Pen-testing using Backtrack and De-ICE under VMWare Fusion

Haven’t had an entry in quite a while, but tonight’s work on getting a little pen test lab setup got me to document the process, before I forget what I did 😉

So – objective: need to setup a virtual lab for pen-testing using Backtrack LiveCD as repository of penetration tools, and De-ICE LiveCDs as targets.

Problem: VMWare workstation uses a different network for the NAT option (vmnet8) than what De-ICE LiveCDs require with their pre-configured IPs (and NO, you cannot change the IP on the De-ICE LiveCDs at this stage!)

Solution: under the host terminal:

$ ifconfig

vmnet8: … inet 192.168.109.1 …

$ cd /Library/Applications\ Support/VMWare\ Fusion

$ grep -R 192.168.109

locations:…

vmnet8/dhcpd.conf:…

vmnet8/nat.conf:…

Replace all 192.168.109… entries in those files (locations, dhcpd.conf and nat.conf) with the networks | IPs required by De-ICE LiveCDs (192.168.1.0/24), setup the Backtrack and any De-ICE LiveCD VM as NAT and … good luck with the real work of pen-testing!

Advertisements

VMWare tools installation for Mandriva

I meant to write this post for a long time, but today my level of frustration having to carry out the process below, all over again (upgrade of vmware workstation to version 6.0.5 meant another version of tools to be installed to run my mandriva inside Vista) reached a point where I saved it – and here it is (your mileage in regards to version of either vmware, or mandriva kernel, or both, may vary, but the problem is there):

# vmware-config-tools.pl

… — eventually the following comes up

What is the location of the directory of C header files that match your running
kernel? [/usr/src/linux/include]

The directory of kernel headers (version 2.6.24.7-1mnbcustom) does not match
your running kernel (version 2.6.24.7-desktop-1mnb).  Even if the module were
to compile successfully, it would not load into the running kernel.

PROBLEM: different names used by mandriva in different places. Here is what we have, in the scenario above:

# ls -l /usr/src/linux

lrwxrwxrwx 1 root root 19 2008-08-19 08:55 /usr/src/linux -> linux-2.6.24.7-1mnb

NOTE the -1mnb

Now let’s do this:

# grep -r 1mnb /usr/src/linux

/usr/src/linux/fs/proc/proc_misc.c:     printk(KERN_INFO “Hook version: 2.6.24.7-1.uc1mnb1 2008/07/11\n”);
/usr/src/linux/include/config/kernel.release:2.6.24.7-1mnbcustom
/usr/src/linux/include/config/auto.conf:# Linux kernel version: 2.6.24.7-1mnbcustom
/usr/src/linux/include/config/auto.conf:CONFIG_KERNELVERSION=”2.6.24.7-1mnbcustom”
/usr/src/linux/include/linux/utsrelease.h:#define UTS_RELEASE “2.6.24.7-1mnbcustom”
/usr/src/linux/include/linux/autoconf.h: * Linux kernel version: 2.6.24.7-1mnbcustom
/usr/src/linux/include/linux/autoconf.h:#define CONFIG_KERNELVERSION “2.6.24.7-1mnbcustom”
/usr/src/linux/Makefile:EXTRAVERSION = .7-1mnbcustom
/usr/src/linux/.config:# Linux kernel version: 2.6.24.7-1mnbcustom

It looks like we’ll have to change ALL occurences of the string “2.6.24.7-1mnbcustom” in the files above, with what the info about the running kernel is, i.e. “2.6.24.7-desktop-1mnb”. So:

# grep -rl 1mnbcustom . |xargs sed -i -e ‘s/1mnbcustom/desktop-1mnb/g’

and

# vmware-config-tools.pl

runs to completion!

VM printing – Linux (host) & Windows (guest)

# lsof |grep lp (lp0)
– for VM guest (Windows) to print, on host run:
# rmmod lp
NOTE: may need to stop cups daemon on the host, first
– for Linux (host) to print:
# modprobe lp
# chown <user> /dev/parport0
# chgrp lp /dev/parport0