I have not forgotten about the wireless assessment side of things, don’t worry it will continue and thanks for all the feedback so far everyone 🙂
Creating your own ethical hacking lab is a great way to understand how exploits work and how the lack of configuration on systems can lead to compromise.
The following are currently in my lab (Feel free to add more to yours):
Windows Server 2008 R2
Windows Server 2012
First download and install VirtualBox and the extension pack for whatever platform you are using, in my case today I am using Windows for this.
Excellent you followed the Next, Next, Next process and got everything installed!
Now download pfsense first to act as an internal router for all your devices to easily communicate, you can also do this with a windows server by using dhcp but pfsense is light and fast and fit for purpose.
Click on new up the top left to create a new virtual machine
Give it a name, select a type and a version, below should work for you
Create the hard drive now
Leave it at VDI and click next
Leave the drive as dynamic as this will not use all the space you allocate until it is needed, it saves on space if you allocate too much.
8GB’s is fine for the size so click create
Now that is is created you will see the following in your VirtualBox Manager
Either right click it and settings or click the settings button up the top right
Under the System / Motherboard tab untick the floppy and move the disk and Hard disk up like I have below
Under the storage heading click on the Empty disc under and then select the disc on the right next to where it says IDE Secondary Master and select the location of your pfsense ISO to boot from
It should then look like this once selected
Move to Network next and select Internal Network from the drop down menu like below
Next Click on adapter two, tick the box to enable the Network adapter and repeat the same process
Repeat for adapter 3 also
You now have the option to turn on the WAN, LAN and a DMZ as you wish but for now we will leave them all as internal and start it up and install pfsense
Just let it boot up automatically
Next select ‘I’ for installer
Just accept the settings here
Just select the quick and easy install
It installs in seconds
Select Standard Kernel
At this point untick the pfsense ISO down the bottom right to stop it from booting up again
First boot should then look like below, if it doesn’t just shut it down make sure the disc is unticked and start it up again
Select no to VLANs, you can always do this later anyway if you want. Take note of your interfaces at this point too eg em0, em1 and em2 as these are your WAN, LAN and DMZ NIC’s
em0 = WAN
em1 = LAN
em2 = DMZ
Enter em1 for the LAN
Now enter em2 for what will become a DMZ at some point and then finally press Enter to end this process as you are finished setting the NIC’s
Enter ‘y’ to accept your settings and make the changes followed by Enter
Be patient for a minute or two while the changes are processed
When finished you will be passed to an option’s screen
Select option 2 to assign an interface IP address to the LAN that isn’t 192.168.1.1 as we are going to use 10.0.0.0/24 for the lab and configure it to provide DHCP so all of our lab machines automatically get assigned an IP address and can communicate with one another
Give a range of IP addresses you wish to allocate over DHCP and select no to reverting the http web interface
Once you press Enter you are then dropped back to the options screen
As I already have other systems configured in VirtualBox on the internal network NIC’s I can verify connectivity to pfsense by spinning one up and pinging it like below and see that all is ok with the DHCP, if you have nothing else setup yet you can just wait for the next lesson or build another system and see what happens.
You can also access pfsense webConfigurator from another machine in the same range via it’s IP address you already assigned, just navigate to the IP address in your browser
Select ‘I understand the Risks’ –> ‘Confirm Security Exception’ to gain access to the web interface as it is using a custom certificate and therefore unknown but it is safe to accept
Login to the webConfigurator with the username ‘admin’ and password ‘pfsense’ as these are the defaults set
That’s it, you are now logged into pfsense from another system in your internal LAN, I will leave you here to play around with settings and break things, even allow a real Internet connection into the other machines in your test lab through the WAN connection using the Bridging or NAT mode on NIC 1. Have Fun 🙂