For this recipe, we will use BodgeIt from the vulnerable VM vm_1 as the exploited application. We will also need a separate client virtual machine, for the sake of clarity. In this recipe, we will add a Windows 7 virtual machine to our laboratory.

If you don't have a Windows VM already configured, Microsoft has various setups available for developers to test their applications in its Internet Explorer and Edge browsers; you can download them from https://developer.microsoft.com/en-us/microsoft-edge/tools/vms/. For this recipe, we will use Windows 7 with IE 8. Feel free to try it in any other version; it should work with some minor changes in architecture and OS settings.