Thursday, 6 September 2012

How to setup VirtualBox with BackTrack 5 and XP

Hey guys,

This is the follow-up from the previous post where I was talking about migrating from VMware to VirtualBox. After doing some googling I came across this guide:

This guide recommends exporting the VMware image as a vmdk/ovf and then importing it into VirtualBox. I followed the guide but unfortunately when booting in VirtualBox I got the error:

"Error loading operating system"

In an attempt to address potential Windows errors I downloaded a copy of Spotmau PowerSuite 2009 and tried to repair the Windows installation. This had no effect. However I was able to mount the drive and access my files. I think the real issue was the change in virtual hardware, the post here details a potential work around:

Like in my previous post the easiest option is usually the best so I decided to just re-install Windows XP from ISO on VirtualBox and within 10 minutes I was up and running. This is super simple on VirtualBox, just create a new machine with all default settings, open the settings for the machine, go to storage and select the CD icon. On the right just browse to your ISO and press ok. Start the machine and it should boot from CD.

With BackTrack and XP both up and running the next thing on the list was networking.

By default the machines are set to use NAT. VirtualBox creates a virtual router that the virtual machines connect to and grab addresses from a virtual DHCP server. NAT allows the machines to access the outside internet however does not permit communication between virtual machines. As I'm going to be attacking my machines I'm going to need to communicate with them. So instead of NAT I'm going to be using Bridged mode.

In Bridged mode VirtualBox uses a device driver on the host system to intercept virtual machine traffic from the physical network adapter. This configuration allows different virtual machines to connect to each other as well as the internet.

To configure Bridged networking, go to the settings for your machine, select network and then select "Bridged Adapter" from the "Attached to:" menu. Under advanced I also configured promiscuous to "Allow VM". In simple terms the promiscuous mode setting defines what traffic will be visible when you sniff the network interface in your virtual machine. I'm using my wireless adapter for the bridge and for regular internet surfing so if I were to select "Allow all" this traffic would clog up my sniffer. I'm only interested in sniffing the traffic moving between my virtual machines, so I selected "Allow VM". Remember though in a standard switched network you will effectively be working under the "Deny" setting as traffic not destined for your IP would not be forwarded to your switch port!

More info on network settings:

Once the changes have been made reset your VM's and they should now all be able to attack talk to each other. Also remember to disable Windows firewall!

Your lab is now ready for use! Go grab a few different versions of Internet Explorer/Java/Adobe and get exploiting :)


No comments:

Post a Comment