Floating Assignment Pentesting Lab (SEC 335) - Chromosom3/TechNotes GitHub Wiki

Downloading Dependencies

For this environment, we will be using VMware Workstation Pro as the hypervisor to keep things simple. We will be using four different operating systems in the environment. Those operating systems are Kali Linux, CentOS 6.5, Xubuntu 22.04, and VyOS 1.4. The links to download the ISOs for each of these operating systems can be seen below. Additionally, a link to download VMware Workstation can be found below. Note: VMware Workstation does require a license. That being said you can do some Googling to find one for free.

Download Links:

• Kali Linux
• CentOS 6.5
• Xubuntu 22.04
• VyOS 1.4
• VMware Workstation 16 Pro

Configuring Virtual Networks

By default, VMware Workstation has three networks. These three are VMnet 0, VMnet 1, and VMnet 8. For this lab, we will be making three new VM networks. Those new networks will be VMnet 4, VMnet 5, and VMnet 6. They will have an IP subnet of 10.0.X.0/24 where X represents their VMnet number. The networks should be host only and the options “Connect a host virtual adapter to this network” and “Use local DHCP service to distribute IP address to VMs” should both be unchecked. Use the figure below as a reference.

Configuring Virtual Machines

Kali Linux

The first VM we will be creating is a Kali Linux virtual machine. For my environment, I am setting up the base Kali virtual machine to have 4 GB of RAM, 2 Processors, and 40 GB of disk space. The disk is also set to thin provisioning which means it will only take up the amount of space it is using. The alternative is that it allocates all the space you set for the disk. Once the VM is at the installation complete screen power it off. Do not let the VM boot into the OS. This is to prevent us from having to generalize it in the future. Now right-click the VM, select manage, then clone. Following the wizard create a linked clone of the VMs current state.

VyOS 1.4

Now that the Kali Linux system has been created we will create VyOS VM. This virtual machine will act as the gateway between our NAT network and the newly configured VM networks. This VM should be configured with 1 GB of RAM, 1 Processor, and 8 GB of disk space. Make sure that there are two network adapters configured on the system. For now, they can be left on the NAT network. Once the VM boots, you will sign in with the default credentials of vyos:vyos. Next, you will run the install image command to begin the installation process. Use the default settings for the installation. Once the installation is complete reboot the virtual machine. Log in to the virtual machine once more and generalize the installation. To generalize, we will need to delete the MAC addresses from the configuration file. Run the following commands.

configure
show interfaces
delete interfaces ethernet eth0 hw-id
delete interfaces ethernet eth1 hw-id
show interfaces
commit
save

Following these commands, you can run the poweroff command to shutdown. From here disconnect the CD ROM and then take a snapshot of the VM. Now create a clone of the virtual machine using the snapshot you just created. On the clone, run the following commands to configure the network settings. Make sure to change the second network adapter to VMnet 5.

# 192.168.229.2 is the NAT gateway. This is not the same as the VMnet8 address
# VMnet8 should be 192.168.229.1 on the host .2 is the GW
configure
set interfaces ethernet eth0 address 192.168.229.10/24
set interfaces ethernet eth0 description "Nat on VMware Host"
set interfaces ethernet eth1 address 10.0.5.2/24
set interfaces ethernet eth1 description "VMNET5-RANGE"
set protocols static route 0.0.0.0/0 next-hop 192.168.229.2
set system name-server 192.168.229.2
set service ssh listen-address 192.168.229.10
commit
save

CentOS 6.5

The final virtual machine that will be created for the environment is a CentOS 6.5 VM. This VM is configured with 1 GB of RAM, 1 Processor, and 20 GB of storage. This VM is not on the NAT network. Instead, it is connected to VMnet 5. Using the CentOS installer we will select web server and customize the web server. Under Development select Development tools and Server Platform Development. Now reboot the system. Run the following commands to get the system setup for generalization.

useradd deployer
passwd deployer
usermod -aG wheel deployer
nano /etc/sudoers
# Uncomment out the %wheel ALL=(ALL) ALL
nano /etc/sysconfig/network-scripts/ifcfg-eth0
# Remove HW ID
# Add ONBOOT=yes
# Remove UUID
cd /etc/udev/rules.d
rm 70-persistent-net.rules

Next, install VMware tools. To do this mount the media and then run the following commands.

mount /dev/cdrom /mnt
cd /mnt
# Tab complete the VMware tools name 
cp VMwareTools /tmp
cd /tmp
# Tab complete the VMware tools name
tar xf VMwareTools
cd vmware-tools-distrib
chmod +x vmware-install.pl
./vmware-install.pl
# Use all the defaults

Once VMware tools finish installing you can clean up the temp directory (cd /tmp; rm -rf *) and shut down the virtual machine. Remove the CD ROM from the virtual machine and then take a snapshot. Using the snapshot create a linked clone.

Configuring Networking

Now that the VMs are all set up let's make some network changes to allow everything to work correctly. On VyOS run the following commands.

configure 
set service dhcp-server global-parameters 'local-address 10.0.5.2;'
set service dhcp-server shared-network-name DHCPPOOL authoritative
set service dhcp-server shared-network-name DHCPPOOL subnet 10.0.5.0/24 default-router '10.0.5.2'
set service dhcp-server shared-network-name DHCPPOOL subnet 10.0.5.0/24 domain-name 'range.local'
set service dhcp-server shared-network-name DHCPPOOL subnet 10.0.5.0/24 lease '86400'
set service dhcp-server shared-network-name DHCPPOOL subnet 10.0.5.0/24 range POOL1 start '10.0.5.50'
set service dhcp-server shared-network-name DHCPPOOL subnet 10.0.5.0/24 range POOL1 stop '10.0.5.100'
commit
save

Now that DHCP is configured we can move on to the VPN for the lab. To install wireguard on kali run the following commands.

sudo apt install wireguard -y
cd /etc/wiregaurd/
umask 077
wg genkey | tee privatekey | wg pubkey > publickey

Switching back to VyOS we will need to run the following commands to configure wireguard.

generate pki wireguard key-pair install interface wg0
# Save the output of the above command.

configure
# Change the private key to the one from above. 
set interfaces wireguard wg0 private-key ''
set interfaces wireguard wg0 address '10.0.99.1/24'
set interfaces wireguard wg0 port '51820'

# Get this information from the kali box
set interfaces wireguard wg0 peer namegoeshere allowed-ips 'IP'
set interfaces wireguard wg0 peer namegoeshere public-key 'keygoeshere'

# Example of the above commands
set interfaces wireguard wg0 peer kali allowed-ips '10.0.99.100/32'
set interfaces wireguard wg0 peer kali public-key 'PPiKdpvzJJGKUQX2c1j6OR5xH8A9sXmdx5T2PXDwsTM='

commit
save
exit

# Need this for Kali
show interface wireguard wg0 public-key

Now returning to Kali you will need to do the following to configure the VPN connection.

cd /etc/wiregaurd/
nano wg0.conf
# File Contents Start
[Interface]
PrivateKey = KALI_PRIVATE_KEY
Address = 10.0.99.100/24
[Peer]
PublicKey = VYOS_PUBLIC_KEY
EndPoint = 192.168.229.10:51820
AllowedIPs = 10.0.99.1/32, 10.0.5.0/24
# File Contents End
sudo wg-quick up wg0

Reflection

This assignment was useful. Having had a home lab for the past 5 years I understand how beneficial they can be. I hadn't set up an environment for penetration testing so I found this assignment was a good starting point. It had also been a little while since I used wiregaurd so it was a nice refresher. Working with linked clones and templates was a some what new thing for me. I had limited experience working with templates in the past. My only regret with this assignment was not having the time to get it setup on my ESXi server. I didn't want to use a VCSA in my environment so doing linked clones was not an easy option. I think the benefit of linked clones might out weigh my desire to not have a VCSA deployed in the future.