Archiv für den Monat: Juni 2022

Pentesting Lab

Schreibe eine Antwort

Using Images from vulnhub.com in KVM (LibVirt) to create a Lab

Since most images on vulnhub are based on VMWare or VirtualBox, we have to convert the images into a proper format.

For now we will focus on VirtualBox Images (OVA) and convert them to qcow2 for Qemu.

Download an Image

As an example I will use the Breach 1 Image from https://www.vulnhub.com/entry/breach-1,152/ and download it.

wget https://download.vulnhub.com/breach/Breach-1.0.zip

As you can read in the description, this is a 7zip archive. So we have du decompress it and install 7z before.

# using Debian based system
sudo apt install p7zip-full
7z x Breach-1.0.zip

OVA is a Tarball

One thing to know is that an OVA is a Tarball. So let’s extract the Tarball.

tar -xvf 'Breach 1.0.ova'
Breach 1.0.ovf
Breach 1.0.mf
Breach_1.0-disk1.vmdk
Breach_1.0-file1.iso
Breach_1.0-file2.iso

Converting the disk (usually the vmdk file) into qcow2

# look for a disk image
ls -alh
total 5.7G
drwxr-xr-x 4 root root 4.0K Jun  5 21:16  .
drwx--x--x 4 root root 4.0K Jun  5 20:41  ..
-rw-r--r-- 1   64   64 1.4G Jun 13  2016  Breach_1.0-disk1.vmdk
-rw-r--r-- 1   64   64  32M Jun 13  2016  Breach_1.0-file1.iso
-rw-r--r-- 1   64   64 579M Jun 13  2016  Breach_1.0-file2.iso
-rw-r--r-- 1   64   64  271 Jun 13  2016 'Breach 1.0.mf'
-rw-r--r-- 1   64   64 7.5K Jun 13  2016 'Breach 1.0.ovf'
-rw-r--r-- 1 root root 1.9G Jun 14  2016  Breach-1.0.zip
-rw-r--r-- 1 root root 2.0G Jun 13  2016  breach.ova

# now we can convert the virtual machine disk image (vmdk) to create our qcow2 image
qemu-img convert -O qcow2 Breach_1.0-disk1.vmdk breach.qcow2

Now we can use breach.qcow2 as disk for out virtual machine.

Mounting the disk to the host to make changes the filesystem

This comes handy, if the image uses a fixed network setup, that does not fit your needs.

In the first we need to load kernel modules. Only necessary once.

sudo modprobe nbd max_part=8

Now we have to connect the image an mount the proper partition.

# connect the image to the device
sudo qemu-nbd --connect=/dev/nbd0 /var/lib/libvirt/images/VM.qcow2

# check the partitions to find the root partition
fdisk /dev/nbd0 -l
Disk /dev/nbd0: 20 GiB, 21474836480 bytes, 41943040 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x000312f0

Device      Boot    Start      End  Sectors  Size Id Type
/dev/nbd0p1 *        2048 39845887 39843840   19G 83 Linux
/dev/nbd0p2      39847934 41940991  2093058 1022M  5 Extended
/dev/nbd0p5      39847936 41940991  2093056 1022M 82 Linux swap / Solaris

# create a directory as a mount point
mkdir /tmp/mnt

# mount the first partition
sudo mount /dev/nbd0p1 /tmp/mnt/

# finaly reverse it to clean up and to unblock the image
umount /tmp/mnt && rmdir /tmp/mnt
qemu-nbd --disconnect /dev/nbd0