
By: Z33MAX
March 14, 2016
Part 1: Create a Complete Virtual Environment for Penetration Testing

By: Z33MAX
March 14, 2016
Creating a lab for testing is one of the important aspects of becoming a professional pentester (E-Hacker). I was creating a new Virtual Lab for my new System and thought it would be beneficial to share the steps here in the Cybrary community.
The tutorial series will have 6 parts, which will include setting up multiple virtual boxes for different OS systems and connecting them using PFsense (routing software).
The tutorial series will include:
1- Configuring Pfsense for the routing and firewall
2- Windows R2012 server
3- Ubuntu
4- Mac OS X(Yosimite)
5- Windows 10
6- Windows 8
Let's start!!!
1- Configuring Pfsense for the routing and firewall
Requirements:
- Virtualbox
- Pfsense ISO
- Winrar or 7-zip (extraction)
Pfsense is a free software that provides the routing and firewall inside the virtual machine.
Link: https://www.pfsense.org/download/?section=downloads
Tutorial guidelines:
- Downloading
- Extracting the ISO
- Installing Pfsense on the (Virtualbox Machine)
- Configuring the settings
1- Downloading the Software
- Choose Install 2.2.6 (version)
-Select i386 (32-bit) from the drop-down menu of Computer Architecture
- Choose the platform as (Live CD with Installer)
- Choose one of the mirrored images. For this tutorial, I chose the hosting by NYI.
NOTE: The file will be in the format of iso.gz (Linux compression format)
2- Extracting the ISO:
There are multiple extraction tools that can be used to the extract (gz) compressed files. I usually use winrar, as it's a very common compressor utility for Windows.
Examples: Winrar, zip, 7-zip
3- Installing Pfsense on the virtual machine :
- Create a virtual machine for the PfSense
- For the machine settings, there are not many to configure for the Pfsense box. The main focus is on adding two adapters to our machine - one is bridged and other is internal.
4- Configuring the settings
- Start the virtual a machine, and wait for it to load. It will take a minute or two to direct you to the main menu.
- Once the main menu is loaded, type 99 to move to the (Configuration Console)
- Choose (Accept these settings) option and click enter
- Choose Quick and Easy Install and click enter
- Choose Ok and click enter
- It will take a little time to finish the installation - about 2-3 minutes
- In the install Kernel step, choose Standard Kernel and click enter
- Click on Reboot
NOTE: When rebooting, remove the CD drive quickly, otherwise it's going to load back to the installation menu and you'll have to do the steps again.
- To remove the CD, click on device and remove the disk from the virtual box
- After the reboot, it should take you to the main menu again. This time, you should see the WAN address set up and ready to go. However, we still need to setup the LAN IP address. To do so, type number 2 from the menu (Assign Interfaces)
- Then type (2) to choose LAN interface
For the LAN IPV4, I choose 10.0.0.1 as the Pfsesne IP
Enter 24 for (new LAN IPV4 subnet bit count), as shown below
- Hit ENTER for the next step
- Hit another ENTER for (new LAN IPV6 )
- Type (y) for the question “Do you want to enabe the DHCP server on LAN ?”
- Enter the start address: 10.0.0.5
- Enter the end address: 10.0.0.15
- Type “Y” again to setup webconfigurator
- Login in to the PFsense page
Open another Virtualbox machine to access the router page. The virtual machine has to be set on Internal Network (Adapater) to communicate through the Pfsense firewall.
I used a Windows 10 virtual machine.
Go to the browser and type the link that you've given after configuring the PFsense. In this case, it is https://10.0.0.1/
You'll be greeted with the login page of PFsense
Username: admin
password: pfsense
The wizard will start setting up the environment
For the primary DNS IP, type the IP address of your router, NOT the PFSENSE address. It's: 192.168.1.1 - in order to get Internet connection to your box.
- Click next multiple times, then Reload. (You don't need to change anything else.
- Once you get to the dashboard, you should have the settings set up similar to the below picture
NOTES:
Important things to look for in the pfsense configuration:
- LAN IP is the same IP address of the pfsense
- Primary DNS server IP should be your router IP
- For testing, Ping 10.0.0.1 OR goog.com (YOU should be able to get reply by this point)
That’s all for this tutorial.
Any comments or suggestions on how to make better tutorials or topics you'd like me to cover are welcome.
@Z33MaxPart 2: Create a Complete Virtual Environment for Penetration TestingPart 3: Create a Complete Virtual Environment for Penetration TestingPart 4: Create a Complete Virtual Environment for Penetration TestingPart 5: Create a Complete Virtual Environment for Penetration Testing