ZZEN9217 H6 O.S. Fundamentals for Security: VM platform notes
Jump to navigation
Jump to search
| Important
Kali, Kali2 or Parrot must be started before Windows XP, Windows 7 or Metasploitable2. This is because the script which starts Kali/Kali2/Parrot also creates the virtual network bridge used to link the latter virtual machines. Without the bridge the Windows and Metasploitable2 virtual network interface cannot be created. |
Notes for 2023T3 edition
VM's available
| Product | Start script | Comments |
|---|---|---|
| Kali | startkali
|
Originally-deployed version |
| Windows XP | startwin
|
Originally-deployed version, no patches or updates |
| Windows 7 | startwinx7
|
Originally-deployed version, no patches or updates |
| Metasploitable2 | startmeta2
|
|
| Parrot Security | startparrot
|
Functional routing replacement for Kali and Kali2. I.e., either it or Kali/Kali2 are required to set up the networking for the Windows hosts or Metasploitable2. Kali's and Kali2's eth0 is Parrot's ens3, eth1 is ens4 |
| Kali2 | startkali2
|
New version (2023.2) for 2023T3 |
Start-up chain of actions
Virtual machines are run by qemu-system-x86_64.
User runs:
/usr/local/infrastructure/bin/startXYZ
Which uses:
sudo (/etc/sudoers.d/startXYZ)
To run (as root):
/usr/local/qemu_machines/startXYZ
Which runs does the necessary setup (including network interfaces), creates the temporary hard disk image, and then runs qemu-system-x86_64.
Notes regarding original implementation
Testing on [AWS] nw-syd-vx1 using QEMU in emulation mode rather than hypervisor/KVM mode- Then installed on vx0 (an out-of-warranty Dell R510) which is configured as a New World VLAB/login server, which is used as a testing platform, and which runs the VM's with QEMU in hypervisor/KVM mode
- Final (new) home is vx01, which was vx1 and then was corelli. Scripts and files remain unchanged
- Images and scripts in
/usr/local/qemu_machines+/usr/local/infrastructure/bin/start(win|kali)+/etc/sudoers.d/start(win|kali) - Installed qemu-system-x86 and bridge-utils packages
startkali: starts Kali Linux, includes second interface (eth1) for link to Windows XP host established via up/down scripts for QEMU which set up a bridge and join eth1 (tap device) to the bridge. Due to the down script running as the user rather than root (due to "-runas" inqemu-system-x86_64invocation) the bridge created by the up script cannot be removedstartwin: starts Windows XP, up/down scripts link network tap device to bridge mentioned above- Kali Linux primary interface (eth0) uses DHCP and gets the QEMU user-network address of 10.0.2.15/24. This is also Kali's default route
- Kali Linux second interface (eth1) has a static IP address of 192.168.1.1/24
- Windows XP primary interface has a static address of 192.168.1.2/24. Windows XP has no default route and no DNS servers
- Kali's eth1 and the Windows XP primary ethernet interface are connected together via TAP interfaces on a private bridge named "br<username>" (e.g., "brplinich"). See
brctl show
Kali2 host testing accounts
| Account name | Password |
|---|---|
| kali | kali |
Kali host testing accounts
| Account name | Password |
|---|---|
| root | password |
| user | user |
Parrot host testing accounts
| Account name | Password |
|---|---|
| user | user |