ZZEN9217 H6 O.S. Fundamentals for Security: VM platform notes

From techdocs
Revision as of 13:11, 17 August 2023 by Plinich (talk | contribs)
Jump to navigation Jump to search
Important

Kali or Parrot must be started before Windows XP, Windows 7 or Metasploitable2.

This is because the script which starts Kali also creates the virtual network bridge used to link the the latter virtual machines. Without the bridge the Windows (plural) and Metasploitable2 virtual network interface cannot be created.

Notes for 2023T3 edition

VM's available

Product Start script Comments
Kali startkali Originally-deployed version
Windows XP startwin Originally-deployed version, no patches or updates
Windows 7 startwinx7 Originally-deployed version, no patches or updates
Metasploitable2 startmeta2
Parrot Security startparrot Functional roiuting replacement for Kali. I.e., either it or Kali are required to set up the networking for the Windows hosts or Metasploitable2. Kali's eth0 is Parrot's ens3, eth1 is ens4
Kali2 startkali2

Start-up chain of actions

Virtual machines are run by qemu-system-x86_64.

User runs:

/usr/local/infrastructure/bin/startXYZ

Which uses:

sudo (/etc/sudoers.d/startXYZ)

To run (as root):

/usr/local/qemu_machines/startXYZ

Which runs does the necessary setup (including network interfaces), creates the temporary hard disk image, and then runs qemu-system-x86_64.

Notes regarding original implementation

  • Testing on [AWS] nw-syd-vx1 using QEMU in emulation mode rather than hypervisor/KVM mode
  • Then installed on vx0 (an out-of-warranty Dell R510) which is configured as a New World VLAB/login server, which is used as a testing platform, and which runs the VM's with QEMU in hypervisor/KVM mode
  • Final (new) home is vx01, which was vx1 and then was corelli. Scripts and files remain unchanged
  • Images and scripts in /usr/local/qemu_machines + /usr/local/infrastructure/bin/start(win|kali) + /etc/sudoers.d/start(win|kali)
  • Installed qemu-system-x86 and bridge-utils packages
  • startkali: starts Kali Linux, includes second interface (eth1) for link to Windows XP host established via up/down scripts for QEMU which set up a bridge and join eth1 (tap device) to the bridge. Due to the down script running as the user rather than root (due to "-runas" in qemu-system-x86_64 invocation) the bridge created by the up script cannot be removed
  • startwin: starts Windows XP, up/down scripts link network tap device to bridge mentioned above
  • Kali Linux primary interface (eth0) uses DHCP and gets the QEMU user-network address of 10.0.2.15/24. This is also Kali's default route
  • Kali Linux second interface (eth1) has a static IP address of 192.168.1.1/24
  • Windows XP primary interface has a static address of 192.168.1.2/24. Windows XP has no default route and no DNS servers
  • Kali's eth1 and the Windows XP primary ethernet interface are connected together via TAP interfaces on a private bridge named "br<username>" (e.g., "brplinich"). See brctl show

Kali host testing accounts

Account name Password
root password
user user


Parrot host testing accounts

Account name Password
user user
Retrieved from ‘https://techdocs.cseunsw.tech/mediawiki/index.php?title=ZZEN9217_H6_O.S._Fundamentals_for_Security:_VM_platform_notes&oldid=800