Building a Virtual Lab with VirtualBox for Penetration Testing

Video Statistics and Information

Video
Captions Word Cloud
Captions
hello again as you know I am Eli the computer guy in today's class is building a virtual computer lab with VirtualBox for penetration testing and hacking tests so today we are going to be talking about the configurations you need if you are going to be using VirtualBox to create a virtual environment in order to do penetration testing and to muck around and play with hacking so basically whenever you're going to be doing anything in the computer world really in order to understand what you're doing is you need to sit down with physical equipment and actually play with things you need to play with it you need to break it you need to futz around with it you need to mess with configurations just like if you were building a Windows 2012 server network you need the same kind of lab if you are going to be doing hacking and penetration tests now this is the modern day and aid and so now we don't need to use individual physical computers in order to create our labs we can just have one very powerful system put some kind of virtualization software on that system create numerous virtual computers and then have those virtual computers attack each other all in one little box so back in the day you know back in back in 2009 if you were going to be doing all of these tests you may have 5 or 6 or 10 physical computers all set up in a network and then you'd have them attack each other now we can just have one very powerful desktop computer have ten instances of operating systems on that desktop computer and have those instances attack each other it's good for power consumption it's good because you don't have to waste a lot of desk space it's just good and it's the modern way of doing so when I am showing you these tests nowadays when I'm showing you these classes I use a piece of software called VirtualBox a VirtualBox uh originally was was owned by Sun Microsystems it's now owned by Oracle why I like VirtualBox is it still open source it's still free and it's one of the best pieces of virtualization software that works across all of the different platforms so you can install VirtualBox onto windows onto Linux onto Mac and it will work not only that but you can install operating systems into the instances and they all work very well so things like other types of virtualization software such as Virtual PC it works very well for creating Windows instances of operating systems but not always so good with creating Linux instances of operating systems with VirtualBox it's just a very very solid product that happens to be free and therefore there there there forward we're going to use it now in this class today again this is a hacking class and as I've kept saying with these hacking classes this isn't in it this is an intermediate level track of Education so I'm going to go through and I'm going to explain some things today but the things that I am explaining assume take for granted that you already understand computers you can already install an operating system you understand tcp/ip you understand networking basically that you are not a newbie if you are a complete and utter newbie feel free to watch this entire video but just realize you may not know what the hell's going on and if that's the case go watch my other networking and operating system classes to figure out what's going on so we're just we're just going to go through this today rather quickly at a little higher level just so you know I don't bore all the all the people that have a little bit experience out there the other reason again with his hacking classes is I'm a bit I'm a bit mean with being intermediate with all these classes and not not not holding your hand through them because again as I've explained before hacking is a real skill set hacking is something that can really really really get you in trouble if you do something dumb so if you don't understand what I am talking about today you don't need to be hacking at all I mean that's that's really how it is if you don't you don't really understand what I'm talking about today then you have no business hacking because if you do start trying to try to hack it's just gonna be bad either you're gonna hack your own stuff or client stuff and you're going to destroy it or you're going to try to nefariously hack something and you're going to get a knock on the door and it's all just gonna be bad from there so if you don't understand what I'm talking about today justjust stay away from it so we are using VirtualBox I'm gonna be showing you this using VirtualBox again because it's open source and free now the first question then is is what kind of hardware should you use if you are going to be creating a lab environment like like like I have you know how much does it cost what should you be looking at well what I did is I just went out frankly to Best Buy I know I know I know I'm gonna get a lot of I get a lot of crap from that but I don't have a problem with going to Best Buy I buy a lot of crap at Best Buy why because you know the government needs my tax money to pay for schools and all that but basically I went out to Best Buy and for like eight hundred and fifty dollars I got a very very very nice Seuss desk top a computer so what I was looking for with us a Seuss desktop computers we need a lot of RAM so we're gonna be doing virtualization we need a lot of RAM so if you're going to be creating a lab environment I would suggest you get 16 gigs of RAM that would be what I would suggest you that is what I purchased so this $850 computer had 16 gigs of RAM the other thing you want is a pretty powerful processor so this thing it's an i7 3.4 gigahertz processor so when we're going to be doing this virtualization really the most important things are the amount of RAM and the processor because all these operating systems require a certain amount of RAM and these modern operating systems can require a lot of just just to stay functional they may need they may need two gigs of RAM themselves so if you want to run five instances of operating systems that all need at least two gigs each that's ten gigs right there plus remember the host operating system needs RAM so let's put another two in so that's twelve gigs and that's just for that that's for the host and five instances of operating system so Ram is an important thing I would argue that you need 16 gigs of ram and anything you buy now is gonna be ddr3 and should be good speed and then also you need the processor again I would say the most important thing you need is the RAM because you need the RAM and for order for any of the software to actually function then right below that is the processor you can get away with less than an i7 3.4 gigahertz but I would get something pretty decent don't go any less than like an i5 just i7 get a decent processor because remember all of these ends different instances of operating system will need processing power so if you don't get a processor that's powerful enough well um the hard drive I got with this particular computer this computer desktop is a what I got was a 1 terabyte hard drive now that the hard drive is probably the least important about all the specifications but it is still something you should be thinking about I like the one terabyte hard drive because it's large because right if I want to store 20 or 30 or 40 or however many instances of operating systems on my lab computer well then I need actual physical space to do it and I know some of you guys are thinking well what if I get a smaller hard drive then I could have a USB external hard drive connected to my to the the computer I'm going to be creating my lab with well the issue is remember we're not we're not moving pictures we're not going to be taking pictures or a couple videos from the external hard drive and putting it on to the desktop we're going to be taking entire operating systems these things may be 30 or 40 or 50 or more gigs in size if you store those instances of operating systems on to something like external hard drive and then you kind of like move on back back and forth it's just going to be just going to be painful painful so what I did is I went with the one terabyte size just so I could store all that crap on the hard drive with a 7200 rpm hard drive it's good it's probably not as fast as a solid-state hard drive but it's fine from me because remember again whenever we are specking out a server for anything we have to be thinking about what the server is going to be used for so if we were dealing with something like a file server or a database server or something that's going to camera the hell out of the hard drive well then getting to something like a solid-state hard drive or a hybrid hard drive would be very important why because we're we're really pushing we're pushing and pulling data from the hard drive and if there's a bottleneck on the hard drive that's gonna slow everything down well well we have to be thinking about with these virtual computers that we're going to be creating really all that's happening is is we're starting them up they're going into RAM and then they're gonna have like a little bit of i/o they're gonna have a little bit of hard drive usage but they're not really gonna have a whole lot of hard drive usage so you don't really need the fastest hard drive in the world obviously if you've got money to burn hey go get a solid-state hard drive but if you don't have don't want to waste money just a simple 7200 rpm hard drive should work fine for you um so basically that's what I did I went to Best Buy 850 bucks got this Asus thing all good yeah I know I didn't build it myself but if though you are going to be using your computer for the computer lab the one thing that I will say is make sure whatever computer you get for the computer lab you have a hard wired network connection hardwired cat5 network connection whether it's a desktop you get a laptop I also have a laptop I use as a lot as a lab computer the reason being is sometimes with with the wireless cards and the virtual instances they don't always play nicely together and it kind of makes them fail and go boom so basically if you're going to be connecting these virtual computers out to the wider network you want to be able to do that with cat5 cable with a wired cable because otherwise you just might run into some some issues so I'm not going to go into actually installing VirtualBox basically you know you've got this very powerful computer whatever you decided whatever you decide you got this powerful computer you go to virtualbox.org you download VirtualBox you install it then you start creating your instances of the operating system now I'm going to talk about a couple of things just for you guys to think about when you are creating the instances of your operating system again I'm not actually going to show you how to do it this is an intermediate level class if you don't know how to create an instance of an operating system go take my previous Virtual Box class so basically when you're going to create the instance of your operating system you should be thinking about a couple things the first thing that you should be thinking about is how much RAM do you want to give the instance of the operating system so you know you're gonna create a 2012 server you create a linux server you're thinking oh my golly how much RAM am I gonna give this thing and so in the real world if you were buying a building a Linux server or 2012 server you might give it a lot of RAM right if I was building a real 2012 server I'd give it at least 8 gigs of RAM because in the real world I'm probably going to be hammering the hell out of a server and it is just easier to give that server a lot of RAM in the beginning and not have to worry about it in the future the problem is is when you're creating instances of these operating systems you've only got so much RAM to deal with right you've only got so much RAM so you've only got 16 gigs of ram on your lab computer you're using at least two for the hosts so you're down like 14 gigs so if you give each of your servers like 8 gigs of ram then you're only going to come out with like one and a half servers and that's not really a lab so when you're creating the instance of the operating system I would suggest you give the instances the minimum amount of RAM required so if you're if you're pulling up a 2012 server I would only give it two gigs of ram total if I was creating a Linux box let's say it'll bunt to desktop system I would only give it one gig of ram why because if I give that bond to bots only one gig of ram then i can have like 12 of those instances running they may not run the fastest but they will be able to run whereas if I give the Ubuntu box four gigs of RAM then I can only have like three instances running so if you're going to be creating these instances give the minimum required amount of RAM the reason is because that way you'll be able to have more of these instances running the thing that you have to remember is again RAM and resources that the server requires is based upon the load you will be putting on that server so again in the real world if you have a Windows 2012 server and it has 10,000 clients connecting to it it needs a lot of RAM it needs a lot of resources well this is your lab computer you're like hacking in your plane and you've got like five clients see what I'm saying like if you have a 2012 server that has five Active Directory clients it does not need nearly as many resources as an Active Directory server with 10,000 clients get what I'm saying so when you create these instances make the give them the minimum amount of RAM you can now as you should as you know if you've been playing around with VirtualBox basically if you gave it too much too little RAM and it doesn't work within settings you can go in later and actually increase the amount of RAM to play with there but you know I would say again if you're dealing with Windows operating systems give them two gigs ran at the most if you're dealing with Linux operating systems only give them one gig don't feel like you have to give you know your your Windows desktop instance six gigs of RAM it's it's not going to make the system you're your lab work any better and it's just going to eat up all the RAM the other things when you're creating the instances of the operating systems it's going to ask you in order to create a virtual hard drive now when you do this what I would suggest is that you always do dynamic allocation of hard drive space what this means is when you create a virtual hard drive you create a virtual hard drive one of two ways within VirtualBox one is you can create basically a static hard drive so you say I want hard drive size of this virtual computer to be 50 gigs 50 gigs right and so what the VirtualBox does is it then actually creates a block of storage on that hard drive that is 50 gigs in size so you say I want a hard drive size 50 gigs of virtual hard drive size 50 gigs and then all of a sudden 50 gigs is it is gone it's just used for that one instance so whether the computer is on whether the computer is off that 50 gigs is being used so even with a computer with one terabyte of storage that means I could only store let's say 20 mm not even 20 like 15 operating systems on this computer because it would all it all that storage space would be eaten up well with dynamic allocation what you can do is you can say I want the hard drive space size to be 50 gigs but the VirtualBox will only use as much hard drive space as the instance actually needs up until 50 gigs so if you create a hard drive that's a 50 gig hard drive and it's been dynamically allocated well you install the operating system the operating system leads 10 gigs and so only 10 gigs is being used and then you install some software on that instance and now it's using 12 gigs now it's using 15 gigs well with one of if that's what's going on I could have 50 of those instances on my computer because it's only using space as it needs it until it gets to that maximum size so if I'm creating a hard drives within these virtual instances I would say give them 50 gigs and make it dynamic allocation so it'll grow to that size I would say 50 gigs not 20 not 30 because especially when you're dealing with things like Windows operating systems man once you get done with all the updates and everything they can get really large really fast and with this dynamic allocation I just think 50 is probably about the best number you need um I know in order for everything to work out right so when you're dealing with these virtual machines make sure to give them a minimal amount of RAM and then the dynamic allocation the other thing that tell you is make sure to install the virtual box guest additions on to all of the operating system instances that you create so you create Windows 2012 instance you create a Linux instance you create a Windows 8 instance make sure to also install the VirtualBox guest additions so this is a little piece of software that gets installed and on to that instance but it allows it to commit that it allows the instance to communicate with VirtualBox in the host machine um better and it allows for additional functionality so if you want to be able to share files between the instance and the host machine you need these guest additions installed so make sure that you do install guest additions into every instance that you create so once you've got that set there's a there's a couple of things that you need to think about with how you're using VirtualBox that will become useful for the penetration and the hacking lab once you start playing with things so we're gonna be talking about cloning computers because you you want to be able to very easily clone an instance of an operating system basically copy an instance of an operating system so if you break one or then you can just delete that and go back to the original being able to share files and folders between the instance of the operating in stance and the host machine and network configurations so let's talk about the network configurations first so let's go over I've got my little of my little surface computer and let's go and transition to the surface computer so the first thing that we need to be thinking about is networking with VirtualBox and networking is very important from the hacking perspective because right now we are going to be doing hacking and so when we are doing hacking remember when we want to hack we want to hack other people we don't a want to get hacked ourselves and B we don't want to damage anything ourselves so this is going to be very important when we're thinking about networking and in regards to creating this virtual lab so when we do networking we can configure each instance of an operating system to do networking a one of a couple of different ways the first is NAT then we have what is called bridged and then we have what is called internal so these are the types of networks that we can have within our virtual lab so the first type of network configuration that we can have within our virtual lab is called neck basically this is a good old fashioned network address translation so what that does is you have the instances of your operating systems sitting on your VirtualBox host PC so all these instances are in here so you got a Windows instance and a Linux instance and a server instance and they are all sitting here they're there they're there networking and they're talking so when you do NAT essentially what NAT does is it creates a fake router or a virtual router that has DHCP allows DNS and basically it is like a router that can connect to the external network and out to the internet so with all of these different instances of operating systems if they are configured for NAT they will receive DHCP addresses from the VirtualBox server and what will happen is they will be able to communicate with each other or they'll be able to communicate through this virtual router out to the outside world so think of this much like an inexpensive consumer network that you would have at home you know where you have your Linksys router and then you have all the computers connected that Linksys router that's basically how NAT works so think about this at NAT is is is it it you know like a cheap consumer network now the benefits to this is by using net you have an amount of separation between your computers and the outside world so your computers can all talk to each other in here there's less likely there'll be to damage anything going out to the outside world it's less likely that they'll be able to damage anything but if they need to be able to go out to the Internet to be able to get updates or to download something they will be able to do it so this gives an amount of protection to all the other systems on the network but also allows the computers to go out and actually access things like external servers and uh updates and all that the next connection that you can have is what is called a bridge connection a bridge connection is many times what I am using in the labs so what a bridge connection does in the network configurations is basically each one of these instances it allows each instance to connect to the network as if they were their own physical boxes so these instances connect to the LAN just as if they were normal computers so I did a class on subterfuge that was able to do ARP poisoning this is how I was able to do it as I set my instance of the operating system to a bridge connection and that instance basically Israel it was as if it was connected to the rest of the land even to the point that it was able to do ARP poisoning and then grab information off of the traffic so bridge connection means that there is no separation whatsoever between your instances and lamp now be very careful with the bridge connection because if basically the bridge connection is good is if you really are trying to grab stuff off the land or attack the lamb on the other hand if you were doing testing and experimentation you don't want to use bridge connection because you are connected to the land if you use the bridge connection and you start sending out garbage traffic over the over the network that is going out to the entire network and can crash things and do just really really really bad stuff so the final type of network configuration we can do within VirtualBox is called internal so this is the exact opposite of bridge so within turn basically you have two virtual instances sitting within VirtualBox they can communicate with each other but there is no way for them to get to the outside world there is no connection to the outside world at all so they can communicate internally but there's no connection to the outside world so when I do a lot of my testing and experimentation a lot of times I'll use internal because I can have all these little servers in here beating the hell out of each other and I don't have to worry about any traffic actually getting outside the computer getting outside of the box so that's the other thing you can do with that the networking is it's called in turtle so I'm going to show you these a second on the on the Virtual Box computer so these are things that you guys should be thinking about with your network configuration so you can do NAT network address translation basically that's like just creating a very cheap and expensive Network only it's in your in your virtual box computer you have an external IP address to the VirtualBox computer you have an internal IP address and basically DHCP and DNS and all that just work internally that's for NAT then you have bridge each instance it's as if they're physically connected to the land so that means they can they can attack the land they can provide services they can do whatever you want it's as if they're physically attached to a LAN there's nothing in between and then then the the internal is where you completely and utterly isolate the network connections for all of these instances of the operating systems to make sure that that no data no traffic nothing leaks out because again you've got to be very very careful when you're playing around with all these these hacking utilities especially if you're playing around with this stuff and you are at your work at your office the last thing that you want to do is turn something on and have it crash an entire network of a hundred or a thousand computers the stuff that I'm going to be showing you how to do you can you can really cause some damage if you do something dumb you should you can really really caused some damage so let's go over to the computer so I can actually show you some of this stuff so you can start to get a better idea of what I'm talking about and we can start talking about some of the other functionality within VirtualBox so here we are and we've transitioned over to this is my Asus computer so this is the asou skom pewter that was talking about so while 850 to 900 whatever dollars at Best Buy just went out I bought it I brought it home I unpacked it and I started working that's what I like about buying things from Best Buy you just take them home and you don't have to use any thermal paste or any of that stuff but basically so what I have it is a Susman as you can see it's an i7 3.4 gigahertz processor and 16 gigs of ram ram is your most important thing with a virtual computer to create a virtual lab around a virtual lab so first you want ram then you want processor then you want hard drive hard drive in this environment is the least thing that you have to worry about so then I have VirtualBox installed and so we can see like right now I have all these different instances of operating system so I've 2012 Server Windows 8 desktop Ubuntu desktop Kali so on and so forth and what's really nice about this like what is so great about being able to have a lab like this is what I need to play with something all I have to do is double click on one of these instances and it just automatically starts up so if I'm sitting here thinking Oh hmm what was should I do with Kali I can just double click it'll it'll start up start to run I can play with it when I'm done I can literally just hit the X power it off and that's it it's is basically it's an operating system on demand once you've installed the things so it's it's really really really really great thing so you should know how to create the instances of the operating system but let's go up and I want to show you the LAN settings a network configuration setting since that was the thing I just talked about so with any of these instances of operating system we have to do is right-click on them and then go to settings and this will give us our settings information now if we were going to be changing settings we need to make sure that the instance of the operating system is powered off not simply suspended or hibernated so that we can make these changes if it's not powered off many of these settings you cannot change and even if you do you may run into some problems so what we can see here is when I go down to the network configuration we can see that I can enable or disable the network adapter so we have adapter 1 adapter 2 adapter 3 adapter for so I can enable it and then I can say how I want it to be attacked so NAT network address translation this means I want it set up like a crappy little Network DHCP will be provided DNS will be provided I just boot up my little instance and it starts working or I can select bridged adapter then when I do bridged adapter what I need to say is Wyck network card I want it to be bridged through so again with this particular computer when I try to do wireless it causes all kinds of problems so I use my hard wired connection so now if I did this it would be as if this instance is physically on the lam so we can attack the land it can pull an information from the land you can provide services to the land there's nothing between this instance and the switch on the land it is like it's on the land then we have or the last one we're going to talk about today is the internal network so the internal network what we can do is we can simply give the internal network a name and then any other instances of operating systems that are turned on that are attached to the internal network with that name will be connected to the same network so kind of think about this like a virtual version of VLANs so you just give it a name you know Internet whatever name lab you can call whatever you want so if I call this lab for this the this instance and then I want to let's say the 2012 server and put it on the internal network and call that internal network lab then both of these computers these instances would be on the same lab network and they would be able to communicate with each other um of course with all this stuff you got this advanced but I wouldn't worry about that at this point so you will notice here that there's adapter 1 adapter 2 adapter 3 and adapter 4 so for most of you guys 99.9999% of time all you're gonna be dealing with is adapter 1 just going to be dealing with the first adapt now then you might be wondering well what about adapter 2 adapter 3 adapter 4 well what these can be used for is there are open source routers out there that you can download and install and create virtual instances of so things like a mono wall or smooth wall these are basically Linux distributions um that are simply routers and firewalls and all that they're basically an open source uh you know a small business home office router well what you can do is if you want to create really complicated networks you can create an instance of one of those and then have adapter one connected to the NAT and adapter 2 connected to an internal network adapter 3 bridged and you can create all kinds of weird funky Network configurations that way I would say at this point don't worry about that but that's what you can do with these different adapters so you can have your instance actually connect it to different networks and if you're knowing know what you're doing you can do routing or you know any any of that kind of stuff so that is the network stuff on that that you should be thinking about now as I talked about one of the things that you should think about when you're dealing with a virtual lab is you're going to be playing with these computers there are these instances of the operating systems you're going to be damaging them you're going to be messing with configurations and forgetting what you've done well the problem is is that you know with these instances if you make a mistake if you mess up the instance and you want to start from scratch well most of the time you would have to reinstall the entire operating system that will take you another half an hour plus you would have to download updates that would be a pain in the butt well what's nice with VirtualBox and what you should think about doing is you can clone so you can see I have this Windows 8 computer up here right and so this is my base computer and then you can see I had this Windows 8 clone well what I did is I installed Windows 8 on to this one virtual machine and then I don't want to have to reinstall that again so what I did was I cloned that virtual machine and now what I do is I'd run experiments on the clone there are any problems I can delete the clone re clone Windows 8 and go from there so all if you want to create a clone of an operating system so you can very quickly go back to the original all you have to do is you do right click and you go to clone now it's going to ask you a whole bunch of information and basically you will be able to clone that computer basically copy that entire instance and it will make your life you know a lot easier another thing that you should be thinking about uhm with these computers is about sharing files sharing folders so this these instances of the operating systems in general by default are isolated from the host machine and for the most part that's a good thing so so the host machine doesn't really talk with the instances and the instances don't really talk with a host machine made there for all intents and purposes they are entirely different computers well for you guys since you're gonna be doing experimentations you know you're gonna be downloading software you're gonna be downloading package you're gonna be downloading tools you don't really want to have to download the exact same tools for eight different instances would it be nice if you could simply share the download folder on your host machine to the different instances and that is what you can do so with this Windows a clone that I have running I can go to settings I can go down to shared folders and what you can see is I've shared the Downloads folder on the host computer with this instance so all you have to do to share a folder like hosts folder is you can do a you know add a shared folder here it will ask you the folder path we go to other um I can say I could share the entire C Drive if I wanted to hit okay I say do I want it to be read only do I want to auto mount and do I want to make permanent so read only means I can only read from the folder I would say yes you always make it read only auto mount set asks is it going to automatically mount into the operating system so if you don't auto mount this the shared folder it will be available but then you have to manually mount it so that's a pain so I would say just do Auto mount and then make permanent do you want this to always be on so these are the different options here so that's what I do with this downloads folder so I can share the Downloads folder with all the instances of operating systems and so if I need to like I say install some some utility I've downloaded to the hosts I can simply grab it so in order to do that all you do so I this this is that Windows 8 instance and if you notice we can go to file explorer I can go to computer and we can see that the Downloads folder is here under Network location so if i double click this i can see that this is the Downloads folder on the host machine so i've got a bun to desktop I've got VirtualBox I've got Kali I got a sous installer so these are some of the things that I've simply downloaded in that Downloads folder if I needed access to it I could simply double click it and install from here so that's one of the things that you guys should be thinking about is about sharing files and folders between the host machine and the instances the other way you can share between the host machine and the instances is if we go down and we go click on devices you will see that we have the option for shared clipboard and drag-drop so by default these are disabled but we can do my drag-and-drop we can allow host to guest guest to host or bi-directional so this means I can simply copy and paste something from the host computer to this instance or from this instance back to the host computer now this is something you guys need to be thinking about since you are doing hack so normally you could just set this on bi-directional and that would be a-okay yay you can share to the host you can share from the host it's all good well remember you guys are doing hacking you guys are downloading possibly not the safest pieces of software in the world right so do you really want bi-directional so when you guys are doing the sharing especially in a hacking environment you need to think about how communication would go I would say in general for drag and drop and everything everything should be host to guests that means you can take it from the host and put it on to the guest or the instance but not the other way around so I know what's on my host is safe material I I can drag it over to the instance which is unsafe but it can't go the other way did you get what I'm saying there so those are the two ways that you can share information so you can actually share the folder or you can go in here and turn on drag-and-drop or shared clipboard again in order to make these work you have to install guest additions so if you haven't done that to this point all you have to do is right there so you go to device and one of the options is install guest additions you can click on that and it'll work now I will tell you with this sharing folders drag-and-drop all that kind of stuff this works best surprise surprise but with Windows computers so if you have a Windows host and a Windows instance it works the best there are no problems if you're using the Linux if you're using other operating systems you may have to do some troubleshooting for this to work properly so I'm just gonna I'm not going to go into that because again not going to waste your time this is an intermediate level but you just realize if you're dealing with Windows computers sharing files and folders is very very very easy you just turn it on and it works if you are sharing between Linux systems or UNIX systems you may have to go in and do some other troubleshooting it works but you may you may have some stuff too so all I have to do now let's let's get out of this machine and what I'm going to you is I'm going to do a shutdown so that will just kill this machine so power off so now the final thing is again we're talking about penetration testing and hacking so one of the really really really really good tools with penetration and hacking is being able to use live CDs right so live CDs these are CDs or discs that you boot off of on a computer and then you can then you can go into the hard drive that's on that computer and make changes so if you want to reset passwords if you want to try to bypass security you can boot off of a live CD so that you bypass NTFS security or so that you can hack the registry that kind of stuff well the question is it is normally so you've got a disk got a physical computer so to boot off a live CD you just you just put the CD in you menu boot off you should know how to do that right well the question then becomes well but we're in a virtual environment right now right now right we may not have a CD but even we have a CD how do we get the virtual instance to boot off the CD how does that work well with VirtualBox is actually pretty easy um and you know is pretty simple so all we'll do is we'll go to settings again so we just go to settings and what we're going to go do is we're going to go down to storage so storage is what we are looking for when we go down to storage we will see this little CD thing that may or may not be empty so this is what we are going to be dealing with the cool thing remember when we're dealing with VirtualBox in the virtual world is not only can we deal with physical things such as the physical CD drive but we can also deal with disk images such as is OS so we can boot off of ISO so we can install operating systems off of ISO so we can do a lot of stuff so we don't necessarily even have to create the disk so with the CD here what we can do is we can either say what the physical rive is so the IDE secondary master so if we wanted to boot off that as a live CD we would check off this live CD checkbox and do OEE secondary master now what that means is you have a physical disk you put that physical disk into your computer the actual desktop computer and then it will use that physical disk in the cd-rom and the DVD rom and be able to boot off of that way well you can either do that or we could us use an iso file so if I click on this little CD button here we will see that we have some options so the first one again is the host drive so d so if you want to the host drive that that that's the CD drive that's physically on the computer but we can also go and we can deal with is O's so we can see that I've already used some ISO file so I could simply select the Kali Linux ISO and now it will be booting off of or we'll use that image file instead of the physical drive if I need to select one what I can do is I can do to use a virtual cd/dvd disk file open this up it comes to downloads or wherever I needed to go and I can just highlight one of these and select it so bun to desktop I do that I do open and now it will try to boot off that so if I click OK and now I power this on basically it's going to power on and then it's going to work as if it's a live CD so I just showed you this instance of an operating system and before it was Windows 8 well now it is booting off the Ubuntu live CD just as if it was like a normal physical computer and you put that live CD in so if this was a backtrack if this is Kali this was some other piece of or or ISO that I was using for hacking I could use it to go in and mess with this virtual instance of the operating system right so those are some of the basic things that you need to be thinking about for creating your virtual computer lab with VirtualBox again nowadays it is makes life easier to use virtualization software I mean not that long ago I mean 2009 I was only four years ago frankly it was easier to have physical computers and create a lab that way to play with now I mean I say 900 bucks I went out I bought an i7 processor desktop with 16 gigs of RAM a terabyte hard drive and set this up I mean this entire lab was set up in like an hour I mean it's that easy nowadays it's fast enough you guys walk so all the demonstrations that I've been doing lately and will do into the future are using this particular asus desktop so you see how fast it is I mean it's it runs well I suppose it could be a little bit faster but you know I'm a computer guy can always be better but you know it's it's fine for what I need it's fine for teaching these classes so if you're thinking about going out there creating one of these labs again I use VirtualBox because I'm teaching you guys I know you guys are keep hey you don't want to pay for anything you don't have to so VirtualBox is free you get all the functionality it's free the licensing is good again if you're going to use it in the real commercial world like in a real company go take a look at the licensing but in general what you're going to be dealing with the licensing shouldn't be any kind of a problem if you use your own computer again RAM is most important 16 gigs I would say 16 gigs is what I would use for any lab computer processor comes next again an i7 with a nice three three Giga her processor Plus that would be the way to go the hard drive is actually the least important I would say get at least a 7200 rpm hard drive but it's really the size remember for creating the lab we're creating these clones we have all these instances of operating systems instances of operating systems again are not picture files these are not document files these are entire operating system files um so you know these favi these instances are going to be ten gigs 20 gigs 30 gigs you don't want to be moving that back and forth to some external USB hard drive that would just be a pain in the butt so I would say you know get that one terabyte hard in your computer minimum 7200 rpm a hard drive you know if you got the money for a big ass SSD or hybrid drive hey go for it when you're creating the virtual machines again when you're doing it yeah remember you're not creating these virtual machines for the real world you're not creating these servers for the real world if I was creating Windows Server 2012 um it would have a minimum of 8 gigs of RAM the real world you're creating these systems these virtual systems to play with right so give them one gig of ram give them two gigs of ram the reason being is you've only got so much RAM on your desktop in here if you've got 16 gigs of RAM you take away 2 for the host operating system you're down to 14 I mean that that's all the RAM you got so if you use it all up giving one instance of an operating system 8 gigs of ram or however much you're done so just give them the least possible I would say give East each instance if it's Linux give it one gig of ram if it's Windows give it two gigs of ram if you have any problems you guys should know using VirtualBox you can adjust it later again when you're creating the hard drives are the big thing when you're setting up these virtual instances and you're creating the hard drives is do the dynamic allocation of hard drive space again you can either set it up so if you create a 50 gig hard drive VirtualBox actually uses all that 50 gigs at one time it blocks it off as a single file right you don't want to do that by doing dynamic allocation you can create a 50 gig hard drive but it will only use as much space as that instance actually needs that's what you want to be doing again with hard drive space I would say use 50 gigs again you would be shocked shocked with how much a hard drive space some of these operating systems need especially like Windows nowadays I do like Windows 8 needs like 32 gigs of hard drive space from day one right so so you don't want to be getting into your lab you don't want to start playing around and then find out your lab computers are crashing simply because you didn't give up enough hard drive space just just give up 50 gigs 50 gigs is a nice big size so then we talked about that the networking networking is big for hacking network is huge from we're talking about hacking because remember you don't want to screw up your own network right you want to screw up somebody else's network not yours so if you're not thinking about how the networking is done that will cause a lot of problems again I did this class on subterfuge and people are saying Eli the art poisoning isn't working and like yeah I know because you guys didn't set up your VirtualBox networking correctly did you but you don't know enough to know that and I'm not gonna tell you because if you don't know enough you don't need to be doing this right so if you're going to do something like our poisoning if you're going to need something where that instance needs direct connection to the land the physical network then you would use the bridge connection bridge means that that instance for all intents and purposes is just like a normal computer sitting on the network there's nothing between it and the rest of the network as far as the network is concerned logically as they say that now if you do NAT network address translation what that means is it's the equivalent of if you had some small business router between your instances and the rest of the network so it would give out DHCP it would give out allowed DNS computers internally would be able to talk to each other but again it's just like you have a router between your your virtual instances and the rest of the network so if you're trying to do things like ARP poisoning it won't work because you guys are on the wrong side of that router that makes sense and then you have again one of the ones that you should be using a lot especially for this penetration testing and hacking is the internal network setting with the internal network setting is is again you name the internal network whatever you want to named all the computers that are connected to that internal network of that name will be able to talk to each other and that's it you don't have to worry about network communication going out if you're doing things like ARP poisoning if you're doing things like the denial of service attacks you don't have to you don't have to worry that you hit the wrong button and all of a sudden you're actually crack crashing your main server right all you're doing is attacking internal computers on the network finally when we're talking about that networking again we're not talking about in this class again a little more advanced I'll probably have a class on it a little bit later but as I showed you there are tabs for different network adapters adapter 1 and F 2 adapter 3 adapter for what that means is you can have up to 4 the equivalent of 4 Network cards on your virtual instance for most of these instances it doesn't matter why it's important is because you could use some kind of open source router such as mono wall or smooth wall to actually create a virtual router that's connected to different networks and actually routes between them so if you want to really start doing some wacky sophisticated crap you could do that again that's wacky and sophisticated and so that's its own the other other thing the one thing that it will tell you with all this networking kind of like a hush-hush professional person telling you guys this is um personally so I have my my desktop computer here I have my whole virtual computer with a virtual lab and all that one morning I will tell you is whenever I'm done with it I really do actually unplug the network cable from it to the switch that is connected to the reason being is because I'm doing a lot of these classes on hacking and penetration testing and again there's one person in the world I don't trust attackers and remember you're downloading hacker utilities on your systems and you're installing them and would it be kind of cool or tricky or nasty if the hacker who created a hacker utility made it so that when you install the hacker utility onto your computer they could then hack your computer that's not something a hacker would do is it yeah so what I personally do is I make sure this thing is disconnected whenever I'm done using it because I don't want to find out that my little lab computer has been harvesting my credentials or whatever in the middle of the night so that's just something that you guys should be thinking about I always unplug my eight my lab computer from the network when I'm not using it because you know just that's the way to go again I show you how to do the cloning the cloning is a very important thing again we're going to be playing with these lab computers we're going to be beating up on them we're going to be changing configurations we're going to be doing all kinds of wacky stuff right and if we were real professionals we're real professionals we'd have a notebook beside us and we would write down every little modification we made to an instance so that if there were any problems we can go back and we knew exactly what we did I don't know any real professionals that do that most of us oh we start making changes willy-nilly then we forget what the hell we did unless we're working on really expensive systems where the paying us a lot of money then we write everything down right so the problem is if you go and you start messing with all these configurations and you crash your computer it's just just gonna be just gonna be a bad thing well what you can do is before you start messing with your computer you create a clone of it then if you screw up the clone you go back and you reclone the original you recall in the original repo as everything uh then we talked about the sharing the folder so sharing is again very important thing I showed you they they've got the drag-and-drop you can do shared folders that you notice the the clipboard I'm not sure if I'd worry about the clipboard and the drag-and-drop the main thing that I use with the share folders is again I share out the Downloads folder on the host computer so I I download you know whatever utilities I need whatever files that have been zipped they all get you're sure they just get dumped into that Downloads folder by sharing that out from the host computer to all the instances if I need anything I can then just open up that folder within the instance and everything is there I can install a software I don't have to redownload it onto the instance so that's something you should be thinking about again though with that make sure to install the VirtualBox guest additions on to the virtual instance or you won't be able to do the shared shared folders remember though also with the drag-and-drop and the shared clipboard remember again guys gotta be smart here this is this is using VirtualBox in a hacking environment you got to be thinking about the security so remember a normal lab environment if you if you if you allow sharing you know like I say in a normal lab environment you click bi-directional which means hosts can share to guests guests to share to hosts and that's fine right see you guys are dealing with hacking stuff do you do you want the guests sharing to the host because the host is a system that runs everything else so think about when you're turning on these sharing settings how you would want it to work I want the host I want the guests to be able to read information from the host I want the the host to be able to be able to put information onto the guests I don't want the host reading from the guests or the guests being input anything under the host oh it's all one way guests can read from host host should not be able to read from guests I hope you followed me there because that's like one of those really important tips especially let's start mucking around with this stuff and the final thing that we talked about is again with these live CDs because live CDs are one of the greatest tools nowadays especially for learning how to to to hack on computers when you have physical access to them um so now again like I say you can boot off of an ISO file or you could boot off of the disk drive with the the disk in there and then it's just like you're hacking Dow sitting at a computer that's in front of you so if you have a Windows 8 computer you can boot off of a live backtrack CD use the backtrack CD to go in and hack the password and play around and muck with things that way all within the virtual world so you don't have to worry about mucking anything up in the real world yeah so so that was basically the class again I did not get like really D I didn't show you how to do some stuff because again this is an intermediate level class and tell any guys I'm telling you I know a lot of you guys newbies are watching this you're like Eli I don't understand I'm telling you if you don't understand that's fine that's fine that's cool go take some networking classes go take my tcp/ip classes go take the Linux classes go take the Windows Server classes go take those classes and then when you understand those classes come back and take this one but I am Telling You I have said this from the beginning I've said this about hacking for four years right hacking at least an intermediate level skill set really it's an advanced skill set because what you're trying to do is you're trying to mess around with systems you're trying to you're trying to compromise systems you're trying to damage system you're trying to intercept data well how do you how do you compromise a system if you don't really understand what that system does if you don't understand what the system is used for how do you compromise Active Directory you don't even know what Active Directory is you know what I'm saying how do you hack a my sequel database if you don't know what my sequel is yeah so so so that's the thing that's that's my little little heigh-ho horse my little soapbox about it so again I say if you're a newbie and you're like Eli Dan or Stan halfway you say today that's fine go take the other classes cuz again with this hacking stuff I'm telling you if you don't understand what I'm talking about go back go back young man that's all I'm saying so this was the class building a virtual computer lab with VirtualBox for penetration testing and hacking tests as you know my Eli the computer guy and as always I enjoyed teaching this class look forward to seeing you at the next one
Info
Channel: Eli the Computer Guy
Views: 325,047
Rating: 4.7706094 out of 5
Keywords: Eli, the, Computer, Guy
Id: AiWRmMzwwJM
Channel Id: undefined
Length: 58min 40sec (3520 seconds)
Published: Fri Apr 12 2013
Reddit Comments
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.