google.com -c 5
Image Ref. (click me!)

vbox116

Pinging Metasploitable 2.0 -> Parrot

VM 2: Chronos

For the Chronos download

Go to : Chronos: 1 ~ VulnHub

The downloaded file will be another .ova file.

Move the .ova to the same directory we were using before.

vbox119

Creating the VM

From the VirtualBox sidebar select the Cyber Range group, then File -> Import.

vbox120

From the Import screen select the icon, select the .ova and hit Next.

vbox121

From the next menu, we can change some of the configuration. You can change the name as you like. For MAC Address Policy ensure that Generate new MAC addresses for all network adapters is selected. If everything looks right click on Finish.

vbox122

Importing can take a little while.

Adding VM to Group

Once the import is finished, right-click on the VM and then select Move to Group -> Home Lab/Cyber Range.

or

Drag it into the Cyber range group

The result result will be as follows:

vbox123

Configuring the VM

Select the Chronos VM, then Settings.

Go to System -> Motherboard. For Boot Order ensure that Hard Disk is on the top followed by Optical. Disable Floppy.

vbox124

Go to Network -> Adapter 1. For the Attached to field select Internal Network, for name select LAN 1. Expand the Advanced settings option. From Adapter Type select Paravirtualized Network (virtio-net). Click OK to save the changes.

vbox125

Testing Connectivity

Select the Chronos VM and from the toolbar select Start. Once the VM starts we should see the login screen. The credentials for this machine are not known so we cannot log in and check if it has been assigned an IP address.

On the Kali Linux VM open the pfSense Web Portal. From the navigation bar select Status -> DHCP Leases.

vbox126

Under the Leases section, there should be an entry for Chronos. We can see that it has been assigned the IP 10.6.6.12.

Adapter Type Selection You would have noticed that for the Metasploitable 2 VM we did not chose Paravirtualized Network. This VM is quite old and does not work properly on that Adapter. Windows VMs also don’t work on Paravirtualized Network Adapter. From a performance point of view Paravirtualized Network is the better choice. We don’t have a way to know in advance if a Linux VM will work on the Adapter. So what I recommend is to first select Paravirtualized Network booting up the VM and check if the network is working properly if not shutdown the VM and select a different Adapter.

In the next module, we will begin configuring the Active Directory Lab.

Home Lab Part 6