Class 3 Lab 3 ‐ OpenDLP Installation - Justin-Boyd/CIT-Class GitHub Wiki
Task 1: Install Guest Additions CD Image
Step 1
Click Devices and select Insert Guest Additions CD image….
Step 2
Open File Explorer, navigate to Computer, and double-click CD Drive (D:) VirtualBox Guest Additions.
Step 3
Double-click VBoxWindowsAdditions to start the installation.
Step 4
Click Yes for the request to make changes.
Step 5
Click Next in the Welcome window.
Step 6
Click Next in the selection for the installation location.
Step 7
Click Install in the feature selection window.
Step 8
Click Install in all windows associated with device software installation.
Step 9
Make sure Reboot now is selected, and click Finish.
Step 10
After the reboot, click Devices, select Drag and Drop, and select Bidirectional. If you still cannot drag and drop folders/files, go to Shared Folders under Devices and choose the folder path with the files you want to drag and drop.
Note: Resetting the drag and drop or restarting your VM is sometimes required to allow drag and drop to work.
Task 2: Deploy and Configure OpenDLP
Step 1
In your host machine, right click OpenDLP.rar and select Extract Here.
Note: Make sure your machine has WinRAR or 7-Zip.
Step 2
Open the folder OpenDLP.
Step 3
In the folder, open Files.
Step 4
Double-click OpenDLP.ova to import it to VirtualBox
Step 5
Deselect the USB controller, and click Import.
Step 6
In the VirtualBox interface, select Tools and then Preferences.
Step 7
Navigate to Network and add a new NAT network.
Step 8
Click OK to finish.
Step 9
Select the OpenDLP virtual machine and click Settings.
Step 10
Navigate to Network and select NAT Network with the network you created. Click OK to finish.
Step 11
Repeat steps 9 and 10 for the Windows 7 VM.
Step 12
Start the OpenDLP machine and log in with username opendlp and password opendlp
Step 13
Run the command ip addr and note that the interface did not receive an IP address. Write down the interface name.
Step 14
Use the command sudo nano /etc/network/interfaces and enter the password opendlp when prompted.
Step 15
Change the interface name to the correct one, press Ctrl+o, and then press Ctrl+x to save the file.
Step 16
Use the command sudo ifdown -a && sudo ifup -a to restart the interface.
Step 17
Run the command ip addr and note the IP address.
Step 18
Start the Windows 7 virtual machine and log in.
Step 19
Click the Windows icon, search for CMD, and open it.
Step 20
Use the command ping to verify that the machines can communicate with each other.
Step 21
Use the command ipconfig and write down the IP address for later use.
Step 22
Use the command hostname to identify the machine's name and write it down for later use.
Step 23
In the OpenDLP machine, use the command sudo nano /etc/hosts to open the host’s file.
Step 24
Add the Windows 7 host name (with capital letters) and IP address to the file, as seen in the image. Press Ctrl+o and then Ctrl+x to save the file.
Step 25
Drag the files WinSCP-5.17.5-Setup.exe and sc.exe to your Windows 7 VM.
Step 26
Double-click WinSCP-5.17.5-Setup.exe and select Install for all users (recommended).
Step 27
Click Yes when asked for permission to make changes.
Step 28
Accept the license agreement.
Step 29
Select Typical installation and click Next.
Step 30
Select the interface type Commander and click Next.
Step 31
Click Install.
Step 32
Make sure only Launch WinSCP is selected and click Finish.
Step 33
Set the file protocol to SCP, host name to OpenDLP IP Address, and port number to 22, and provide the login credentials for the OpenDLP machine. Then, click Login.
Step 34
Click Yes in the warning window.
Step 35
Click the path on the OpenDLP side.
Step 36
Choose the directory /var/www/OpenDLP/bin/ and click OK.
Step 37
Drag the sc.exe file to the /var/www/OpenDLP/bin/ directory.
Step 38
Click OK in the Upload window.
Task 3: Configure and Run an OpenDLP Scan
Step 1
Open the OpenDLP extracted folder in your machine, and drag the file client.p12 to the Windows 7 machine. Double-click the certificate to import it.
Step 2
Click Next in the Welcome window.
Step 3
Click Next in the File to Import window.
Step 4
Do not enter a password. Click Next.
Step 5
Make sure Automatically select… is selected and click Next.
Step 6
Click Finish to end the process, then click OK in the successful import message window.
Click OK in the certification confirmation message window.
Step 10
Insert the username dlpuser and password OpenDLP and click OK.
Step 11
In the web interface, click Profiles and then click Create New Profile.
Step 12
Name the profile Win7, select the scan type Windows Network Share (agentless over SMB), and select Mask Sensitive Data?.
Step 13
Fill in the rest of the information as follows:
Username: your Windows 7 username
Password: Your Windows 7 user password
Windows Domain/Workgroup: WORKGROUP
Step 14
Scroll down to Regular Expressions and select the following:
AMEX
Credit_Card_Track_1
Credit_Card_Track_2
Credit_Card_Track_Data
Mastercard
Visa
Step 15
At the bottom of the page, type 2 in Concurrent deployments, and select 1 in the Log Verbosity. Then, click Submit to finish.
Step 16
Open File Explorer, navigate to the Downloads folder, and drag the file Deployed_Agent.html inside it.
Step 17
Right click in the Downloads folder and select Properties.
Step 18
Navigate to the Sharing tab and click Share.
Step 19
Make sure your user appears and has Owner permissions. Then, click Share.
Step 20
Write down the path of the share for later use and click Done.
Step 21
In the web interface, click Scans, then click Start New Scan.
Step 22
Name the scan Win7_share, set the profile to Win7 (Win_Share), write the link to the shared download directory in Systems to scan, and click Start. Then, a window will appear. Hit YES.
Step 23
When the scan ends, navigate to View Scans/Results.
Step 24
Select the performed scan and click View Scan Details.
Step 25
Select the desired scan result and click View Results.
Step 26
The report shows that the Windows 7 machine includes a share with sensitive credit card information.