Offensive Security Planning, Tracking, Articles and Tools

Latest Articles

DIY Hacking Lab - VirtualBox + Windows 7

This is the first article in a short series on building a virtual hacking lab. For the purposes of this series, we will be installing several client VMs on a Kali Linux host machine. Firstly we will be looking at installing and configuring VirtualBox and setting up a basic Windows 7 Virtual machine. We will then look at installing some more interesting clients, finishing off with a look at virtualised networks and building a test lab to emulate a small business.

Firstly lets get VirtualBox installed. VirtualBox lives in the Kali repo so installation is as simple as:

sudo apt install virtualbox

This will grab and install any prerequisites needed. Once complete you can start VirtualBox from the applications menu or running 


in the terminal. Next well start creating a new Windows 7 Service Pack 1 Client. For this you will obviously require a Windows 7 installation ISO.


Click "New" to start the wizard. Enter a name for the new client VM, i've used "Windows7-SP1". 

The default settings provided by VirtualBox are ample for our purposes. So continue with 512 MB RAM.

We will create a dynamically allocated virtual drive now. Dynamically allocated means the drive will only use the required space on your drive and won't take up unneccesary space on your drive.

If required you can reduce the size of the drive. I'd recommend no less than 15 GB, you can also chose a seperate save location for the drive. It may be neccessary to store the virtual disks on a secondary drive so as you can end up with quite the collection!

Once the wizard is done we are back at the the dashboard and can see our newly created client. Before starting it up we are going to tweak some of the VMs settings. With the VM selected click settings.

Now we can see all the internal settings of the VM. We need to change the network mode to host only and mount our installation media.

We are using Host-only networking at this point to avoid exposing the VM to the outside world.

Now we need to select the network type for the VM, Select Host-only adapter. If you have no selectable adaptors follow the next section to create our host only network. 

Creating a Host only Network. Open the VirtualBox preferences from the File Menu. Then browse to the network menu and the Host-only Networks tab. Click the highlighted button to add an adapter. 

Once it is added click the screwdriver to begin configuring it.

Now we need to configure addressing. Use the Host address from the Adapter tab as your server address and use similar settings to as below.

Now you can return to the network tab of the VM and select the newly created host only network.

That should be it. Lets mount the installation media and start it up. Head to the storage tab of the VM settings and select the empty CD drive. Click the highlighted button to select your ISO.

Once loaded up, hit OK and then start the VM. Proceed through the installation process and you should be done.

Once completed install the guest additions from the VM Devices drop down menu. Reboot the VM when guest additions has installed.

That covers it. We have a guest Windows 7 machine that can only communicate with your host. In future articles we will begin advanced configuration and start pentesting our client VMs.

Continue Reading

Creating a non-root sudo user on Kali

A quick walkthrough on creating a new non-root user on Kali Linux and adding this user to the sudoers. In this brief guide we will add a user called dan and add this user to the sudoers group. To get started open a terminal window. With the window now open issue the following command

useradd -m dan 

This will add a new user named dan, the -m option creates a home directory for the user. This home directory will usually be located at /home/dan unless your default home directory location has been changed. Next lets add a password to the account.

In your terminal window issue the following command.

passwd dan

This will prompt you to enter a password for the newly created user.

Now its time to add the user to the sudoers group. This will allow the user to execute commands with root privileges by prefixing the command with sudo and entering their password.

usermod -a -G sudo dan

The -a option tells usermod you are adding, -G sudo  means the group sudo and then the user. Now we have added the user, set a password and added them to sudoers, we must specify a shell for the user.

chsh -s /bin/bash dan

This command changes the shell to the one specified after -s for the user. After this you are all done. You can logout of root and login as your newly created user. Any commands or scripts requiring elevation can be executed by prefixing with sudo and entering the users password.

Continue Reading