How to Setup an Ethical Hacking Lab

I have recently been setting up a Virtual Lab to use with Kali Linux, to safely practice some pen-testing. And just messing around with some stuff, but the first thing I needed to do before I started was to create a safe environment for myself to practice in. I did this by using VMware

VMware is a virtual machine package allowing you to run virtual machines on your main devices, this can be used for a number of different things. Such as setting up a forensics test environment to discover how some application change the machines as they are used. Or to practice ethical hacking in a safe and secure environment. This can be important because unless you had permission to practice on a real network you would be in breach of a number off different laws depending on the country your in.

This means without having access to a functional lab you’d struggle to either practice away from your studies or to even get started without the worry of getting yourself into trouble. Due to these reasons I went about setting my self up a little lab using VMware. This was very straight forward and simple to-do. And now means I can practice to my hearts content without the risk of breaking any laws.And here is how I did it.

VMWare Downlaod Page
First thing you will need to do is go to the VMware website, and download the VMware Workstation Player (And don’t worry its free for personal use)
VMware Welcome Screen
Once you have downloaded and installed VMware, you will be greeted by this window. From here we are going to select “Create a New Virtual Machine”
Create VM 1
Once you have selected to create a new virtual machine, you will have to select the ISO you wish to install (I will leave a list of Linux ISO below)
Create VM 3
Once you have selected your operating system you will be asked to enter information about the user
Create VM 4
The next step is to decided where you want to save your VM files and to name the VM if you have multiple VM’s of the same operating system this is usefulto manage and keep track of them.
Create VM 5
You will then be asked to select how much storage you want the virtual machine to have, I usually leave it around the 20GB mark but you can do what ever best suites your needs. As I only use mine for testing purpose and never store any data on them.
Create VM 6
This is the final stage before powering on your VM, and is also the stage you are give the option to assign how much hardware the VM will receive.
Create VM 7
Once you have decided how many cores and how much ram your VM is going to require you need to go down to the networking option and select Host-Only. This means that you will only be able to communicate with machines on the same virtual network as yourself.
Create VM 8
And finally you should be able to power on your virtual machine and install the operating system. Once this machine boots up you will be in your own virtual network and can practice your hacking in a safe and secure environment.

 

So if you follow all of the steps above you will be able to repeat this step to install OS such as Kali Linux, this is my go to operating system for practicing ethical hacking as it has all the tools you could need and is used within industry meaning you will have access to tools that are used by professionals.

I found it useful to play around with some older operating systems to practice on first, this tended to be Windows XP or an older version of Ubuntu. This is due to the security features on Windows 10 for example and more advance making it more of a struggle to practice. I also found the easiest way to get a Windows XP key was to have a look around the house and try and find an old laptop that ran windows XP and use the serial off that. But if you don’t have any laying round the house you can buy them on eBay for about £30.

 

Linux ISO Downloads

Can you still use a VPN with Netflix?

I remember about 5-6 years ago getting Netflix for the first time, and loved it. But i always wanted more and this was in the form of accessing the US Netflix. Due to Sky having a huge amount of the rights to shows over here in the UK some of the good stuff that the US Netflix has is limited to the US.

My first dive into this was using a services called unblock US, this was a simple services that allowed me to change my DNS settings to access the US Netflix this system was great it worked across my iPad 1 and my Xbox 360. But the issues now is that Netflix have cottoned onto the fact that people are using services like this to access Netflix and they have began to shut them down.

After doing some research into this it turn out that to do this the basically work out if the IP your connecting from is related to a VPN or DNS services. This greets  you with a message on Netflix that basically says we know you are using a VPN and if you wish to use our service please connection from it to continue. So anyway I ended up using Express VPN for a while due to my suspicions on using public WiFi and stuff. But then I released that certain connection through that VPN offered me access to the US Netflix. And they then blocked these, so I just by chance ended up using a different VPN services because they offered a good deal at the time and I just stumbled upon the fact that I could again watch the US Netflix again.

NSA GitHub – Are they really being transparent

Earlier this week it came to light that the NSA (National Security Agency) had created a GitHub account, and realises some programs on the platform.  This bring up a number of questions, firstly are they really trying to be that transparent or is it a novel way to try and win back the trust of the public.
Thankfully the source code for all of the application is available so it is possible to see what is going on within them, as a major concern of mine would be the potential back doors or snooping application like this could do to e user if they where not able to actually see what was going on…

But this does still beg the question as to why they have realised it, now it is not uncommon for application and other such items to trickle down the pipe line to the more “consumer” market eventually but after the vault 7 leaks a few month ago it is possible to see that they have so many more application with much more malicious uses than the few that eye have realised for the public. So there is the potential they they have realsed stuff that is out dated to them or that they don’t feel will be to compromising to all if their activitys.

What is WannaCry

Recently you might have read that a computer virus by the name of WannaCry has been extorting money from people and organizations all over the world. But what is WannaCry and should you be worried?

WannaCry  (or WannaCrypt, WanaCrypt0r 2.0, Wanna Decryptor) is a computer worm that has been effecting Windows computers over the past week. It is rumored to have been enabled and aided by some of the recent Vault 7 vulnerabilitys including EternalBlue that the NSA (National Security Agency) had been collecting and storing over the past few years. This has lead to one of the most widespread and effective ransomware’s that has been seen to date. Not just targeting your average user but also going after large corporations and organization such as the NHS (National Health Services)

wannacry_05_1024x774-0
The WannaCry GUI that users have been met with

But what does it all mean, this ransomware could have sat dormant for month (It very likely has) just trying to spread the infection to as many vulnerable machines as possible. Until it is then activated by either the creator or by s spesific time and date. Once the infection is triggered the malicious package then encrypts the users PC and demands the user to pay the “Ransom” in this case the amount was $300 or £231.59. This is a rather large amount of money and on the scale of the attack would have made it a very profitable venture if all of the effected users pay the money to gain access back to there device.

In the case of WannaCry effecting the NHS it could have potentially cost human lives as well, because it was effecting hospitals and GP surgery’s. Without having access to the patient information the medical practitioner might have been unable to proceed with a user treatment or potential be unable to access the patients personal information.  But WannaCry made a few fatal error is the design and execution of the virus. Firstly the ransom payment was required in bitcoins (Bit coins are a digital currency with no central regulation making it hard to track) but because there what only 4 addresses to pay the bit coins too and because they where hard-coded into application it means that the possibility of tracking them is a whole lot easier. And then there is the built in “Kill Switch” that was again hard coded into the application. This meant that to deactivate the ransomware, a website address needed reached. Meaning that researchers were able to find the target URL and register it meaning they then had the ability to deactivate the program.

For such an effective and wide spread virus it looks as if corners where cut, for example if the URL that was required for the “Kill Switch” had been coded to be random it would have made the pressure of finding the target URL much greater as there would not have been a clear target. And the next blunder was in the form of having only used 4 Bitcoin payment addresses, because of this it will make the authority’s job of tracking the Bitcoins slightly easier as they will just have to monitor bitcoins public transaction ledger know as the blockchain. It has also been found by Cisco researchers that the “Check payment” button did not actually do anything other than display one of 4 possible out come, meaning that the decryption of the devices was most likely done manually. But there is also speculation that the creator may just have send out a random handful of decryption keys to make it appear as if the payment has gained the user access to there machine again. If that is the cases then this virus should not really be called ransomware at all, as there is a strong possibility that even after the ransom has been paid the user will not just be given access back to their files, making this more Theftware.

hacking

But there has been further speculation from other security researches that this attack might have been made to look as if it was ransomware. This could mean that the creators had alternate motives. This could have been for a number of things, but when you consider the sort of things that where effected and completely parallelized (Hospital equipment, Trains and ATM’s) could it be possible that the ransomware side of this attack was merely a cover up? And when you consider that researchers at Kaspersky Lab have been finding evidence linking WannaCry to North Korea. This was in the form of similar code that had been used in a previous attack this year. A number of other big names in cyber security have also backed up these claims as they too have noticed drastic similarity within the code that has been used in both attacks. And when you look at the raising tensions between the USA and North Korea and acknowledge the fact that “cyber space” is the new battle field this could have just been a test run for bigger things to come, but of course this is all merely speculation.

But what do you do if your computer if effected by Ransomware and are there any procotions that you can take to make it less damaging.

Precautions to take


  • Always keep regular backups of any documentation and files that you need or do not wish to lose. You could back them up to an external devices such as a USB stick or an external HDD. The other option would be to back up your files and documents to one of the many cloud services such as GoogleDrive or Microsoft’s OneDrive.

 

  • Make sure you download and install regular updates on your operating system, this should hopeful help to prevent the vulnerability being present on your computer.

 

  • If you machine does get infected by ransomware the first thing you should do is disconnect your devices from the internet, this could possibility prevent the virus from encrypting all of your data.