How did I create hacking rig for ethical hacking. Based on VMware with Tesla M60. #infosec #hacking #pentest #pentesting #redteam #hackthebox #tryhackme #linux4hackers #ctf #kali #parrotos #linux #godaddy #linux4hackers

My goal with this project was to create a hacking rig that I can use when doing hackthebox, tryhackme and other ctf:s. I was lucky to get my hands on a server with Tesla M60 card. My other goal was also to have a server that I can use in phishing tests, and show others how this works.

I tried really hard with another server that had 2 Nvidia K2 cards but no luck. The card is to old and the NVIDIA CUDA drivers also.

A picture says 1000 word, so lets start with that

For security reasons the only machine that is accessible from the internet is the jumpstation, and only ssh. So If I want to access the other machines I do this with ssh tunneling. And of course with Vmware console, but that network is not accessible thru Internet. Online is a machine that I use to learn phishing and other fun stuff so that’s why I need port 443 up and running.

Physical hardware

Dell PowerEdge 730

Hardware

Virtual Machines and functions

Jump
OS: Ubuntu 20.04
Installed applications: SSH, fail2ban, git and tmux
Configuration:
Nothing really special. Just a jump box to the other machines. Hardening the ssh server, only allow key login for example.

Online
OS: Ubuntu 20.04
Installed applications: tmux, fail2ban, certboot, apache2, postfix and gophish
Configuration:
The main thing for this machine is the DNS. I did buy a domain from godaddy. Here are the entries for gophish to work. Applications on this box is standard config for now.

Gophish webgui

Kraken
OS: Ubuntu 20.04
Installed applications: hashcat-6.1.1, pack and tmux
Configuration:
1 Nvidia Tesla M60 Card with PCI passthru
Pack = Password Analysis and Cracking Kit by Peter Kacherginsky
This is used to create mask file for hascat, when I do attack mode with hashcat.

Important when doing PCI passthru change to EFI Bios
PCI Passthru NVIDIA Tesla M60

Kali
OS: Ubuntu 20.04
Installed applications: Kali with standard applikation + vpnclient for HTB and TryHackMe
Configuration: Nothing special here, just standard box for pentest stuff

Parrot
OS: ParrotOS
Installed applications: ParrotOS with standard applikation + vpnclient for HTB and TryHackMe
Configuration: Nothing special here, just standard box for pentest stuff

Commando
OS: Windows 10 Enterprise
Installed applications: A lot of application with commando-vm. https://github.com/fireeye/commando-vm
Configuration: Nothing special here, just standard box for pentest stuff.

Ansible
OS: Ubuntu 20.04
Installed applications: Ansible
Configuration: Comming project for Configuration management of this enviroment. Future blog post if I get it up and runnig.

WIN7
OS: Windows 7 32-Bit
Installed applications: IDA free and Immunity Debuger
Configuration: If I get into som debuging of 32 bit appliactions. Perhaps OSCP if I am lucky.

This is really new setup, so some things my be different in the future. Please feel free to send me tips and tricks how you did your pentest enviroment.
If you read this to the last word I thank you deeply from my heart.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.