Pages

Friday, May 17, 2013

Troubleshooting network connectivity for Holynix on VirtualBox

Holynix is a "Linux vmware image that was deliberately built to have security holes for the purposes of penetration testing".  It has 2 levels and solutions are already published.  In this post I'll details my approach to set up network connectivity for the 2 Holynix VMs and another Backtrack VM, all running in VirtualBox.
After some unsuccessful attempts to make it run under VirtualBox and have connectivity, I decided to reset the root password and actually check and understand the network settings.

To reset the root password

  • I've first install VmWare Player on Ubuntu.
  • The open VM in VMWare player
         - Edit Virtual Machine Settings
         - Go to Hard Disk
         - Utilities (at the bottom)
         - Mount Disk and select the second ext partition
  • Make a copy of the /etc/shadow file
  • Delete the password hash of root from /etc/shadow
  • Start again the VM in VirtualBox and login as root without password!

Holynix Level 1

To have connectivity between this machine and the bt machine, I just added an internal network adapter and put Holynix VM in the same lan as bt machine
Then got an IP through DHCP server of the internal network (already configured!)
 # dhclient eth1
(or just apply the steps in next session to have eth0 instead eth1 and get IP automatically on eth0)

Holynix Level 2

First I've also removed root password.

Then for the network settings
  • Add holynix2 and bt to a new internal network
  • Holynix2 assigns static IP 192.168.1.88 on interface eth0 ! (Firewall rules seen when booting show eth0 also)
  • The /etc/network/interfaces  file contains the following:
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
    address 192.168.1.88
    netmask 255.255.255.0
    network 192.168.1.0
    broadcast 192.168.1.255
    gateway 192.168.1.1


But we just have eth1, not eth0 ?!
If we examine the kernel messages we see:
# dmesg | grep eth
...
udev: renamed network interface eth0 to eth1
..

The explanation for this is found on virtualbox forums:
[SOLVED]Missing eth0 in Ubuntu guest

Basically the problem is that each time a VBox guest has a new/different MAC, Debian and Ubuntu guests udev assigns a new eth number. By deleting that file, it is recreated correctly at the next reboot).

# cd /etc/udev/rules.d
# sudo mv 70-persistent-net.rules 70-persistent-net.rules_old
# sudo reboot


After the reboot, eth0 will be present and configured properly.



For the Bbacktrack machine, we'll configure the interface that's in the same internal network as Holynix 2 VM:
# ifconfig eth4 down
# ifconfig eth4 192.168.1.1 netmask 255.255.255.0
# ifconfig eth4 up


Now check that we have connectivity between bt and holynix machines and happy hacking !

2 comments:

  1. This comment has been removed by the author.

    ReplyDelete
  2. While Holynix2 was released as a VMware appliance, it is possible to get Holynix2 working under Oracle VirtualBox.

    The holynix2.vmdk virtual hard disk is directly usable by VirtualBox. Just refer to it as an "existing" disk in VirtualBox's storage setup options, when you define a new guest. After using the disk image under VirtualBox, beware porting it back to a VMware environment.

    To get networking working, just open the file holynix2.vmx in a plain text editor. Use the MAC address in line 45, ethernet0.generatedAddress = "00:0c:29:13:21:b3", to force set the MAC address of the network adapter you assign to the Holynix2 virtual guest (hint: edit out the colons). Make sure also that the adapter is set to "VirtualBox Host-only" network. With this set up, you should see the Holynix2 guest respond to pings at address 192.168.1.88.

    DHCP on the host-only network is not required, as Holynix2's IP address is set statically. You can then run your exploits either on another virtual guest, or on the virtual host, as long as they have a network adapter on the host-only network.

    Other files in the Holynix2 distribution serve no purpose for, are not required by, Oracle VirtualBox. Good luck.

    -- Calvin Miracle, cbmira01@gmail.com

    ReplyDelete