Chapter 2: Getting Started – Setting Up a Lab Environment

Before we start going into the details of how to start ethical hacking, we need to configure a couple of things. In this section, we will learn what tools are needed to complete this book. Most of the tools we will be using in this book are available for free.

We will start by selecting the Python version used in this book. Then, we will shift our focus to the Integrated Development Environments (IDEs) used in this book. We will also learn how to set up virtual environments and understand how they can be useful. Later, we will dive into selecting Operating Systems (OSes) both for the attacker as well as the target/victim. We will explore different OSes and finally settle on the ones we will use in this book. We will also test a sample Python script at the end to check that everything is configured properly and see whether we are good to go.

In this chapter, we'll go through the following topics:

  • Setting up VirtualBox
  • Installing Python
  • Exploring IDEs
  • Setting up networking
  • Updating Kali Linux
  • Using virtual environments

Technical requirements

In order to complete this chapter, you will need a decent working PC with sufficient hard disk space and memory to run two virtual OSes. As a rough estimate, 100 GB storage and 8 GB RAM should be sufficient.

The source code for the project is located at the following link: https://github.com/PacktPublishing/Python-Ethical-Hacking.

Setting up VirtualBox

As mentioned earlier, we will be configuring our setup for penetration testing (pen testing) in this chapter. The first thing we will need is virtualization software. Virtualization software helps us to run a complete OS on top of our existing OS. The main advantage of virtualization is that you can run a complete OS without needing to buy additional physical hardware, such as a PC, while enjoying all the features that come with such hardware. Once we move forward, you will understand these advantages in more detail. Here's a list of popular virtualization software:

  • VMware Workstation Player
  • VirtualBox

Though there are other options available, I recommend using one of these. I will be using VirtualBox in this book since it is free. VMware Player is also free, but it can't be used commercially without proper licensing.

To download VirtualBox, go to the following link: https://www.virtualbox.org/wiki/Downloads.

There you will find the link to download it. Follow these steps:

  1. Choose the VirtualBox installation package for Windows and download it.
  2. Once downloaded, open the installer and follow the instructions to install it on your system.

    The installation process should be fairly simple. During installation, it may ask you for permission to install certain drivers. Please allow the installer to install these drivers as well.

    Once installed, the interface should look something like this:

Figure 2.1 – VirtualBox interface

Figure 2.1 – VirtualBox interface

Setting up the virtualization software gives us a foundation on which to build our lab. Going forward, we'll use this foundation to build the components needed to run the lab. Up next, we'll look at OSes and choose and configure what we need.

Installing virtual OSes

We will need one OS to be used as an attack machine and one to be used as a target machine. In practical cases, most of the time, the attack machine is mostly a Linux distribution-based system and the target/victim machine will be a Windows-based system. We will use the term target and victim interchangeably throughout this book.

Attack machine OS

There are a lot of options for a pen testing machine. However, there are a few Linux-based distributions that stand out:

  • Kali Linux
  • Parrot OS

There are other options as well. However, I recommend using Kali Linux, since it's stable and widely used for pen testing. Kali has a lot of tools preconfigured, which can save a lot of time.

Kali Linux

To download a virtual image for Kali Linux, go to Kali's download page: https://www.kali.org/downloads/.

Let's begin the installation process:

  1. In the Download section, select Kali Linux 64-bit VirtualBox. This is a complete image of an already-installed Kali OS, so you will not need to install anything:
    Figure 2.2 – Kali Linux VirtualBox image

    
Figure 2.2 – Kali Linux VirtualBox image

  2. The download should take some time depending on your internet speed. Once the image is downloaded, simply import the downloaded image into VirtualBox. To import the Kali machine, click on the Import button in the Tools tab, as shown in the following screenshot:
    Figure 2.3 – Importing the Kali virtual machine

    Figure 2.3 – Importing the Kali virtual machine

  3. This will open a dialog box and you can select the kali machine ova file you just downloaded.

During boot, you will be asked for the password to log in to the Kali Linux system. The default credentials for the image are as follows:

Important note

You may need to disable USB 2 support in the settings to properly start the machine.

Once the system is started, it should look like this:

Figure 2.4 – Kali Linux home screen

Figure 2.4 – Kali Linux home screen

Now that we've set up our attacker machine, let's move on to the machine for the victim.

Victim machine OS

For the victim machine, we will use Windows 10 as our OS. Here you have two options; either you can install a Windows 10 OS from scratch using an ISO file or you can download a prebuilt image for VirtualBox. The second option is easier, and I recommend using that. However, the downside of this is that it is quite large, around 20 GB, and can only be used for 90 days, after which it expires. This time should be enough for most purposes, however. If your needs go beyond the 90-day period, you can manually install Windows 10 on VirtualBox. There are a lot of tutorials available on the internet for this purpose.

Let's go with the prebuilt option for this chapter. Use the following link to download the prebuilt image: https://developer.microsoft.com/en-us/windows/downloads/virtual-machines/.

Let's look at how to use this in VirtualBox:

  1. Once you have downloaded the Windows 10 VirtualBox image, go to VirtualBox and click on Add.
  2. A dialog box will open; select the Windows 10 image you just downloaded.

    If you performed the steps properly, your Windows 10 should be up and running now. The VirtualBox interface for virtual Windows should look like this:

Figure 2.5 – Windows virtual machine

Figure 2.5 – Windows virtual machine

The topology of our system will look like this:

Figure 2.6 – Host Windows 10 OS

Figure 2.6 – Host Windows 10 OS

Once the virtual OSes are installed, the VirtualBox software will look like this:

Figure 2.7 – VirtualBox

Figure 2.7 – VirtualBox

Until now, we have installed the virtual OSes on our host machines. Next, we will focus on configuring these machines to our liking so we can use them for the remainder of this book. In the next section, we will download and install Python 3 on these virtual machines.

Installing Python

The next thing we will need to set up in this chapter is Python. We will be using Python version 3, or python3, in this book. Python 3 is a major version of Python and it is incompatible with the older version 2. To download Python, go to https://www.python.org/ and download the latest version. At the time of writing, Python 3.8 is the recommended version; however, every Python version above 3.2 should be fine for this book. The 64-bit version of Python is recommended. I will be assuming that you are using Windows as the main OS; however, the code mentioned in this book should work on Linux and macOS as well since we will be running virtual machines.

Installing Python on Windows

The procedure for installing Python on Windows is fairly simple. Open the Windows 10 virtual machine you just installed in the Installing virtual OSes section. Note that from now on, most of the work will be done on these virtual machines and not the guest OS hosting these virtual machines. During installation, just check the Add Python 3.8 to PATH option (the version number will depend on the version you downloaded) so that you can access Python from anywhere in Command Prompt:

Figure 2.8 – Python installation


Figure 2.8 – Python installation

Once you've selected this option highlighted in Figure 2.8, click on Install Now. Once the installation is complete, close the installation window and open a terminal/Command Prompt. Inside Command Prompt, just enter the python command. You should see the following output in the terminal. The Python shell should be open now:

Figure 2.9 – Python shell

Figure 2.9 – Python shell

Now that we've set up Python in Windows, let's move on to the Kali installation and set it up there as well.

Installing Python on Kali Linux

Most pen testing OSes come with Python already installed. To check whether your distribution has Python installed, open Kali and search for Terminal. Open terminal and write the following command in the terminal:

python --version

You should see the following output:

Figure 2.10 – Python version

Figure 2.10 – Python version

The preceding result shows that Python version 2 is already installed; however, we need Python 3. Let's check again with the following command:

python3 --version

You should see the following output:

Figure 2.11 – Python 3 version number

Figure 2.11 – Python 3 version number

The preceding screenshot shows that Python 3 is also installed in Kali, so we don't have to install it again.

Integrated development environment

An IDE is a piece of software that helps us to write code efficiently. You can write Python script in a notepad as well; however, IDEs provide functionalities that help us to write code easily. There are a lot of options available. We will focus on free IDEs. The best option I found is Visual Studio Code (VS Code), which is completely free. Go ahead and download VS Code for both virtual OSes, Windows 10 and Kali: https://code.visualstudio.com/download.

Installation in Windows is simple: you need to follow the installer. Installation in Linux requires you to download a Debian package file. Open terminal and navigate to the location of the downloaded file. Then, run this command:

sudo dpkg -i /path/to/file

Here's what it'll look like:

Figure 2.12 – VS Code installation in Kali

Figure 2.12 – VS Code installation in Kali

Note that it will prompt you for a password to install.

Once it is installed, you will have to install the extension. Open VS Code and click on the Extensions tab to the left of VS Code and search for Python. It should look like this:

Figure 2.13 – Python extension

Figure 2.13 – Python extension

Click on the Install button and it should take a few seconds to install. Now you have everything almost set up to begin your ethical hacking journey. Until now, we have set up our virtual OS, installed Python on these machines, and installed VS Code with relevant extensions that will help us along our journey. In the next section, we will make some network configurations to help us along.

Setting up networking

By default, all virtual machines create a separate virtual interface for networking. This means that the virtual OS devices are in a separate subnet as compared to your host OS. To make sure that all the OSes are in the same subnet, do the following:

  1. Go to the settings of each virtual machine.
  2. In the network settings, select Bridged Adapter for the Attached to option.

    Make sure you do it both for the Windows and the Kali installation:

Figure 2.14 – Setting the network adapter

Figure 2.14 – Setting the network adapter

Now all your devices will be in the same subnet. You should be able to ping the Kali installation from the Windows 10 installation.

Updating Kali

Before proceeding, it is a good idea to update Kali so that everything is up to date. Kali can be updated with the following commands:

sudo apt-get update

sudo apt-get upgrade

The update process will take some time as it will update all repositories.

Using virtual environments

Python has a very neat feature called virtual environments. Using these virtual environments, you can keep track of dependencies of different Python projects and keep different projects separate from the main environment.

Let's create a new folder in Kali where all our project files will be present:

  1. Open your Kali home directory and create a new folder called python-hacking. All our future work will be done here.
  2. Open this folder in VS Code:
    Figure 2.15 – Folder structure inside VS Code

    Figure 2.15 – Folder structure inside VS Code

  3. Inside the python-hacking folder, create a new folder called m1-hello-world. Here we will test our virtual environment. Inside the m1-hello-world folder, create a new file called main.py.
  4. Check whether the Python package manager, pip, is installed properly in Kali using the following command in terminal:

    pip3 –version

    You should see the following output:

    Figure 2.16 – pip not installed

    Figure 2.16 – pip not installed

  5. If you see an output similar to the preceding one, it means that pip is not installed on the system. To install pip, run the following command. Make sure that the system is updated:

    sudo apt install python3-pip

    Once pip is installed properly, the output will be like this:

    Figure 2.17 – pip installation

    Figure 2.17 – pip installation

    Also install pip3 in Windows if it doesn't exist already.

  6. Now open the main.py file and write some Python code. We will just use the following code. To open a terminal in VS Code, press Ctrl + `.
  7. Now we will install a Python virtual environment module. Run the following command to install it:

    apt-get install python3-venv

  8. Once the Python virtual environment module is installed, we can create a virtual-env folder by simply running the following command in the terminal:

    python3 -m venv my-virtualenv

  9. If the command runs successfully, you will see a new folder created with the name my-virtualenv. This folder contains a Python environment that is isolated from the system environment. To enable this environment, run the following command:

    source my-virtualenv/bin/activate

    It'll look like the output in Figure 2.18:

Figure 2.18 – Activating an environment

Figure 2.18 – Activating an environment

Once the environment is activated, you will see that the environment name, my-virtualenv, is shown at the start of every terminal line. Now every package you install using pip in this shell will be installed only in this environment and will be isolated from the main environment.

Write the following code in the python file to test whether everything is working properly:

if __name__ == "__main__":

print("Hello world")

You should see the following:

Figure 2.19 – Sample Python script

Figure 2.19 – Sample Python script

To run it, use the following command:

python3 main.py

You should see the following:

Figure 2.20 – Running the Python script

Figure 2.20 – Running the Python script

If you see the output hello world displayed, it means everything is installed properly.

Summary

Let's summarize what we did in this chapter. We started with downloading and installing virtual OSes on our host machine. Then we configured Python in our system, which we will use throughout the rest of the book. Then we configured our network for virtual machines, and at the end of this chapter, we learned how to use virtual environments in Python. These will be very helpful in later chapters when we want to create distributable binaries from our code. In the next chapter, we will cover an introduction to networking and how it can be used for ethical hacking.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
98.82.120.188