how to setup home lab w/vmware backtrack, winxp, win2k, etc

hrbngrhrbngr Registered Users Posts: 5 ■□□□□□□□□□

I just finished a two-part training course by my company for the CEH cert. One of the most interesting parts of the class was the labs where we used three different vmware sessions, one w/Backtrack for all the hacking tools, and one windows xp and one server 2000 to demonstrate the various tools covered in the CEH classes. Now, I believe I can download vmplayer as well as a backtrack vm for free, I also have windows 95, 98, XP, 2000, vista, etc that I can use to build the other vm sessions, however, I don't have server 2000, only nt server from my MCSE days.

I wanted to run nmap/metasploit, etc like I did in the labs and then search for other ways to use the tools so that I can better understand how they work and, ofc, be more prepared for the exam, so:

1. Are there any sites with tips/intructions on how to create a XP vmware builds or other versions based on one's original media?

2. If I don't have access to win2k server, is nt server 4 w/iis installed a decent alternative?

3. Any other advice for ppl trying to setup there own labs w/vmware?


  • Options
    SephStormSephStorm Member Posts: 1,731 ■■■■■■■□□□
    Windows XP SP0 should be more than sufficient right out of the box. Do you know how to create the vms? I'm not sure if Player can do it, you may need to get an evaluation copy of VMWare workstation. If you can or have workstation, you simply create a new vm with a blank harddisk and install from your cd/dvd drive (i.e you put the install media in the physical drive and have your vm boot from cd/rom. there should be plenty of videos on you tube that can show you how if you have any questions.

    Nt4 should work, but you may want to get an older version of backtrack. Maybe Bt2?

    (im too tired for the last one, but look around, I think we have a few threads on the subject.) sry.
  • Options
    JDMurrayJDMurray Admin Posts: 13,050 Admin
    You are looking for vulnerable targets to practice on? I agree Win XP SP0 (released Oct 2001) has a bunch of exploitable holes. I would use Server 2003 and 2008 as more realistic targets than 2000 and NT4 Server. You can also load Damn Vulnerable Linux, which is due a new release this Summer.
  • Options
    lanrexng2lanrexng2 Member Posts: 74 ■■□□□□□□□□
    I started with VMWare player but now I use VirtualBox.

    Metasploitable is a vulnerable linux VM that you can use for testing your skills. I converted Metasploitable to a VirtualBox image and wreck it weekly with Backtrack v4.5.

    I also set up a 7 image network in VB (XP SP 2&3, Vista, Server 08 R2 x2, Metasploitable, Debian) - my box has 12GB RAM + i7.

    SET UP
    Set up Backtrack VM and first thing you want to do is update the OS and Metasploit.

    IMPORTANT - After your update turn off the VM and change the networking to 'host only" this will prevent you from getting an FBI file icon_lol.gif. Do the same for all VMs so you payload stays within the virtual environment.

    Another important thing you want to do is turn off the VirrtualBox interface to your host computer. If you ipconfig /all you'll see what I mean. This will prevent you from owning yourself icon_lol.gif.

    Other than that keep updating your sys admin, network admin and security admin skills and Good Luck.

    YouTube - ‪Defcon 18 - You spent all that money and you still got owned - Joseph McCray - Part .mov‬‏ enjoy this video to see the real state of security! icon_lol.gif
    M Sc Computer Science == 1% completeA+, Network+, Security+, CCENT == 100% complete
    ICND2, RHCSA, C/C++, Python, x86,
  • Options
    cyberguyprcyberguypr Mod Posts: 6,928 Mod
    Dude, you came to the wrong place to be kindly demanding "urgent" torrents. Not the best way to become member of any forum.
  • Options
    Stan LeeStan Lee Member Posts: 19 ■□□□□□□□□□
    You don't need to go as far back as win xp sp 0 to do your hands on. I downloaded an iso file of win xp sp3 (minus all the patches which came after sp3) and I was able to launch a remote shell after running an exploit against the sp3 machine. Even with a fully patched SP3 machine, you can still launch a remote shell if the machine has old versions of Acrobat Reader like v8 or v9. Make sure you are not doing these exercises in a live environment unless you have the get out-of-jail card icon_smile.gif
Sign In or Register to comment.