How To Vulnhub with VirtualBox
Set up a VBox Pentesting Lab
Clone a Kali Rolling image and change the MAC address before putting it on an internal network and exposing it to a VM.
DHCP Server
# Start DHCP Server (Windows)
PS > cd 'C:\Program Files\Oracle\VirtualBox\'
PS > .\VBoxManage.exe dhcpserver add --netname penlabnetwork --ip 10.10.10.1 --netmask 255.255.255.0 --lowerip 10.10.10.2 --upperip 10.10.10.12 --enable
# To Restart (Windows)
PS > .\VBoxManage.exe dhcpserver restart --network=penlabnetwork
# Start DHCP Server (Linux)
$ vboxmanage dhcpserver add — netname test-network — ip 10.10.10.1 — netmask 255.255.255.0 — lowerip 10.10.10.2 — upperip 10.10.10.12 — enable
If you've lost connection with the DHCP Server, you can run sudo service networking restart
. If that doesn't work, restart your VM. If you still get no IPcheck your VM's Networking Settings to make sure the Cable Connected box is checked.
Static IP
In Kali VM, add the following to the end of /etc/network/interfaces:
auto eth0
iface eth0 inet static
address 10.0.0.1 # new static IP
netmask 255.255.255.0
Then run:
sudo ifup eth0
sudo service networking restart
Find VMs on your Internal Network
If you are using a DHCP server, just nmap <your_ip_range>
. You can cross off the DHCP server address and your attacker VM's address (which you can check with ifconfig eth0
). Vulnerable boxes usually have more ports open too.
Add Hostnames for IP Addresses
Just add a line to your /etc/hosts
file in your attacker VM.
$ echo "10.0.0.6 dc-2" >> /etc/hosts
$ cat /etc/hosts
127.0.0.1 localhost
127.0.1.1 kali
...
10.10.10.133 onetwoseven.htb
10.0.0.6 dc-2
Convert VMs from VMWare (.vmx) to VirtualBox (.ovf)
PS C:\Program Files (x86)\VMware\VMware Player\OVFTool> ./ovftool "C:\Users\<user>\VMWare VMs\Kioptix Level 1\Kioptix Level 1.vmx" "C:\Users\<user>\VirtualBox VMs\Kioptix Level 1.ovf"
Last updated
Was this helpful?