 |
| How to Create Own Hacking Lab |
When you are learning about hacking it’s important to practice what you are learning and improve yourself. you can go for CTF like hack-the-box but it’s not for practice. hack the box allow you to test your skills but if you are learning then you want to practice rather than testing your skills. Here I will show you how you can create a lab for practice your skills like Web application attacks, Network attacks, server, and system hacking, etc.
You can check my old blog on some vulnerable machines and applications for hacking practice.
Read: Top 5 free hacking practice lab part 1
Read: Top 5 free hacking practice lab part 2
Requirement
15-50 GB Storage
6-8 GB RAM
Virtualisation (VMware or virtual box)
Ubuntu server iso image
If you are using windows mac or Linux as your main operating system everything will be the same. you need a virtual app that lets you install soo many different OS in a single machine.
you can install VMware or virtual box both are available for all the OS ( mac, windows, Linux)
The virtual box is totally free for all the OS.
VMware is free and paid both.
Download
Vmware player for Windows and Linux ( player is free version)
Vmware workstation for Windows and Linux ( workstation is paid)
Vmware Fusion and Fusion pro for Mac ( fusion is free fusion pro is paid)
Virtual box windows, Linux, Mac ( Virtual box is free)
Ubuntu server ( both options are the same for our goal, here I am using ubuntu 19.10)
Installing Ubuntu Server
This is not a vulnerable machine we will use it to install some other vulnerable application. if you are using Kali Linux or parrot as an attacker machine you can install the vulnerable machine in kali Linux also but it’s good practice to install them in a different machine.
Once you have downloaded ubuntu server iso image from the download link above we can start installing it in our virtual machine for this tutorial I am using Vmware workstation if you are using VMWare workstation or player everything will be same. but if you are using a virtual box there will be litter differences not much.
Open your VM –>click files–> New Machine
Click next–> choose I will install os later—> click next
it will ask for the operating system you want to install select LINUX and version UBUNTU and click next.
Now give a name to the machine according to you and select the folder, drive where you want to store the files for this machine and click next
Now click on customize hardware
Now give ram according to your system 2GB is enough for this. Now click on the CD/DVD option and select use iso image and select the iso image of ubuntu you have installed and click finish and start the machine.
Once the machine starts you have installed it properly. Click on start to start the machine. once the machine is started to fill up the common options like langures name etc. check them with the images below.
Make sure you have selected NAT in your setting before you start the machine match the setting with the image above. Don’t enter any proxy address we don’t need it.
select use entire disk options and hit enter, as this is a virtual machine. don’t change it unless you know how to do it.
hit enter and click done option
Now we are all set to install the ubuntu click continue and enter the name and password, username and password will be required to access the machine.
it will ask to install the open ssh server ( ssh allow you to access your machine from a different computer or remotely) we don’t need it right now we can install it later. click on done
again it will as for other options available to install we don’t need anything just click on done.
Now wait for some time it will install the ubuntu in your VM, once the installation is completed it will ask for a reboot, click on reboot and enter your username and password
Once you enter your username and password you can use it. now the Ubuntu server installation is finished now let’s install the package and web application for practice.
first, we will install the apache and other packages. with following commands
sudo su
sudo apt install net-tools
sudo apt install apache2
sudo apt install mysql-server
sudo apt install php-mysql
sudo apt install php-gd
sudo apt install libapache2-mod-php
sudo apt install php
DVWA inside UBUNTU SERVER
Now we will install DVWA inside the ubuntu server we have installed. first, we have to clone it from the GitHub repository. enter the following commands.
cd /var/www/html
rm index.html
git clone https://github.com/ethicalhack3r/DVWA
cd DVWA
Once you clone the DVWA we have first configured our database and create a database. to do that follow the following command or check their Github page.
[email protected]:# mysql -u root
mysql> create database dvwa; Query OK, 1 row affected (0.00 sec) mysql> grant all on dvwa.* to [email protected] identified by 'SuperSecretPassword99'; Query OK, 0 rows affected, 1 warning (0.01 sec) mysql> flush privileges; Query OK, 0 rows affected (0.00 sec)
Once the database is the setup you have to configure the database file for dvwa so it can connect to it.
cd /var/www/html/DVWA/config
mv config.inc.php.dist config.inc.php
nano config.inc.php
nano will open the editor for the file you have to enter your username and password for the mysql server. if the password is not set keep it blank like in my case.
once the DVWA is set, you can open it with your machine IP address in another machine which has GUI and in the same network. There are some other local labs available like DVWA you can check the list from the previous blog link above.
Metasploitable2 LINUX
Metasploitable2 Linux is a Debian based machine for the hacking practice where you can practice web application and system hacking. Metasploitalbe is free and provided by the famous penetrating tool Metasploit team. Download Metasploitable 2 from the above download links.
Once you have downloaded the zip file extract it to somewhere and open your VMware click on files and select open once you click there it will ask you to select the machine go to the folder where you have extracted the matasploitalbe2 and select the file. and it will be selected and click start this machine, you don’t need to install anything you all set you to use it.
Read: Enumeration Metasploitalbe 2 machine with the Metasploit penetration testing framework