I want to install Damn Vulnerable Web Application (DVWA) on VirtualBox, so I downloaded the DVWA.iso and I'm following this tutorial for its installation.
At step 9, they say to choose internal network, but I don't really understand why (is it a security problem if I don't choose this option?). Because if I select internal network after I've got an IP like 10.0.something and when I try to connect from my computer (not the VM) to 10.0.something/login.php that doesn't work. But if I select bridge networking, I've got an IP like 192.168.something and it works.
Could you explain me why is it important to choose internal network, and why that doesn't work when I choose this?
Internal network on VirtualBox creates a network between boxes on the same host . I can't see the next steps of the tutorial you linked but my guess is that it will ask you to install Kali (or similar distro) on another box on that same host. This is what most people do.
Setting 'internal network' allows the 2 machines to talk to each other without any contact with the outside.
It is considered a security measure because the DVWA is a vulnerable machine so some people think that you shouldn't be giving access to internet to it, but I guess it's more about 'best practice' than a real security risk because in most cases firewalls, routers and ISP will prevent outside attackers to connect directly to that machine in any case.
Anyways, if you are using another computer on the same network to connect to DVWA you should be ok in using a 'bridged' connection on VirtualBox (this it will give to the DVWA an IP sitting on the same network of the host and of your computer). In NAT mode VirtualBox acts like a router, it may still be a good solution for you but not sure if the box is reachable from other computers as I think VB settings may affect this case.
If you are using instead the Host as a penetration testing machine, 'host only' should be good to allow the host and the VM to talk.
Try to put both of the machines on the NAT so that you can ping onto the dvwa from wherever you're doing the hacking from! so essentially both of the machines should be on NAT setting if the they're both on a virtual machine.
Related
Both devices are connected to the same WiFi network.
I have set IIS bindings to allow connections to my IP:
However, my computer's IP address is the same as my iPad's.
Is there a way to make this work?
That's not your IP. Every time you use a laptop on a Wifi network, you'll be using the public IP address of whatever network you're on.
The IP address of "your" computer doesn't belong to your computer. It belongs to the network you're connected to. Your computer is just borrowing it for a while.
Try to set a static IP address for your computer and use another machine to send ping command to it. Then use iPad to connect.
Initially when I posted this question, I was using an xfinitywifi hotspot and I assume that came with a whole host of problems. Full-disclosure, I did not figure out how to make it work in this scenario.
However when I moved to my own home wifi network, I was still having this problem.
I had to do two things, one of which, I know is not recommended, but it was really easy.
First, I had to enter my network and sharing center and set my connection as home connection instead of public which is what I previously had it at.
Second, which is not recommended, I turned off Windows firewall. I only do this when I need to access my site from another device for debugging. I turn it back on when I am done. For a more permanent setup I know it is recommended to just enable the port you need, but I could not figure this out.
I have a node.js website running on my Ubuntu VM. I can access it both from the host and the VM. But if I try http://192.168.10.120:80, from an external device connected to the same network over WiFi, it doesn't work.
What I need to do to make the web site accessible to external devices on the same local network?
I've been googling this for days, and still can't find an answer...
If the host is Windows, there's two things you'll have to do. One is setting up port forwarding in your VM settings. If you're using Virtual Box check this out. Also, depending on your internal networking setup, you may need to allow inbound connections to port 80 through Windows Firewall. Check out this article from Microsoft. The process hasn't really changed since Windows 7 so it should be the same on 8 or 10.
As a side note, security through obscurity sucks but I still wouldn't recommend using port 80.
I am using an android app that streams real-time accelerometer data to the specified ip address of a server. I have written a "server" in C running on Linux which is running in VMware.
I am connected to the hotspot created by the Windows7(Host machine) running the VMware Workstation.
So my question is how do I connect the virtual-machine to same network as the hotspot so that I can get the phone and the "server" program on the same network and stream data to the server program?
I use VirtualBox, but I'm guessing the settings are very similar in VMWare Workstation.
You probably need to do one or both of these things:
1) Port Forwarding. If your app is hitting port 80 (or whatever port), you'll need to tell VMWare that any hits coming in to the host machine on that port get forwarded to the VM. Of course, your VM will have to be listening on that port. I'd suggest using a high port number (over 1024) to minimize conflicts, and avoid annoying root/admin issues using a low port number.
2) Hopefully that gets you there. If not, you may need to change the virtual adapter settings on the VM. NAT mode is a good first try. If not, there are other modes (bridged, internal, host-only) you can tinker with. (Not sure if VMWare uses different names)
That's probably all you need for the topology you describe -- Android device connected directly to the same subnet as the host machine. If not, perhaps your hotspot routes all client traffic to the gateway (i.e. out to the Internet), without allowing direct access to localhost. If so, maybe there are settings for that. If not, ngrok is your new best friend.
It is SUPER easy and allows you to tunnel traffic from anywhere on the Internet to a specific service running on your machine. This would sidestep some of the issues above.
If you want to take your Android device to another network (e.g. cell network), then ngrok is absolutely the way to go, particularly for development and prototyping. This lets you avoid issues with DNS, routing, firewalls, etc.
I need help with this and hoping someone can answer with a valid suggestion.
Background: I live under potential threats from nefarious entities and need some help with security.
My setup is this (similar)
Internet dropping into a WinXP VM by NAT from the Win7 host (call the first VM "VM1"). Connecting within VM1 to a VPN. This TAP adapter internet connection is then shared with a local network of VMs (VM2 and VM3) connected by a network adapter #2 on a Lan Segment I created.
The other VMs are private. I work from them.
I connect another VPN from within them, tunneling through the VM1 effectively nesting them.
However-
Recently some reasons for concern. I am very concerned now that someone with ill intent could be accessing my VM1 through either the host system internet connection, or directly into it from the first VPN, and could be traversing my little Lan Segment network and accessing the data on the lan segment VM2 or VM3 directly. Copying data off potentially into VM1 for removal, -or other threats.
I recently have had my USB wifi adapter disconnect from the host and connect itself mysteriously directly to my deep VMs, 2 and 3. It's happened several times- I now removed USB controller from both of those internal VMs as a precaution. Apparently they wanted to bypass all of my security and just cause the internal deep VMs to connect directly to my wifi and report back the info..
So..
what I need help on, is how to keep the lan segment truly private, with ONLY the VPN internet traffic capable of going through the segment to my upper VM1.
For consideration:
Are there windows services that should be stopped or removed from within VM2 or 3 Which in particular pose threats?
RDP off in the registry for example?
how to disable all communication between the deep VMs and VM1 except for the passing through of the internet connection and nested VPN?
Would I start in the TCP/IP stack? removing some of it? Do I need PFSense or another firewall VM inbetween the lan segment and VM1?
Please help me secure my operating VMs from which I work. Let's call me a journalist under an oppresive regime hypothetically and I am very concerned for my safety, but cannot abandon my moral obligations and work.
great question albeit a bit lengthy and panicked sounding. I can't know your 'situation' but I'll try to help. First, relax. Second, put PFSense in between your deep VMs and where your internet drops into your machine. Keep your internet dropping into your VM if possible through the use of Xen and PCIe passthrough. Just pass the network card along into your first upper VM, so any attackers would have to escape that and into the host in order to infect it. Try and keep a clean host. Second, image your upper VM where the internet hits and reload it fresh every day. Just copy it over from a USB or such. Prevent persistant threats-
Next, keep an isolated network between your VM1 (upper) and a PFsense VM. Then connect another adapter to PFSense and an isolated network with your "deep VMs". Delete them regularly. Keeping things fresh is one of the keys to avoiding threats and malwares etc.
Hope this helps, and best of luck wherever you may be.
**Use encryption in everything.
I'm setting up a linux server in a VM for my development.
Previously I've had PHP, MySQL etc etc all installed locally on my Mac. Apart from being a security risk, it's a drag to maintain and keep up to date, and there's a risk that an OS upgrade will wipe part of your setup out as the changes you make are fairly non-standard.
Having the entire server contained within a VM makes it easily upgradable and portable between machines. It means I can have the same configuration as the destination server and with shared folders even if the VM gets corrupted my work is safe on the host machine.
Previously with the local installation I was able to develop on convenient URLs like http://site.dev. I'd quite like to carry this over to the VM way of development but I'm struggling to figure out how, if it's possible at all.
Here's the problem:
In Bridged mode, the VM is part of the same network as the host. This is great but I can't choose a fixed IP address as I may be joining other networks and that address may be taken already. I'd like a consistent way of addressing my VM.
In NAT mode I can't directly address the VM without using port forwarding. I can use http://site.dev if I use the hosts file to forward that to localhost and then localhost:8080 forwards to the vm:80. The trouble is I have to access http://site.dev:8080 which is inconvenient for URL construction.
Does anyone know a way around this? I'm using ubuntu server and virtualbox.
Thanks!
The answer is to define a separate host-only network adapter and use that for host->guest communication.
You can do this by powering down the guest and adding the adapter in the VM settings. Once that's done you can boot the guest again and configure the new network interface however suits you best. I chose a fixed IP address in an unused range.