Hello!
You may have seen that most of my posts are writeups/solutions for Hack The Box machines, but have you ever heard about Vulnhub?
VulnHub is platform that provides you vulnerable machines, in the form of VM images, that you can download and deploy locally for those who wants to get a hands-on experience in penetration testing. Unlike HackTheBox and TryHackMe, which require a VPN connection, VulnHub allows you to work entirely offline. But, since Windows machine requires a license, most VulnHub machines are Linux-based servers.
There are a lot of things you can do with VulnHub machines after you get the root access, such as:
- Analyzing the vulnerability, if it involves an insecure code, you can try to patch it.
- Learning how the authors configure the machines.
- Building a pentest lab that consists of VulnHub machines to practice network pivoting.
- DFIR
- Implements a detection rule in your SIEM
- Many more!
In this post, I would like to share a quick tutorial on how to setup a VulnHub machine on your local network. I’ll assume that you are already familiar with virtualization and some basics of networking. If you’re not, just follow along !
Install Virtualization Software
First thing first, you need a virtualization software such as VirtualBox or VMWare. Here is the links for both software:
- VirtualBox - https://www.virtualbox.org/wiki/Downloads
- VMWare - https://www.vmware.com/products/workstation-player.html
I personally use VirtualBox (Windows) because it’s easy to use (and of course, it’s free).
Download VM Images
Now get your VulnHub machines/VM images at VulnHub’s official site: https://www.vulnhub.com/. In this post, I’ll be using symfonos: 2.
Import the VM image
If the image is a 7z
or zip
format make sure to decompress it first. In my case, symfonos: 2 is on 7z
format, therefor I have to decompress it.
Here’s what I have after decompressing it.
If you use VirtualBox, any .ovf
file should already be associated with the app so we can just double click on that file and it will take us straight to the import menu.
If that’s not the case, just open up your VirtualBox then click on File -> select "Import Appliance..."
. It will pop a new window.
Next, click on the icon that I marked with a red box to browse your VM image.
Locate your VM image and then click on the Open button.
For now let’s leave all the settings to its default.
Click on the Import button and wait until it completed.
When the import is done, you will see the machine on the VM list section
Setting up the Network
In this section, we’ll be putting the VM in isolated network.
Open the VM’s settings by Right Click -> "Settings"
.
Go to the Network section, and set the “Attached to” to Host-only Adapter
.
Click OK button.
Now open the adapter configuration on File -> select "Host Network Manager..."
In the image below, the “VirtualBox Host-Only Ethernet Adapter” will be using a network range of 192.168.2.0/24
and has DHCP server enabled which is needed by VulnHub machines to obtain IP address automatically on boot.
192.168.2.2
is the IP address of the virtual adapter on the host side while 192.168.2.1
is the IP address of the built-in DHCP server from VirtualBox.
Below is the configuration for the DHCP server.
I set my Lower Address Bound
to 192.168.2.100
and Upper Address Bound
to 192.168.2.254
, so that all machines will be assigned with an IP started from .100-254
, and no one gets 192.168.2.3-99
.
Can I configure it to 10.10.10.0/24
?
Yes you can!
If we want to create a 10.10.10.0/24
network, it’s better to create another adapter by clicking the Create menu (you don’t say) then set the adapter’s settings with
IPv4 Address | 10.10.10.2 (Adapter on the host side) |
IPv4 Network Mask | 255.255.255.0 |
Next, configure the DHCP server to:
Server Address | 10.10.10.1 (VirtualBox’s built-in DHCP server) |
Server Mask | 255.255.255.0 |
Lower Address Bound | 10.10.10.100 |
Upper Address Bound | 10.10.10.254 |
Then, on the VM settings (symfonos: 2), change the adapter name with the new one we created before
Lastly, we should also configure the attacking machine, in my case it’s Kali Linux, to use the same network adapter.
Boot it!
Boot your machines and we’re done!
Happy hacking!