As part of the fiddling around with Metasploit, there came the need to install a victim box to test things on (we don’t want to be attacking a live site don’t we? Especially one that we don’t own…), so here’s a modification of the instructions found at Offensive Security’s walkthrough for our needs.
I wanted to run the victim machines in VirtualBox instead of VMware Player, and after some experimentation and Googling around with the crashing issue, here’re the instructions on how to get things up and running.
Host OS: Ubuntu 9.10
Guest OS: Ubuntu 7.04 Server
1. Get only the server ISO, not the virtual machine. http://old-releases.ubuntu.com/releases/feisty/ubuntu-7.04-server-i386.iso
2. Add it into the list of CD/DVD images within the Virtual Media Manager in VirtualBox.
3. Create a new virtual machine with the following settings:
Name: (up to you)
Operation System: Linux
Base Memory Size: (up to you, the defaults of 384MB was ok for me)
Boot Hard Disk: (up to you, create new or select pre-existing one)
4. Select the new virtual machine, then click on Settings to edit the settings for this virtual machine (duh).
5. Goto System > Processor. Check the box labelled “Enable PAE/NX”. This is needed for this to work.
6. Goto the Storage section, select the “Empty” CD/DVD item, then select the 7.04 ISO you added earlier in step 1. This will be needed for your install…
7. Goto the Network section. Adapter 1 should be enabled for you already, change “Attached to” from “NAT” to “Host-only Adapter”. I do this since we want a vulnerable server and not get the latest updates. If you have different needs set this option accordingly.
8. Edit any other hardware options as you wish and then press “Ok”.
9. Start the virtual machine, it should boot up to the CD ISO. Follow the steps for installing the ISO into the virtual disk. If you’re using “Host-only Adapter” as shown in step 7, it will prompt a bit with regards to empty route, no nameservers and no proxy. This is normal, leave as blank and continue.
10. There! I (hopefully) can haz vulnerable server!
Do leave a comment if this has helped, or if you have any other questions which I’ll answer if I can, heh. 😉
1. Offensive Security’s walkthrough on Metasploit: Metasploit Unleashed > 02 Required Materials > Ubuntu 7.04
2. Ubuntu 7.04 Server Crashes when booting: … do a default install of Ububtu 7.04 Server. When install is complete, immediately after booting Ubuntu crashes: Int 14: CR2 c1000000 err 00000002 EIP c03f3c3e CS 00000060 flags 00000006 Stack: 373c0046 00000000 ffffffff c0490000 00001400 00000080 00400000 ffffff80