| layout | permalink | title |
|---|---|---|
default |
/RE101/section1/ |
Fundamentals |
Go Back to Reverse Engineering Malware 101
For windows and osx, follow the instructions in the install binary.
| Windows | Mac OSX | Linux |
|---|---|---|
 |
 |
 |
Unzip the files below and open the .ovf file with VirtualBox
- OS: Windows 7 Service Pack 1
- Architecture: Intel 32bit
- Username: victim
- Password: re1012017
- IP Address: 192.168.0.2
- Gateway: 192.168.0.1
- OS: Ubuntu 16.04.2 LTS Desktop
- Architecture: Intel 64bit
- Username: sniffer
- password re1012017
- IP Address: 192.168.0.1
- Gateway: 192.168.0.1
- Install VirtualBox CD on both VMs: Devices->Insert Guest Additions CD Image
- If it doesn't auto appear, navigate to the CD Drive to install
- Follow install directions from the Guest Additions Dialog
- Note: it will require install privileges so insert passwords for each VM
- Victim VM: Devices->Drag and Drop->Bidrectional
- Victim VM: Devices->Shared Clipboard->Bidirectional
- Both VMs: Devices->Network->Network Settings
- Select Attached to
Internal Network - Name should mirror both VMs. Default is
intnet
- Run/Play both VMs to verify network connectivity
- Sniffer VM: Ensure
inetsimis running
- Open terminal and run:
ps -ef | grep inetsim - If no output, run:
/etc/init.d/inetsim start - Run the ps command again to confirm it's running.
- Expected output:
- Victim VM: test connection to Sniffer VM
- In the search bar, type
cmd.exeto open terminal - Run command:
ping 192.168.0.1 - Expected output:
- Sniffer VM: Devices->Shared Folders->Shared Folders Settings
- On your Host, create a folder called
sniffershare - In virtual box select Add New Shared Folder icon and navigate to the folder you just created (sniffershare)
- In Sniffer VM, open the terminal and run command:
mkdir ~/host; sudo mount -t vboxsf -o uid=$UID,gid=$(id -g) sniffershare ~/host