Samer Aoudi
EH Pentest Lab Environment Network Traffic Analysis Wi-Fi Security Malware Analysis Reconnaissance Social Engineering Network & Port Scanning Sniffing Attacks Intrusion Detection & Prevention
Courses CTF Platform Security Tools Commands Cheatsheet Awareness Blog About
Setting Up a Lab Environment

In this practical activity, you will set up an Ethical Hacking (Pentesting) lab environment. Setting up a penetration testing lab requires careful planning to ensure it provides a safe, functional, and realistic environment to practice ethical hacking. A typical isolated setup would have the following components:

[Attacker Machine]
       |
[Router/Firewall]
       |
[Target Network]
    [Target VM1]   
    [Target VM2]
    [...]
Why this activity? Our setup provides a well-rounded environment for practicing penetration testing while ensuring safety and realism. Setting up a pen testing lab environment is a crucial skill for a penetration tester
Baseline Knowledge Basic understanding of networking
Requirements Windows PC (min 16GB RAM) with VMWare Workstation
Downloads Kali Linux, Windows 10 Target, Metasploitable 2
Duration 50min
HCT students don't need to download the files above. The three machines are available on your lab PC. Check with your instructor.
Related Videos:

Task #1: Set Up Attacker Machine

Objectives: In this task, you will set up the first component of the lab environment; namely, the attacker machine. For our setup, we will use Kali Linux for this purpose. We will use this attack machine (AKA, Tiger Box) to attack targets (i.e., conduct pentests).

Must Know:

Kali Linux Kali Linux is the new generation of the industry-leading BackTrack Linux penetration testing and security auditing Linux distribution. Kali Linux is a complete re-build of BackTrack from the ground up, adhering completely to Debian development standards.” (Source and to learn more: http://docs.kali.org/). Kali Linux is a free open source toolbox with more than 600 penetration testing tools included. Kali Linux will be our main tiger box (toolbox).

The virtual networking components in Workstation Pro include virtual switches, virtual network adapters, the virtual DHCP server, and the NAT device. You can configure bridged networking, NAT, and host-only networking for virtual machines.
Bridged Networking Bridged networking connects a virtual machine to a network by using the network adapter on the host system.
NAT Networking With NAT, a VM does not have its own IP address on the external network. Instead, a separate private network is set up on the host system. In the default configuration, a virtual machine gets an address on this private network from the virtual DHCP server. The VM and the host system share a single network identity that is not visible on the external network.
Host-Only Networking Host-only networking creates a network that is completely contained within the host computer. Host-only networking provides a network connection between the VM and the host system by using a virtual network adapter that is visible on the host OS.

Note: Our Virtual Machines (VMs) are pre-installed, and available as files that we can copy, paste, move, and open. The alternative is to download a disk image (i.e. an ISO file) and do the installation yourself. The 2nd option is time consuming and more advanced.
Expert Mode
  1. Download and set up the latest version of Kali Linux for your hypervisor (e.g., VMWare Workstation for our setup)
  2. Configure Kali's network settings to NAT
  3. Perform an update and an upgrade on Kali
Regular Mode
Task in details »
    Note: The steps below are based on VMWare Workstation. You can skip steps 1-3 if the VM is already provided by your instructor
  1. Visit the Kali Linux Download page, and find the Virtual Machines category
  2. Choose your architecture (64 vs. 32 bits). If not sure, most modern computers are 64 bits
  3. Download the VM file that suits your hypervisor. For VMWare Workstation, download the 7z file: kali-2024.3/kali-linux-2024.3-vmware-amd64.7z (version may vary)
    4. Note: If you want to perform a full installation (advanced), you can download the appropriate Bare Metal (i.e., .iso disk image) version. This is the best option if you want to install on an Apple machine with an M chip
  4. Extract the Kali archive file into your Document/Virtual Machines folder (create it the folder if needed)
  5. Open VMWare Workstation and from the File menu, click Open. Browse to the Document/Virtual Machines folder and select the Kali VM (VMX file)
    6. Note: If you are using Oracle VirtualBox, open the OVA file. If you are doing a full installation (advanced), read the detailed guides Virtualization Guides »
  6. Click the VM menu and select Settings
  7. Click Network Adapter and select the NAT option. Click OK when done
    8. Notice Kali's credentials in the Description section before you power it on
  8. Start Kali and log in using the following credentials: (kali/kali)
  9. Explore your Kali and make sure you know your way around it. This is the absolute minimum knowledge you should have: a) file system; b) available applications; c) basic linux commands; d) installing new tools and updating existing ones
  10. Start a new Terminal window
  11. Get Kali's IP address ip a
  12. First let's update Kali using the following command sudo apt-get update

Objectives: In this task, you will set up two target machines; namely, Metasploitable 2 and Windows 10. With the Attacker Machine (Kali Linux) ready, and the Firewall left for a later activity, we need a Target Network to attack:

[Attacker Machine]
       |
[Router/Firewall]
       |
[Target Network]
     [Metasploitable2 VM]
     [Windows 10 VM]   
    [HawkEye VM]
    [Exam VM]
    [Project VM]

Must Know:

Vulnerable Targets There are hundreds of intentionally vulnerable VMs that you can use. One popular source is VulnHub », where one of our targets can be found.For exams and projects, we will use different targets.
Warning! Running a vulnerable VM on your machine can be risky. To ensure you are protected, isolate the vulnerable VM using the network adapter settings discussed in the previous task. When you use discoverable settings, you can disconnect from the Internet.
Expert Mode
  1. Download and set up Metasploitable 2 to be part of your target network. Download from (VulnHub)
  2. Power on the Metasploitable 2 target VM in VMWAre Workstation
  3. Repeat the steps above for the Windows 10 target (download here »)
  4. From Kali, perform a Host Discovery scan on the target network
  5. Ping the two targets
Regular Mode
Task in details »
    Note: You can skip step 1-4 if the VM is already provided by your instructor
  1. Visit VulnHub and search for Metasploitable
  2. Click the Metasploitable: 2 VM
  3. Read the description and other details on the page
    4. Note: The step above will help you select other targets in the future (eg., for your project). Notice the Format: Virtual Machine (VMware) and Operating System: Linux
  4. Download the metasploitable-linux-2.0.0.zip file from one of the download sites
  5. When the download is complete, unzip the file in your Documents/Virtual Machines folder
  6. Open your VMWare Workstation and from the File menu, select Open
  7. Navigate to the unzipped folder and select the Virtual Machine Configuration file VMX to open (it would be the only accessible file)
  8. Edit the VM Settings → Network Adapter Settings → NAT
  9. Run the new target VM
    10. Note: Don't log in to the target VM. In real life this would be a machine we will attack and therefore, we will not have its login credentials readily available!
  10. Go to Kali open a new Terminal window
  11. Get Kali's IP ip a
    12. Note: the ip a command provides the displays detailed information about all network interfaces, including their IP addresses. In the screenshot below, you can see two network interface names (eth0 and lo). The loopback interface lo has the loopback IP 127.0.0.1 which is a special IP address used by a computer to communicate with itself. The relevant interface for us is eth0 (ethernet 0). In the screenshot below, Kali's IP address is 192.168.135.154 and the network address is 192.168.135.154/24 (i.e., 24 bits of this address, or 192.168.135, represent the network).
    ip a
    ip a output
  12. Copy the entire IP address with the /24 from eth0 interface
  13. Scan the network to discover the target's IP using the following command and your own IP address
    nmap -sn <your target network address> (e.g., nmap -sn 192.168.135.154/24)
    14. Note: in my network, shown in the screenshots, Kali's IP address is 192.168.135.154 and a quick host discovery scan reveals 4 live hosts. One of them is Kali and the other one is the Metasploitable target. Then what are the other two (192.168.135.1 and 192.168.135.2)? The .1 address is often assigned to the default gateway or router of the network. The .2 address is often assigned to the host machine’s virtual network adapter that connects it to the virtual network. This allows the host operating system to communicate with the virtual machines (VMs) in the network. Knowing this, I can then conclude that my Metasploitable IP is 192.168.135.155 (your maybe different).
    nmap sn
    NMAP Host Discovery
  14. Ping the target's IP address ping 192.168.135.155
  15. Download the Windows Target here » (skip this if your instructor already provided Windows 10)
  16. Extract the contents and open in VMWare Workstationas you did before
  17. Ensure the network adapter is NAT and power on the machine
  18. Login using the credentials samer/password
  19. Launch a terminal window and get the IP address ipconfig
  20. Conduct a host discovery scan using nmap as you did before nmap -sn <your network address>
  21. You should be able to see the Windows target IP address in your scan results
  22. Ping the Windows target ping <windows ip>
    23. Our lab setup is now ready: 
    [Attacker Machine]
       |
[Router/Firewall]
       |
[Target Network]
    [Metasploitable2 VM]
    [Windows 10 VM]   
    [HawkEye VM]
    [Exam VM]
    [Project VM]
     Linux Update vs. Upgrade The update command only updates the package list with the latest available versions, however, it does not install or upgrade the package. The upgrade command actually upgrades and installs the latest versions of packages that are already installed. Upgrade will take long and it's recommended you do it at the end of the lab activity
  23. As a final step, let's upgrade Kali using the following command, and note that the upgrade might take more than an hour to complete sudo apt-get upgrade
Name
Red fields are required.
Oracle VirtualBox
VMWare Workstation
Microsoft Hyper-V
Kali Linux
Metasploitable 2
Windows 10
Bridged
NAT
Host-Only
Virtual Machine Configuration (VMX)
Virtual Machine Configuration (VMW)
Virtual Machine Metadata (VMDK)

               
© Samer Aoudi 2005-2024