{"id":112,"date":"2022-06-06T19:58:55","date_gmt":"2022-06-06T18:58:55","guid":{"rendered":"https:\/\/trashdump.net\/?p=112"},"modified":"2022-06-06T20:19:15","modified_gmt":"2022-06-06T19:19:15","slug":"pentesting-lab","status":"publish","type":"post","link":"https:\/\/trashdump.net\/?p=112","title":{"rendered":"Pentesting Lab"},"content":{"rendered":"

Using Images from vulnhub.com<\/a> in KVM (LibVirt) to create a Lab<\/h1>\n

Since most images on vulnhub are based on VMWare or VirtualBox, we have to convert the images into a proper format.<\/p>\n

For now we will focus on VirtualBox Images (OVA) and convert them to qcow2 for Qemu.<\/p>\n

Download an Image<\/h2>\n

As an example I will use the Breach 1 Image from https:\/\/www.vulnhub.com\/entry\/breach-1,152\/<\/a> and download it.<\/p>\n

wget https:\/\/download.vulnhub.com\/breach\/Breach-1.0.zip\n<\/code><\/pre>\n
As you can read in the description, this is a 7zip archive. So we have du decompress it and install 7z before.<\/p>\n
# using Debian based system\nsudo apt install p7zip-full\n7z x Breach-1.0.zip\n<\/code><\/pre>\n
OVA is a Tarball<\/h2>\n
One thing to know is that an OVA is a Tarball. So let’s extract the Tarball.<\/p>\n
tar -xvf 'Breach 1.0.ova'\nBreach 1.0.ovf\nBreach 1.0.mf\nBreach_1.0-disk1.vmdk\nBreach_1.0-file1.iso\nBreach_1.0-file2.iso\n<\/code><\/pre>\n
Converting the disk (usually the vmdk file) into qcow2<\/h2>\n
# look for a disk image\nls -alh\ntotal 5.7G\ndrwxr-xr-x 4 root root 4.0K Jun  5 21:16  .\ndrwx--x--x 4 root root 4.0K Jun  5 20:41  ..\n-rw-r--r-- 1   64   64 1.4G Jun 13  2016  Breach_1.0-disk1.vmdk\n-rw-r--r-- 1   64   64  32M Jun 13  2016  Breach_1.0-file1.iso\n-rw-r--r-- 1   64   64 579M Jun 13  2016  Breach_1.0-file2.iso\n-rw-r--r-- 1   64   64  271 Jun 13  2016 'Breach 1.0.mf'\n-rw-r--r-- 1   64   64 7.5K Jun 13  2016 'Breach 1.0.ovf'\n-rw-r--r-- 1 root root 1.9G Jun 14  2016  Breach-1.0.zip\n-rw-r--r-- 1 root root 2.0G Jun 13  2016  breach.ova\n\n# now we can convert the virtual machine disk image (vmdk) to create our qcow2 image\nqemu-img convert -O qcow2 Breach_1.0-disk1.vmdk breach.qcow2\n<\/code><\/pre>\n
Now we can use breach.qcow2 as disk for out virtual machine.<\/p>\n
Mounting the disk to the host to make changes the filesystem<\/h2>\n
This comes handy, if the image uses a fixed network setup, that does not fit your needs.<\/p>\n
In the first we need to load kernel modules. Only necessary once<\/em>.<\/p>\n
sudo modprobe nbd max_part=8\n<\/code><\/pre>\n
Now we have to connect the image an mount the proper partition.<\/p>\n
# connect the image to the device\nsudo qemu-nbd --connect=\/dev\/nbd0 \/var\/lib\/libvirt\/images\/VM.qcow2\n\n# check the partitions to find the root partition\nfdisk \/dev\/nbd0 -l\nDisk \/dev\/nbd0: 20 GiB, 21474836480 bytes, 41943040 sectors\nUnits: sectors of 1 * 512 = 512 bytes\nSector size (logical\/physical): 512 bytes \/ 512 bytes\nI\/O size (minimum\/optimal): 512 bytes \/ 512 bytes\nDisklabel type: dos\nDisk identifier: 0x000312f0\n\nDevice      Boot    Start      End  Sectors  Size Id Type\n\/dev\/nbd0p1 *        2048 39845887 39843840   19G 83 Linux\n\/dev\/nbd0p2      39847934 41940991  2093058 1022M  5 Extended\n\/dev\/nbd0p5      39847936 41940991  2093056 1022M 82 Linux swap \/ Solaris\n\n# create a directory as a mount point\nmkdir \/tmp\/mnt\n\n# mount the first partition\nsudo mount \/dev\/nbd0p1 \/tmp\/mnt\/\n\n# finaly reverse it to clean up and to unblock the image\numount \/tmp\/mnt && rmdir \/tmp\/mnt\nqemu-nbd --disconnect \/dev\/nbd0\n<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"
Using Images from vulnhub.com in KVM (LibVirt) to create a Lab Since most images on vulnhub are based on VMWare or VirtualBox, we have to convert the images into a proper format. For now we will focus on VirtualBox Images (OVA) and convert them to qcow2 for Qemu. Download an Image As an example I […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4,6],"tags":[],"class_list":["post-112","post","type-post","status-publish","format-standard","hentry","category-cloud-web","category-virtualisierung"],"_links":{"self":[{"href":"https:\/\/trashdump.net\/index.php?rest_route=\/wp\/v2\/posts\/112"}],"collection":[{"href":"https:\/\/trashdump.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/trashdump.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/trashdump.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/trashdump.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=112"}],"version-history":[{"count":7,"href":"https:\/\/trashdump.net\/index.php?rest_route=\/wp\/v2\/posts\/112\/revisions"}],"predecessor-version":[{"id":119,"href":"https:\/\/trashdump.net\/index.php?rest_route=\/wp\/v2\/posts\/112\/revisions\/119"}],"wp:attachment":[{"href":"https:\/\/trashdump.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=112"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/trashdump.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=112"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/trashdump.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=112"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}