Do i have to use Laptop for VMs or i can use Remote server ?

mirror51mirror51 Member Posts: 84 ■■■□□□□□□□
I am starting with OSCP study.

My laptop is not very high config and i already have stuff on it. So not have huge empty space.

But i Have VPS Server ESXi host on CLoud which has 64GB RAM , 8 core processor , 12TB disk.
SO my question is can i do all Vulnhub etc on ESXi on cloud or i have to use my laptop ?

Comments

  • securitychopssecuritychops Member Posts: 52 ■■■□□□□□□□
    My first question is going to be what kind of specs does your laptop have exactly and how much free space are we talking about?

    Many of the machines you would be learning on wouldn't require a lot of resource allocation, aside from possibly hard drive space you might not have.

    While you could technically leverage a cloud based ESXi server to run vulnhub machines I would personally not want to run boot to root machines remotely. Ideally you would want to use something like VMWare or VirtualBox, etc to run these servers locally within a closed network with your attack VM (Kali I am assuming).

    If you do decide you want to investigate leveraging your cloud based ESXi server I would make sure that you setup a closed network between the attack VM and your target VM. Then you could login to the ESXi manager and use the console functionality for your attack machine so that it can also live in the closed network while still being remotely available.

    Although you did not directly ask this next question I would also highly recommend against trying to run the OSCP course through a remotely hosted ESXi server. I am sure it is technically possible to do, however going that route will be full of a ton of little unforeseen issues that would be constantly popping up to slow down progress in all the wrong ways ... but that is just my two cents!

    Either way, good luck and have fun with the studying/learning! :)
    Current Certs   : OSCE, OSCP, CISSP, Pentest+, Security+, SLAE, SLAE64
    Goals for 2019 : OSEE
    Goals for 2020 : OSWE
  • paul78paul78 Member Posts: 3,016 ■■■■■■■■■■
    Using a remote VM will also largely depend on your setup. I run ESX 5.5 hosts in my lab so my remote access is on my LAN and I have control of everything in the infrastructure. I didn't have any issues using a remote VM but since you are using a cloud provider, you are introducing additional complexity which could introduce unnecessary issues during your studies as @securitychops indicated.
  • mirror51mirror51 Member Posts: 84 ■■■□□□□□□□
    i was able to setup env on ESXI and used kali linux as provided by offensive secuirty. But when i run enum4linux on Koptrix level 1 and i get his error

    =======================================
    | OS information on 192.168.1.104 |
    =======================================
    Use of uninitialized value $os_info in concatenation (.) or string at ./enum4linux.pl line 464.
    [+] Got OS info for 192.168.1.104 from smbclient:
    [+] Got OS info for 192.168.1.104 from srvinfo:
    KIOPTRIX Wk Sv PrQ Unx NT SNT Samba Server
    platform_id : 500
    os version : 4.5
    server type : 0x9a03

    Is there any way to fix it. Initially i tested that locally and i got same error. Then i thought VM provided by offesive guys will be good but i got same error in that as well?
  • securitychopssecuritychops Member Posts: 52 ■■■□□□□□□□
    You will run into these kinds of errors from time to time. Each machine will be configured slightly different so a single script will not be able hit 100% of the checks on every machine and/or the script may be referencing an environment variable that might exist on one machine but not on another.

    If you are feeling particularly motivated you could always dig into the script and figure out how $os_info is created/used and create a patch/update for the script to take into account whatever edge condition is causing Kioptrix to fail on that variable. Even better is that the error is pointing you to a specific line number for you to begin the investigation ... :)
    Current Certs   : OSCE, OSCP, CISSP, Pentest+, Security+, SLAE, SLAE64
    Goals for 2019 : OSEE
    Goals for 2020 : OSWE
  • mirror51mirror51 Member Posts: 84 ■■■□□□□□□□
    You will run into these kinds of errors from time to time. Each machine will be configured slightly different so a single script will not be able hit 100% of the checks on every machine and/or the script may be referencing an environment variable that might exist on one machine but not on another.

    If you are feeling particularly motivated you could always dig into the script and figure out how $os_info is created/used and create a patch/update for the script to take into account whatever edge condition is causing Kioptrix to fail on that variable. Even better is that the error is pointing you to a specific line number for you to begin the investigation ... :)

    Thanks securitychop , Actually that was my first encounter with pentesting machine and i was following the walkthrough and stuck at that step :)
    Time to learn some perl syntax icon_lol.gif
  • yoba222yoba222 Member Posts: 1,237 ■■■■■■■■□□
    I wonder if the webcam software you'll need to have running during the exam won't work so well with using a remote Kali instance. You can get a 64GB SSD for like $20 these days and then you could just run a clean Kali install on that drive. Or something more practical like Ubuntu and then install Kali in a VirtualBox/VMware VM on that drive for the exam.
    A+, Network+, CCNA, LFCS,
    Security+, eJPT, CySA+, PenTest+,
    Cisco CyberOps, GCIH, VHL,
    In progress: OSCP
Sign In or Register to comment.