Before we start going into the details of how to start ethical hacking, we need to configure a couple of things. In this section, we will learn what tools are needed to complete this book. Most of the tools we will be using in this book are available for free.
We will start by selecting the Python version used in this book. Then, we will shift our focus to the Integrated Development Environments (IDEs) used in this book. We will also learn how to set up virtual environments and understand how they can be useful. Later, we will dive into selecting Operating Systems (OSes) both for the attacker as well as the target/victim. We will explore different OSes and finally settle on the ones we will use in this book. We will also test a sample Python script at the end to check that everything is configured properly and see whether we are good to go.
In this chapter, we'll go through the following topics:
In order to complete this chapter, you will need a decent working PC with sufficient hard disk space and memory to run two virtual OSes. As a rough estimate, 100 GB storage and 8 GB RAM should be sufficient.
The source code for the project is located at the following link: https://github.com/PacktPublishing/Python-Ethical-Hacking.
As mentioned earlier, we will be configuring our setup for penetration testing (pen testing) in this chapter. The first thing we will need is virtualization software. Virtualization software helps us to run a complete OS on top of our existing OS. The main advantage of virtualization is that you can run a complete OS without needing to buy additional physical hardware, such as a PC, while enjoying all the features that come with such hardware. Once we move forward, you will understand these advantages in more detail. Here's a list of popular virtualization software:
Though there are other options available, I recommend using one of these. I will be using VirtualBox in this book since it is free. VMware Player is also free, but it can't be used commercially without proper licensing.
To download VirtualBox, go to the following link: https://www.virtualbox.org/wiki/Downloads.
There you will find the link to download it. Follow these steps:
The installation process should be fairly simple. During installation, it may ask you for permission to install certain drivers. Please allow the installer to install these drivers as well.
Once installed, the interface should look something like this:
Setting up the virtualization software gives us a foundation on which to build our lab. Going forward, we'll use this foundation to build the components needed to run the lab. Up next, we'll look at OSes and choose and configure what we need.
We will need one OS to be used as an attack machine and one to be used as a target machine. In practical cases, most of the time, the attack machine is mostly a Linux distribution-based system and the target/victim machine will be a Windows-based system. We will use the term target and victim interchangeably throughout this book.
There are a lot of options for a pen testing machine. However, there are a few Linux-based distributions that stand out:
There are other options as well. However, I recommend using Kali Linux, since it's stable and widely used for pen testing. Kali has a lot of tools preconfigured, which can save a lot of time.
To download a virtual image for Kali Linux, go to Kali's download page: https://www.kali.org/downloads/.
Let's begin the installation process:
During boot, you will be asked for the password to log in to the Kali Linux system. The default credentials for the image are as follows:
You may need to disable USB 2 support in the settings to properly start the machine.
Once the system is started, it should look like this:
Now that we've set up our attacker machine, let's move on to the machine for the victim.
For the victim machine, we will use Windows 10 as our OS. Here you have two options; either you can install a Windows 10 OS from scratch using an ISO file or you can download a prebuilt image for VirtualBox. The second option is easier, and I recommend using that. However, the downside of this is that it is quite large, around 20 GB, and can only be used for 90 days, after which it expires. This time should be enough for most purposes, however. If your needs go beyond the 90-day period, you can manually install Windows 10 on VirtualBox. There are a lot of tutorials available on the internet for this purpose.
Let's go with the prebuilt option for this chapter. Use the following link to download the prebuilt image: https://developer.microsoft.com/en-us/windows/downloads/virtual-machines/.
Let's look at how to use this in VirtualBox:
If you performed the steps properly, your Windows 10 should be up and running now. The VirtualBox interface for virtual Windows should look like this:
The topology of our system will look like this:
Once the virtual OSes are installed, the VirtualBox software will look like this:
Until now, we have installed the virtual OSes on our host machines. Next, we will focus on configuring these machines to our liking so we can use them for the remainder of this book. In the next section, we will download and install Python 3 on these virtual machines.
The next thing we will need to set up in this chapter is Python. We will be using Python version 3, or python3, in this book. Python 3 is a major version of Python and it is incompatible with the older version 2. To download Python, go to https://www.python.org/ and download the latest version. At the time of writing, Python 3.8 is the recommended version; however, every Python version above 3.2 should be fine for this book. The 64-bit version of Python is recommended. I will be assuming that you are using Windows as the main OS; however, the code mentioned in this book should work on Linux and macOS as well since we will be running virtual machines.
The procedure for installing Python on Windows is fairly simple. Open the Windows 10 virtual machine you just installed in the Installing virtual OSes section. Note that from now on, most of the work will be done on these virtual machines and not the guest OS hosting these virtual machines. During installation, just check the Add Python 3.8 to PATH option (the version number will depend on the version you downloaded) so that you can access Python from anywhere in Command Prompt:
Once you've selected this option highlighted in Figure 2.8, click on Install Now. Once the installation is complete, close the installation window and open a terminal/Command Prompt. Inside Command Prompt, just enter the python command. You should see the following output in the terminal. The Python shell should be open now:
Now that we've set up Python in Windows, let's move on to the Kali installation and set it up there as well.
Most pen testing OSes come with Python already installed. To check whether your distribution has Python installed, open Kali and search for Terminal. Open terminal and write the following command in the terminal:
You should see the following output:
The preceding result shows that Python version 2 is already installed; however, we need Python 3. Let's check again with the following command:
You should see the following output:
The preceding screenshot shows that Python 3 is also installed in Kali, so we don't have to install it again.
An IDE is a piece of software that helps us to write code efficiently. You can write Python script in a notepad as well; however, IDEs provide functionalities that help us to write code easily. There are a lot of options available. We will focus on free IDEs. The best option I found is Visual Studio Code (VS Code), which is completely free. Go ahead and download VS Code for both virtual OSes, Windows 10 and Kali: https://code.visualstudio.com/download.
Installation in Windows is simple: you need to follow the installer. Installation in Linux requires you to download a Debian package file. Open terminal and navigate to the location of the downloaded file. Then, run this command:
sudo dpkg -i /path/to/file
Here's what it'll look like:
Note that it will prompt you for a password to install.
Once it is installed, you will have to install the extension. Open VS Code and click on the Extensions tab to the left of VS Code and search for Python. It should look like this:
Click on the Install button and it should take a few seconds to install. Now you have everything almost set up to begin your ethical hacking journey. Until now, we have set up our virtual OS, installed Python on these machines, and installed VS Code with relevant extensions that will help us along our journey. In the next section, we will make some network configurations to help us along.
By default, all virtual machines create a separate virtual interface for networking. This means that the virtual OS devices are in a separate subnet as compared to your host OS. To make sure that all the OSes are in the same subnet, do the following:
Make sure you do it both for the Windows and the Kali installation:
Now all your devices will be in the same subnet. You should be able to ping the Kali installation from the Windows 10 installation.
Before proceeding, it is a good idea to update Kali so that everything is up to date. Kali can be updated with the following commands:
sudo apt-get update
sudo apt-get upgrade
The update process will take some time as it will update all repositories.
Python has a very neat feature called virtual environments. Using these virtual environments, you can keep track of dependencies of different Python projects and keep different projects separate from the main environment.
Let's create a new folder in Kali where all our project files will be present:
You should see the following output:
sudo apt install python3-pip
Once pip is installed properly, the output will be like this:
Also install pip3 in Windows if it doesn't exist already.
apt-get install python3-venv
python3 -m venv my-virtualenv
It'll look like the output in Figure 2.18:
Once the environment is activated, you will see that the environment name, my-virtualenv, is shown at the start of every terminal line. Now every package you install using pip in this shell will be installed only in this environment and will be isolated from the main environment.
Write the following code in the python file to test whether everything is working properly:
if __name__ == "__main__":
You should see the following:
To run it, use the following command:
You should see the following:
If you see the output hello world displayed, it means everything is installed properly.
Let's summarize what we did in this chapter. We started with downloading and installing virtual OSes on our host machine. Then we configured Python in our system, which we will use throughout the rest of the book. Then we configured our network for virtual machines, and at the end of this chapter, we learned how to use virtual environments in Python. These will be very helpful in later chapters when we want to create distributable binaries from our code. In the next chapter, we will cover an introduction to networking and how it can be used for ethical hacking.