Join Malcolm Shore for an in-depth discussion in this video Introduction to virtualization, part of Learning Kali Linux.
- [Voiceover] In this course, I'm going to show you how to set up and do security testing in a virtual lab. To create the lab, we'll use a virtualization system, called VirtualBox, which runs on a Windows host computer. To do the testing, we'll use a Linux distribution, which is designed specifically for security work, called Kali Linux. We'll also have in the virtual lab, a number of target systems that we can test. There are a number of benefits of using a virtual test lab.
Virtualization is a very easy way of setting up a testing environment, and avoids the need to purchase racks of computers and networking equipment. I'm using my i7 Ultrabook to run a virtual test lab, but with the efficiency of modern virtual environments, almost any computer is powerful enough to do this. Using a virtual lab for testing ensures that all testing is contained within a prescribed environment, and test scans and probes don't leak out onto the internet.
This is an important consideration in ethical penetration testing, or pen testing, as it's usually known, and it's also prudent to ensure that testing activities don't accidentally become illegal activities. Virtualization is not only a simple way to create a lab, but also offers a further advantage when dealing with potentially dangerous tools. Using a virtual environment, a tester can take a copy of a known good state and save it as a snapshot. After running a testing session, the snapshot can be used to recover the lab and remove any traces of malicious activity.
Before we go any further, let's look at what we mean by virtualization. The basic structure of a normal computer is a hardware layer, on top of which sits the operating system. The operating system directly interacts with the computer hardware, and controls how the hardware is accessed. On top of the operating system, are the various applications which use operating system services, and through them the hardware resources. For a native or hardware-level virtualized system, there's another layer, the hypervisor, which sits on top of the hardware.
This provides a virtual set of hardware, on top of which sits the operating system and its applications. Using the hypervisor enables multiple operating and application system stacks to operate. These are called virtual machines, or VMs. The hypervisor manages the virtualization of (mumbles) services, mapping virtual machine devices to the hardware devices, and managing contention. An example of this is the Microsoft Hyper-V hypervisor, which was introduced with Windows Server 2008.
Native hypervisors are installed prior to installation of any operating systems. The hypervisor includes a virtual machine manager, or VMM, which can be used to stop and start virtual machines, and to configure how they operate. In the case of Hyper-V, the hypervisor management sits in what is known as the parent partition, and guest operating systems sit in child partitions. VMs don't have direct access to the hardware resources. The VMM service in the parent partition, does have access to hardware devices, and manages them on behalf of all VMs.
A VM hardware request is redirected by its virtualized service client across the VM bus to the appropriate device in the parent partition. Software virtualization is another approach that can be used. In this approach, the Virtualization Manager operates as a standard application on top of a host operating system. To do this, any privileged operations within the operating system must be carried out by a VM-safe routine in hypervisor memory. This is achieved by a module in VirtualBox called the Code Scanning and Analysis Manager, working in conjunction with the Real-time Patch Manager, which identifies and replaces unsafe code with safe code routines.
Processes such as the Intel VT-x include hardware-assisted virtualization, to enable virtual machines to maintain their own address space and deliver additional performance. Two popular software-assisted virtualization systems for Windows are VMware, and Oracle's VirtualBox. Parallels is a popular virtualization environment for Mac systems, often used to enable Windows functionality on Mac computers. In this course, I'll be using VirtualBox.
VirtualBox is free to use, it's available for the x86 type of processes, and runs on a range of operating systems, including Windows, Linux, Macintosh, and Solaris. I'll be running it on my Windows 10 Ultrabook. VirtualBox is dual licensed, the base package comes as a free download, and contains everything needed to run a virtual environment. An extension pack is also available, which includes extra features, and this is free of charge for personal use. Enterprise customers are encouraged to purchase a commercial license in order to access additional features and support for mission-critical use.
To learn more about virtualization, take a look at Martin Guidry's Essential Training course, which you can access here.
This course will give prospective ethical hackers a short overview of the tools in Kali Linux. Cybersecurity expert Malcolm Shore shows how to set up a virtual environment for testing, configure Kali Linux, and install toolsets for information gathering, vulnerability assessment, password and hash cracking, and target exploitation.
Because businesses are connected, they are also exposed. Vulnerability testing helps organizations limit that exposure. This course will help you explore the careers, techniques, and tools behind ethical hacking—one of the most competitive and sought-after IT security skills.
- Overview of Metaploit, Maltego, and Wifite
- Setting up a virtual lab with Oracle VM
- Installing virtual machines and appliances
- Exploring the Kali Linux applications
- Gathering information with DMitry and DNSenum
- Conducting a vulnerability assessment
- Installing OpenVAS and Vega
- Testing passwords
- Exploiting targets
Skill Level Beginner
Q: This course was updated on 06/12/2017. What changed?
A: The following topics were updated: setting up a virtual lab, installing appliances, Windows Credential Editor, using John for Windows passwords, pass the hash, using rainbow tables, exploiting with Armitage, pivoting through a network, and getting stealth and persistent access. In addition, a new video was added that shows how to create Trojans with msfvenom.