SEC520/labs/Lab 1
Setup for Labs
Introduction
- This lab teaches the student how and why attackers break into systems. For this purpose everyone will be a "victim" in the class as well as a "bad guy". Generally, we try to envision a network server environment.
- Unfortunately, performing penetration system testing on an organization's network without their consent can lead to serious consequences. The college has created a lab that allows students to perform penetration testing in a safe environment - it is called the IFS Lab. This lab is in heavy demand due to the IFS program, and may not be available for SEC520 students. Another method to encourage the "safe and permitted practice of penetration testing at the college" is to have students host vulnerable operating systems as virtual machines on their host computer system (i.e. Hard Disk Packs).
- This lab assumes that you already have the required materials (listed below in the Required Materials section), and are ready to perform this lab.
Objectives
- Install Kali Linux (host) on hard disk pack (or other suitable configuration).
- Install Virtual Machine application called VirtualBox on host OS (Kali Linux).
- Setup and install a vulnerable Linux OS as a Virtual Machine on the host.
- Setup and install Windows 2003 Server as a Virtual Machine on the host.
Required Materials
- SATA Hard Disk in removable disk tray (Note: can use existing Notebook / Netbook with VMware)
- Kali Linux Installation DVD (Refer to methods to obtain and burn media in main page).
- Vulnerable Linux Installation DVD (Refer to methods to obtain and burn media in main page).
- Windows 2003 Server Installation CD (Refer to methods to obtain and burn media in main page).
- Lab Logbook (Lab1 Reference Sheet) (to make notes and observations).
Prerequisites
- None (First Lab)
Online Tools and References
- Kali Linux Website
- Online Linux Manpages
- VirtualBox Documentation
- Fedora Core 5 Documentation
- Windows 2003 Server Documentation
- Online MS Windows Command Reference
Course Notes
Performing Lab 1
Task #1: Install Kali Linux as Host Server on Your Hard Disk Pack (notebook or netbook) and Install VirtualBox
There are many toolkits that
are avaible for individuals to help "harden" their computer systems...
Examples include: Live Hacking CD, Samurai Web Testing Framework,
Organizational Systems Wireless Assistant., Ardius, Operator", etc. There are even distributions for the Raspberry Pi (although we need to have a pen testing solution support virtual machines for this course).
TE:
Make certain NOT to accept the default computer name. Use a smaller
name (like three letters), otherwise, the telnet server package will NOT
be installed by default
One tookit that contained many of the penetration-testing tools taught in this course was BackTrack. BackTrack is a specialized distribution based on Ubuntu. A newer distribution called Kali Linux is a newer and more complete build of Linux Backtrack using Debian (i.e. Kali is "BackTrack 6"). There is a noticeable improvement which includes fixes to "broken packages" (less hassle to the student to setup and use), as well as better wireless support, and better flexibility for customization.
We will be using Kali Linux for this semester...
INSTRUCTIONS:
- Use your Hard Disk Pack solely for this course: Do not share the contents with this diskpack with any other courses that you are taking. Remember: this is a course dealing with "Internet Security" which means that you could lose your work if you do something wrong.
- Obtain the Kali Linux installation media (eg. DVD, USB Stick).
- Insert your Hard Disk Pack and Kali Linux CD into your lab machine.
- Boot your lab machine, and at the BIOS display, press F10 (password: ENTER) and then select the CD/DVD drive containing the Kali Linux install media for boot selection.
- Select the first INSTALL option in the Kali Linux startup menu.
- Accept the recommended or default selections during the install. Remember to write down any passwords (do not forget them!). You may want to (when prompted) add a non-existent username to the administrator's group that you can add later to have admin access.
- When you have completed your install, remove the installation media, restart your Kali Linux machine.
- Make certain that you can connect to the Internet (confirm by using a web-broswer)
- You can use the Synaptic Package Manager (graphic tool) or the Linux commands apt-get to install other applications that you wish to use in on your system (eg. different web-browser).
- It is recommended NOT to graphically install VirtualBox on your Kali machine. The lab's author has had success with installing VirtualBox (as a .deb file) from the main website.
- Download the appropriate VirtualBox .deb file (32/64 bit) from the following link:
https://www.virtualbox.org/wiki/Downloads - After the file has downloaded, open a Linux shell, go to the directory containing the downloaded file Issue the following command as root:
gdebi [filename]
- Make appropriate selections to have VirtualBox application installed.
- Start the VirtualBox application. If the appliation does not appear in any of the menus, simply run the virtualbox command in root in a shell terminal.
- Proceed to Task #2
Answer the Task #1 observations / questions in your lab log book.
Task #2: Install / Setup Vulnerable Linux OS as a Virtual Machine
INSTRUCTIONS:
- In your regular account, run a graphical X-Windows session.
- Obtain and burn in the image of Fedora Core 5 onto a bootable DVD.
Here is a link to a downloadable source: http://dl.fedoraproject.org/pub/archive/fedora/linux/core/5/i386/iso/FC-5-i386-DVD.iso
( Refer to Required Materials) - Insert the Vulnerable Linux (FC5) installation DVD into the DVD Drive.
- From the Applications menu, select System Tools, then select Oracle VM VirtualBox.
- Click on the New buttoni, and click on Next to proceed.
- Enter a name for the Vulnerable Linux system (we will refer to the name of Vulnerable Linux System for the duration of these labs. Make certain that the OS Type is Linux, and the Version is Linux 2.6, and then click on Next to proceed.
- Accept the default Base memory size, and click Next to proceed.
- Accept all defaults for the Virtual Hard Disk screen, and click Next two times to proceed.
- Accept the default Storage Type (i.e. "Dynamically expanding storage"), and proceed to the next screen.
- In the Virtual Disk Location and Size, accept the default name, and set the Size of the Partition to 10 GB and proceed to the final screen.
- In the Summary screen, verify the information, and click Finish to finish the VM setup.
- Double-click on the VM called Vulnerable Linux in order to install that version of Linux from the CD drive.
- Accept the defaults in the Anaconda installation wizard,
but overide for Eastern Timezone. Select and remember a suitable root
password. In the software packages section to include, select Web Server. In addition, select the Customize (i.e. Customize Now, and make the following package selections:
- FTP Server
- Mail Server
- Network Servers
- Server Configuration Tools
- Complete remaining screens to start installation - the installation process should take approximately 30 minutes to complete.
- After reboot, the Setup Agent wizard will allow the user to make selections.
- Make certain to DISABLE the Firewall and DISABLE SELinux
- Create an unprivileged user (remember the password).
- Accept all other defaults and allow the system to reboot for changed to take effect.
- After reboot, verify that you can login, make the menu selections System, Administration, Server Settings, Services (or issue the command system-config-services to graphically activate and verify all each of the following services are running:
- Web (HTTPD) Server
- FTP (VSFTP) Server
- Mail Server
- SSH Server
- TELNET Server (located under "On Demand" services)
(You can alternatively list service status by issuing the command: /sbin/service --status-all)
<br <="" li=""> - Proceed to Task #3
Answer Task #2 observations / questions in your lab log book.
Task #3: Install / Setup Windows 2003 Server as a Virtual Machine
INSTRUCTIONS:
- Obtain an installation CD of Windows 2003 Server (refer to Required Materials).
- Create another Virtual Machine (20 GB) to be called Vulnerable Windows.
- Install Windows Server 2003 (Enterprise Edition) on an NTFS partition. Follow similar selections for settings (such as Eastern Time Zone, administrative password) like you did in Task #2.
!!! NOTE: Make certain NOT to accept the default computer name. Use a smaller name (like three letters), otherwise, the telnet server package will NOT be installed by default - Choose Application Server as one of the packages.
- Complete the other defaults, and allow the system to reboot.
- Upon boot-up, similate pressing the <ctrl><alt><del> keys by selecting in the Virtual Box Window menu: Machine, then selecting Insert Ctrl-Alt-Del in order to allow the login screen to appear.
- At the Windows Server Post-Setup Updates screen, do NOT perform any updates, and proceed with exiting the screen.
- You will proceed to a Windows Server Post-Setup Wizard to help manage your server (like installing services or roles). Make certain that the following wizard settings (or roles) have been added to your Windows server Virtual Machine (for later exploitation):
- NO Updates / NO Automatic Updates
- In the Manage Your Server section, make the following selections (add roles):
- IIS
- NOTE: Select Administration, Add Software, view existing services, select IIS, click Details, and then select FTP server.
- SMTP SERVER
- TELNET SERVER
- NOTE: Select Administration, Services, scroll down the list to Telnet, right-click a select View Properties, enable telent server, Apply settings, and then Start the telent server.
- SSH SERVER
- NOTE:You can download and install FreeSSH from the following URL:
http://www.freesshd.com/freeSSHd.exe.
- NOTE:You can download and install FreeSSH from the following URL:
- Verify that all the above-mentioned services are running.
- Make certain that Firewall is DISABLED. </ul>
</ol>
</p> - IIS
</ul>
- Proceed to "Completing the Lab".
Answer Task #3 observations / questions in your lab log book.
Completing the Lab
Arrange evidence for each of these items on your screen, then ask your instructor to review them and sign off on the lab's completion:
- Booted Kali Linux (host) with running Vulnerable Linux (VM) and Vulnerable Windows 2003 Server (VM).
- Proof of following installed servers, applications, or settings on your vulneable Linux System:
- FTP, SMTP, Web Server, SSH Server, TELNET, NO Firwall is running, SELinux is disabled
- Proof of following installed servers, applications, or settings on your vulnerable Window 2003 Server:
- NTFS Partitions, IIS, SSH Server, TELNET, NO Firewall is running
- Completed Lab 1 notes.
Preparing for Quizzes
- Briefly list the steps to setup a computer system to practice penetration testing (for a Linux and Windows machine) on your own (without having to test another organization's computer system and seeking their approval).
- Write a Linux command to run Xwindows from a text-based console (assuming that Xwindows has been installed).
- Write a Linux command to display the status of all running or non-running services on the system.
- Write a Linux command to confirm that the firewall is disabled.
- List the steps to add the user called msaul in the sudoer's file in order to run super-user utilities.
- Write a Linux command to create an unpriviledged user called user1. You can assume that you are currently logged in a regular user, but you have administration priviledges in the sudoer's file.
- List 3 important types of settings to consider when creating a Virtual Machine using a VM application such as VirtualBox.
- Write a Linux command to change the password of an existing user.
- Write a Linux command to start the SSH server.
- Why is it userful to setup a host (with virtual machines) as it relates to penetration testing?