Mysterious boxes lab setup
“Give me six hours to chop down a tree and I will spend the first four sharpening the axe.” - Lincoln
Setting up
Directory tree
USB
│
└───null-workshop-packet-crafting-scapy
│
└─────labs
│
└───mysterious_boxes_lab
import_labs.sh
start_labs.sh
stop_labs.sh
...
import_labs.bat
start_labs.bat
stop_labs.bat
Follow the guidlines listed below depending on your primary/host OS.
Linux/Mac
Step I
- Copy the directory ‘null-workshop-packet-crafting-scapy’ from USB provided on to your machine.
Step II
- Install VirtualBox(preferably 5.0 or later). Installers are provided in the directory copied.
Step III
cdinto the sub-directory mysterious_boxes_lab
-
Run the script
import_labs.sh- This script will import all the OVA files from the directory into your VirtualBox.
- In the end, this script will display list of all the VMs available in VirtualBox.
- If you see victim1, victim2, attacker in the VMs list, the importing is sucessful.
-
Run the script
start_labs.sh- This script will setup and run your lab VMs.
- All the victims will run in the background. You’ll be presented with only one VM, which will be our attacker.
- This script will display list of all the running VMs in the end.
- If you see two victims and an attacker in the list, you are ready!
- Run the script
stop_labs.shwhen done with the labs. This will gracefully shutdown all the lab VMs.
Windows
Step I
- Copy the directory ‘null-workshop-packet-crafting-scapy’ from USB provided on to your Windows machine.
Step II
- Install VirtualBox(preferably 5.0 or later). Installers are provided in the directory copied.
Step III
cdinto the sub-directory mysterious_boxes_lab
-
Run the script
import_labs.bat- This script will import all the OVA files needed into your VirtualBox.
- In the end, this script will display list of all the VMs available in VirtualBox.
- If you see victim1, victim2, attacker in the VMs list, the importing is sucessful.
-
Run the script
start_labs.bat- This script will setup and run your lab VMs.
- All the victims will run in the background. You’ll be displayed only one VM, which will be our attacker.
- This script will display all the running VMs in the end.
- If you see two victims and an attacker running, you are ready!
- Run the script
stop_labs.batwhen done with the labs. This will gracefully shutdown all the lab VMs.
Troubleshooting(Windows)
- All the scripts assume the VirtualBox installation is at
C:\Program Files\Oracle\VirtualBox. Incase if the installation is at a different location, edit the following line in script manually to point to the right location.
PATH=%PATH%;C:\Program Files\Oracle\VirtualBox
- All the VMs have host-only interface turned on by default. Windows interface naming convention tend to be inconsistent. In case you are having trouble starting VMs due to network interface name, change the interface name in script manually to match your VirtualBox host-only adapter interface name.
vboxmanage modifyvm "victim1" --nic1 hostonly --hostonlyadapter1 "your_interface_name_here"
Topology
Host machine
- Host OS is the primary Operating System on which you are running VirtualBox
- Host OS is on the same sub-net as the VM’s
Attacker machine
Username: attacker
Password: attacker
Python third-party modules available - scapy
Other security tools available - nmap, wireshark, dsniff, macof, tcpdump.
- The VM displayed after running
start_labs.shis our attacker. - This is our ‘base box’ for this workshop from where we orchestrate our attacks.
- Login using the above credentials and run
startxcommand to get a GUI. - The GUI is openbox based, it is intended to be super minimal so don’t be surprised about lack of some ‘features’.
Readme.txtfile in home directory has more info on tools installed and essential commands etc.
Victim machines
- Bunch of pre-configured VM’s.
- Configured to run in the background(headless mode).
- Victims vary in their operating systems, listening services and security policies, nothing fancy though.
The Goal
To find as much information as we can about the victim machines using Scapy on attacker machine.
- Fingerprinting OSs.
- Find listening services.
- Understand security policies.