It's always a pleasure to play another new VM found on VulnHub. I was wondering how can I prepare a similar "CTF VM" by myself. Below you'll find few notes about it. Here we go...
This time we'll start here:
As a main OS (on VM) I decided to use Ubuntu 18.04:
Installation in progress...
After a while we should have a ready server:
This is probably the moment for preparing a 'first challenge' ;) (Our VM's) "scenario" (so far) looks like this:
- pentester is able to connect to linux server
- on mentioned server pentester found vulnerable webapp (your choice)
- initial web(shell) access was achieved.
Easy like that. ;)
Last time we tried to configure a docker-machine with WebGoat. Today we'll change it a little bit:
Downloading Redis image:
Now we should be here:
Redis started properly. Stopping and checking with -d(aemon) parameter:
Next step is preparing the start of the docker during the boot of our VM. To do that I used sysctl enable docker. After the restart everything looks good:
When your webapp-scenario and all the docker machines are ready - next step is (stop the VM and) exporting it to the OVA file (I know menu is in PL but you can easily follow the screen):
Next - decide where to save your VM.ova:
Final window - few more minutes and your First CTF VM is ready! Congrats!;)
In case of any question/bugs/comments - you'll know how to find me. ;)
See you next time!
Brak komentarzy:
Prześlij komentarz