BACKGROUND
If you are curious about offensive security or penetration testing (pentesting), setting up your own virtual hacking lab is a good first step towards ensuring that you have a safe and legal way to practice as you train yourself on various ethical hacking tools and applications.
Also, as an extra benefit, there are hundreds of free vulnerable machines available to train on from sites like https://www.vulnhub.com/.
It is important not to install a vulnerable machine on your actual network because they are vulnerable and could allow hackers to compromise your computers and devices connected to your network.
By setting up a hacking lab of virtual machines on an internal network without internet access, you can isolate vulnerable machines and your attack machine from your own physical devices and your data stored on those devices.
WHY SHOULD I CONSIDER BECOMING AN ETHICAL HACKER?
Pentesting, by definition, requires the formal consent of the target to run attacks within a scope and on the IPs defined by the client.
Clients pay ethical hackers for their expert vulnerability discovery and risk analysis of the security of their websites and the integrity of their data.
Ethical hackers are hired to find ways to hack into the system before back hat hackers (evil hackers) out there in the wild compromise the company’s servers.
🪙 This service is very valuable because it can significantly lower the risk of being hacked, which may lead to potentially catastrophic monetary losses.
Ethical hackers train to understand the mindset of malicious hackers but are fighting for the “good guys”. Governments, banks, social media sites, etc., all need this service as cyber-attacks become more and more commonplace worldwide.
If you are looking for a high-value skill that is in demand now and will almost certainly be even more in demand in the next few years – then look no further!
INSTALL VIRTUALBOX MANAGER
Let’s start our setup by installing virtualbox manager. I’m running Manjaro Linux, so the command to install it was:
sudo pacman -S virtualbox
On my machine, I found that some options were unavailable unless I ran Virtualbox as a superuser.
sudo virtualbox
SET UP AN ATTACK BOX
We’ll use a Kali distro as our attack machine and Metasploitable2 as our vulnerable practice machine. Metasploitable2 is offered for free by the creators of Metasploit, Rapid 7.
Once the kali distro is downloaded, we can go ahead and add the box as a vm in virtualbox manager.
The default settings should be fine on memory size, CPU cores, and HD space. The network setting should be set to “host-only”, so that our VMs are connected to each other on the same “host-only” network, but not connected to our own personal or business network.
SET UP A VULNERABLE BOX
We’ll install metasploitable2 in the same way now on virtualbox, ensuring that the network is also set up as “host-only”.
We can run a few tests to ensure that the machines “see” each other on the network but do not see anything on our own network.
SET UP A VIRTUAL DHCP SERVER FOR THE HACKER LAB
It is possible to set up a virtual DHCP server to assign IP addresses all from a terminal with text commands, but I found that it was much easier to set it up quickly with the VirtualBox GUI.
Tools > Network > Properties will give you the option to configure a DHCP adapter manually or automatically.
Once you have everything set up, click Apply, make sure your VMs are set up with “host-only adapter” network settings set to the same host-only network.
On my machines, I chose to use the vboxnet4 network. Now go ahead and reboot your VMs. You should now see new IP addresses that correspond to your DHCP Adapter settings when you run the command: ip addr
HOW TO CONNECT OUR KALI ATTACK BOX TO THE INTERNET
Sometimes you may need to briefly use the bridged connection on the attack machine to download updates or install software.
I’d advise briefly switching the network settings on the Kali attack box to “bridged adapter”. This will allow our attack box to connect to the internet until we switch it back to the “host-only” network.
Please note that you need to shut down the Kali VM first, make the switch to network settings, and then power back on.
HOW TO RECONNECT TO THE HACKING LAB
After you are done downloading software and updating the attack machine, you’ll need to set it back to the host-only network again before attempting penetration testing practice.
TESTING THE SETUP
Now that we have the attack machine and vulnerable machine as VMs on the same host-only network adapter, we can run a few tests to make sure that they can communicate with each other, but not with the wider internet or any of the physical devices on our network.
We’ll use the ping command to check our connections.
We can see data transferring between our machines! Perfect. Let’s open a browser and see if the internet is connected.
No? Perfect! We have successfully set up our lab, and we are ready to carry out our first hack.
HACKING DEMO
Let’s run a quick nmap scan on our target.
Let’s use Metasploit to quickly pwn the machine with the vsftpd backdoor module.
Load it up and let it rip!
And it worked. We now have a root shell on the system!
FINAL THOUGHTS
The possibilities are endless for what you might work on inside your secure hacking laboratory. Here are some common use cases:
- Train to become a professional pentester
- Play free hacking games with vulnerable machines. Honestly, they are more fun than any video game I’ve ever played!
(Playing CTF challenges actually reminds me of early childhood memories playing the original supermario brothers NES game, just without extra lives. If you make a mistake and a shell breaks, sometimes you have to start over again from the beginning of the hack or the beginning of the stage of the hack. )
- Design your own virtual private network as a sandbox to test original software and/or websites under development
- Create your own virtual machines and test them out in a safe environment
👉 Recommended: Top 6 Developer Jobs for White-Hat Hackers in 2023
I am a freelance ethical hacker/penetration tester. I have extensive experience in penetration testing and vulnerability assessments on web apps and servers. I am also fluent in Mandarin and have 15 years of experience as an edTech integration specialist, curriculum designer, and foreign language teacher. Here’s my personal website.