CNIT 126 Proj 3: Using INetSim on Kali Linux (20 pts.)

What You Need for This Project

Purpose

We will use Kali Linux to simulate the Intenet, and the Windows machine will be fooled by it.

Start Your Host Machine

If you are working in S214, select a machine to be your primary machine for the semester. You'll want to keep using the same machine as much as possible, because your virtual machines will be there. Power on your computer. Boot to the operating system named "Win 10-S214". Log on as Student with no password.

Making Your VM (Virtual Machines) Folder

Click Start, "File Explorer", "This PC". Find the "VMs-S214" drive and double-click it to open it.

In the VMs-S214 window, right-click the empty space and click New, Folder. Name the folder "YOUR NAME VMs" replacing YOUR NAME with your own name.

Getting the Virtual Machine 7-Zip Archive Files

You can download the files you need here:

http://games.samsclass.info/secret/download-vms.htm

You need a username and password to view that page. The username and password are written on the blackboard in the hacking lab, and you can get them from your instructor.

The two files you need are:

If you don't have broadband Internet access, you can get these files on a DVD labelled "8K2" in the hacking lab.

Getting 7-Zip

You need 7-Zip on your host machine. If you don't have it, download it from 7-zip.org

If you are using a Mac, get Ez7z

Extracting the Kali Virtual Machine

Make a folder for your Kali virtual machine on the VMs-S214 partition or some other available partition. I recommend making a folder with your name on it, and a subfolder within it named Kali.

DO NOT PUT VIRTUAL MACHINES ON THE C: DRIVE IN S214. They fill the drive and make the machine unusable, and will be deleted.

Right-click the Kali-Linux-2016.2-vm-i686.7z file, click 7-Zip, and click "Extract Files...". In the "Extract to:" box, enter the path to the folder you prepared, such as "G:\YOURNAME\Kali". Click OK.

Extracting the Windows Server 2008 Virtual Machine

Right-click the Win2008-Target.7z file, click 7-Zip, and click "Extract Files...". In the "Extract to:" box, enter the path to the folder you prepared, such as "G:\YOURNAME\Srv08". Click OK.

DO NOT PUT VIRTUAL MACHINES ON THE C: DRIVES IN S214!

They fill the drive and make the machines stop working. Virtual machines left on the desktop, Documents folder, or other C: drive locations may be deleted at any time, as needed to keep the machines working.

Starting your Win2008-Target Virtual Machine

In the VMware Player window, click "Open a Virtual Machine". Browse to the VMs-S214 drive amd open the folder with your name on it. Open the "Win2008-Target" folder and double-click the "Windows Server 2008 2.vmx" file.

In the VMware Player window, click the green "Play virtual machine" button.

Troubleshooting

If you see the message shown below, you need to update VMware Player. An updated version of VMware Player is on the S13 disk.

VMware Player will pop up several dialog boxes, asking whether this machine was moved or copied, telling you details about the processor, etc. Just accept the default choice for all those boxes.

To log in, you need to send a Ctrl+Alt+Delete to the virtual machine. On a Windows host, you can usually press Ctrl+Alt+Insert to do that. If that doesn't work, hunt through the VMware menus to send a Ctrl+Alt+Delete.

Log in as Administrator with a password of P@ssw0rd

When the server starts, it opens some windows by default. Close all windows.

You should see the Windows Server 2008 desktop as shown below:

Starting the Kali Linux Machine and Adjusting Networking

Start the Attacker Linux machine in VMware Player.

If you don't see a user named "root", click Other....

Log in to Kali with the username root and a password of toor

You should see the Kali Linux desktop as shown below:

Setting the Kali Linux VM to NAT Networking

In the VMware Player window showing your Kali Linux desktop, on the top left, click Player, Manage, "Virtual Machine Settings".

In the "Virtual Machine Settings" box, on the left side, click "Network Adapter".

On the right side, click "NAT". Click OK.

At the top left of the Kali Linux desktop, find these items:

At the top left of the Kali Linux desktop, click the rectangular black icon to open a Terminal window.

In the Terminal window, type in this command to get a new IP address, and then press the Enter key:

dhclient -v

Finding the Kali Machine's IP Address

On your Kali Linux machine, in a Terminal window, execute this command:
ifconfig
Find your IP address and make a note of it. In the example below, it is 192.168.119.169.

Checking for a Web server

On your Linux machine, in a Terminal window, execute this command:
lsof -i :80
This command shows processes listening on port 80. If you see apache2 processes, as shown below, execute this command to stop apache:
service apache2 stop

Configuring inetsim

inetsim is included in Kali Linux 2 already. But it needs some configuration.

On your Linux machine, in a Terminal window, execute these commands:

cp /etc/inetsim/inetsim.conf /etc/inetsim/inetsim.conf.orig

nano /etc/inetsim/inetsim.conf

Scroll down about 3 screens. Find the service_bind_address section shown below. All these lines are comments because they start with the # character.

Change this line:

#service_bind_address 10.10.10.1
to this
service_bind_address 0.0.0.0
as shown below. This sets inetsim listening on all Kali's IP addresses.

Don't forget to delete the # at the start of the line!

Scroll down another several screens to find the dns_default_ip section shown below. Find this line:

#dns_default_ip 10.10.10.1
Remove the # at the start of the line, and replace the IP address with the IP address of your Kali Linux machine, as shown below:
dns_default_ip 192.168.1.132

Use your correct IP address instead of "192.168.1.132"

Save the file with Ctrl+X, Y, Enter.

To start inetsim, on your Linux machine, in a Terminal window, execute this command:

inetsim

Start Your Windows VM

Start your Windows Server 2008 virtual machine, and set it to NAT networking.

Installing Nmap

In your Windows Server 2008 virtual machine, click Start and look for Nmap. It should be there. If not, open a Web browser and go to

http://nmap.org/ to get it.

Setting the DNS Server

On your Windows VM, click Start. Right-click Network and click Properties.

On the left side, click "Manage network connections". Right-click "Local Area Connection" and click Properties.

Double-click "Internet Protocol Version 4(TCP/IPv4)".

Set your DNS server to the Kali Linux machine's IP address, as show below. Then click OK twice.

Viewing an HTTP Web Page

Open a Web browser on the Windows VM and go to this URL: http://YOURNAME.com, replacing "YOURNAME" with your real name.

You see the INetSim default HTML page, as shown below:

Saving a Screen Image

Make sure the Web browser shows these two things:

Click the taskbar at the bottom of your host Windows 10 desktop, to make the host machine listen to the keyboard, instead of the virtual machine.

Press the PrintScrn key in the upper-right portion of the keyboard. That will copy the whole desktop to the clipboard.

YOU MUST SUBMIT A FULL-SCREEN IMAGE FOR FULL CREDIT!

On the host machine, not the virtual machine, click Start.

Type mspaint into the Search box and press the Enter key.

Click in the untitled - Paint window, and press Ctrl+V on the keyboard. The desktop appears in the Paint window.

Save the document with the filename "YOUR NAME Proj 3a", replacing "YOUR NAME" with your real name.

Scanning YOURNAME.com

Start Nmap. Enter a Target of YOURNAME.com, replacing "YOURNAME" with your own name.

Click the Scan button.

You should see a lot of open ports, as shown below.

Saving a Screen Image

Make sure the Nmap window shows these two things:

Click the taskbar at the bottom of your host Windows 10 desktop, to make the host machine listen to the keyboard, instead of the virtual machine.

Press the PrintScrn key to copy the whole desktop to the clipboard.

YOU MUST SUBMIT A FULL-SCREEN IMAGE FOR FULL CREDIT!

Paste the image into Paint.

Save the document with the filename "YOUR NAME Proj 3b", replacing "YOUR NAME" with your real name.

Turning in your Project

Email the images showing the secret messages to cnit.126sam@gmail.com with the subject line: Proj 3 from YOUR NAME

Sources

http://www.inetsim.org/packages.html

http://securitygoth.blogspot.com/

http://danielabrantes.blogspot.com/2013/05/sendemail-invalid-sslversion-specified.html

Last modified 1-30-17