Page 2 of 2 FirstFirst 12
Results 11 to 17 of 17

Thread: Hardware vs. Virtualization for a first time pen-test lab

  1. #11
    Just burned their ISO
    Join Date
    Nov 2012
    Posts
    10

    Default Re: Hardware vs. Virtualization for a first time pen-test lab

    A VM is stored the same way as any other files on your computer. Simply delete the VM's folder (saved in "My Documents" on Windows hosts by default) when you are done with them. However, this might not be the wisest move. VMware and VirtualBox both have a "snapshot" feature so you can save the state of a VM at a particular point in time. I set up a "Base Install" snapshot for all my VM's so they can all be restored to just after initial configuration saving me the time and effort of setting them back up again. This is particularly helpful with the BT5 VM since running as root can have disastrous consequences in the event of a mistake.

  2. #12
    Just burned their ISO
    Join Date
    Nov 2012
    Posts
    15

    Default Re: Hardware vs. Virtualization for a first time pen-test lab

    Quote Originally Posted by Dyndrilliac View Post
    A VM is stored the same way as any other files on your computer. Simply delete the VM's folder (saved in "My Documents" on Windows hosts by default) when you are done with them. However, this might not be the wisest move. VMware and VirtualBox both have a "snapshot" feature so you can save the state of a VM at a particular point in time. I set up a "Base Install" snapshot for all my VM's so they can all be restored to just after initial configuration saving me the time and effort of setting them back up again. This is particularly helpful with the BT5 VM since running as root can have disastrous consequences in the event of a mistake.
    Ok that's good to know - thanks! I don't think I was too clear with my question though - after I have attacked a virtual machine and exploited it, is it safe to leave that file on my computer after I have quit VM and switched to using my laptop for other functions. In other words, once a VM machine (Victim) has been exploited, does it need to be restored back to the "base version" or is it ok to quit VM and leave the exploited OS file as is?

    Finally - would anyone make any recommendations about where to download OS's to use as my victims? I'm pretty sure I have an old copy of XP that I could use, but are there other free VMs available on the internet that I could use to practice attacking with BT?

    Again - thank you so much for all your help!

  3. #13
    Just burned their ISO
    Join Date
    Nov 2012
    Posts
    10

    Default Re: Hardware vs. Virtualization for a first time pen-test lab

    It all depends. For example if you were launching a password attack, trying to hijack a session, trying to perform a DoS, or cause a crash then you're most likely safe with a reboot. On the other hand if you were creating a backdoor, testing malware, or reverse-engineering a suspicious binary then you probably should roll the VM back.

  4. #14
    Just burned their ISO
    Join Date
    Nov 2012
    Posts
    15

    Default Re: Hardware vs. Virtualization for a first time pen-test lab

    Ok so I've got VMware player downloaded plus my 2 virtual machines set up. For both machines I went to: Edit virtual machine settings > Network Adapter > and selected Host-only. Am I missing anything or am I ready to start testing?

  5. #15
    Just burned their ISO
    Join Date
    Nov 2012
    Posts
    15

    Default Re: Hardware vs. Virtualization for a first time pen-test lab

    Ok so just to make sure I got this right - I went to my VMware Virtual Player and I went to each VM (Backtrack and Windows XP) and went to: Edit Virtual Machine Settings > Network Adapter > and switched the Network Connection to Host-Only. Am I ready to start testing Backtrack against Windows XP?

  6. #16
    Junior Member rastamouse's Avatar
    Join Date
    Oct 2012
    Posts
    32

    Default Re: Hardware vs. Virtualization for a first time pen-test lab

    Sounds like it. An easy way to test them, is to boot up both VMs and try to ping them from each other.

  7. #17
    Just burned their ISO
    Join Date
    Nov 2012
    Posts
    15

    Default Re: Hardware vs. Virtualization for a first time pen-test lab

    Quote Originally Posted by rastamouse View Post
    Sounds like it. An easy way to test them, is to boot up both VMs and try to ping them from each other.
    Ok so I booted up both machines. I used the Windows XP machine to test and see if I could ping www.google.com and it was not able to so I figured that meant I was definitely disconnected from my wireless network (good). I then used Backtrack to ping my Windows machine - no problem there either. However, when I went to use my Windows machine to ping Backtrack I got a "Host is unreachable" message. I verified the Backtrack ip address using ifconig in the terminal window. Did I miss something?

Page 2 of 2 FirstFirst 12

Similar Threads

  1. Pro's and Con's of using Virtualization products with BT.
    By cynicalpsycho in forum Beginners Forum
    Replies: 7
    Last Post: 03-17-2010, 06:08 AM
  2. 2.6.30.5 Virtualization
    By prowl3r in forum OLD BackTrack 4 General Support
    Replies: 7
    Last Post: 10-15-2009, 10:43 PM
  3. Pycurl : libcurl link-time version is older than compile-time version
    By williamc in forum OLD BT3beta Software related issues
    Replies: 3
    Last Post: 04-07-2008, 10:58 PM
  4. Replies: 6
    Last Post: 03-21-2008, 03:03 AM
  5. Virtualization
    By RageLtMan in forum OLD BT3beta General
    Replies: 1
    Last Post: 12-28-2007, 12:43 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •