Put your exploit playground in your pocket.

Root Add comments
Apr 262010

If you are anything like me, you have invested a lot of Social Engineering man hours, dumpster diving, and the plenty of blood, sweat and tears in building your hacking lab into something worthy of being referenced as such.  Wouldn’t it be nice to package up all that effort and take that hacking on the road with you?   This article is not only going to give you some ideas on what you can put in such a lab, but I will show you how to take Windows host machines with all of those VM’s living in them and put them into something portable.

I will try to keep this to the point and simply split it up into two sections.  Section 1 will cover what types of things you can include in such a lab. Section 2 will cover converting it all into one portable file and using that within VirtualBox.

Section 1

Adding the h4x()r

“What the hell am I going to include in my lab” was my first thought when I started putting this together.   I have created a matrix below of what my lab includes.  It is by no means an end all be all list.  I don’t want to re-invent the wheel, as Irongeek for example has the *how* to build a mapped out very well already.

My next thought was “How the hell am I going to pay for all of that?”  I ponied up for a Microsoft Technet subscription.  Its $349 well spent.  I decided I didn’t want to pay over 300 bones for that, and was able to use the power of Google and some SE trickery to get 2 free years.


Section 2

Putting it in your pocket

What you will need

  • A computer running Microsoft Windows (XP – Server 2008)
  • DSK2VHD

Really at this point, only one assumption needs to be made.

  • You have setup your Windows machine to “production” standards for your lab.

This is a good time to patch the host to the level you want, install services, load it up with apps, activate it, install your AV and update it, etc.   You may also want to make sure you have  the virtual machine solution of your choice and the VM’s can live anywhere on that local machine.  I am using VMWare with well over 15VM’s locally.  If you have an external disk or additional storage attached locally DSK2VHD will capture them and create a VHD for each HDD it can see.  Be aware that the cap here is 127Gigs.

DSK2VHD

Now would be a good time to learn about this app.  In part, from the applications’ site: I suggest you read the description in it’s entirety. Its short and sweet.

Disk2vhd is a utility that creates VHD (Virtual Hard Disk – Microsoft’s Virtual Machine disk format) versions of physical disks for use in Microsoft Virtual PC or Microsoft Hyper-V virtual machines (VMs). The difference between Disk2vhd and other physical-to-virtual tools is that you can run Disk2vhd on a system that’s online. Disk2vhd uses Windows’ Volume Snapshot capability, introduced in Windows XP, to create consistent point-in-time snapshots of the volumes you want to include in a conversion. You can even have Disk2vhd create the VHDs on local volumes, even ones being converted (though performance is better when the VHD is on a disk different than ones being converted).

Usage: disk2vhd <[drive: [drive:]…]|[*]> <vhdfile>
Example: disk2vhd * c:\vhd\snapshot.vhd

Dont be alarmed, even though this tool creates files for use in “Microsoft Virtual PC” we aren’t going to use that.  More in section 2.

Creating the snapshot

1. Download, unzip and install DSK2VHD on the host system.

2. Launch DSK2VHD

3. Select the disk(s) you want to create and set your save location.

4. Click create.

Sit back and watch it cook. My 119 gig file took.  Once its done we have a nice neat single file containing our Window server and everything that went along with it.

Now it’s time make it usable.

What you will need

  • A computer with >/= system specs to the machine from which the .VHD was created. (Note this is not a necessity, but it will determine performance)
  • Copy of Sun’s VirtualBox

One of the awesome things about VirtualBox is that is supports .VHD files, and not only that, We can run it on OSX, Linux and Windows.

Setup VirtualBox on the new host

I am going to use OSX (10.6.3) for the example here, but the Linux and Windows versions should follow pretty closely.

Now would be the time to copy the .VHD file from it’s current location to where you want to use it.  We will configure VirtualBox to use that file as an existing harddrive and boot to it.

1. Launch VirtualBox and select “New”

2.  Click Next

3. Name it and match the OS to the OS from which the .VHD file was created.

4.  Set the RAM and click Next

5.  Leave “Boot Hard Disk” checked or enabled.

5a. Select “Use Existing Hard Disk” and click browse. (Folder with the carrot)

Now we need to add the .VHD file to the available virtual disks that VirtualBox can use.

6.  Click Add and navigate to where the .VHD lives.

7. Click open, then select the newly added lab disk and click select.

8. Click next and Finish.

You will now see your lab available to start. Select it and power that bad boy up.

Wrap up

As you can see, it is pretty simple to take your physical Windows server with you.  Now you can hack it,  break it and do whatever you want and you could just revert it to a clean snapshot like any other VM.

If you decide the you want to ever use the .VHD in production, Windows 7 and 2008 Server support mounting AND booting to a VHD. Pretty sweet.

Posted by admin at 1:00 pm

Leave a Reply

(required)

(required)

_ _ _ | | | | | | | |______| | __ _ _ __| | _____ _ __ ___ ___ _ __ ___ | |______| |/ _` |/ __| |/ / _ \ '__/ __/ _ \ | '_ ` _ \ | | | | (_| | (__| < __/ | | (_| (_) | | | | | | |_| |_|\__,_|\___|_|\_\___|_| (_)___\___/|_| |_| |_| Suffusion WordPress theme by Sayontan Sinha