Creating a New Virtual Machine
Open VMware Workstation and create a new virtual machine (VM): File - New Virtual Machine... This will launch the "New Virtual Machine Wizard". In the welcome screen select "Custom (advanced)", and click "Next >". Choose the VM hardware compatibility as "Workstation 8.0" (default), and click "Next >". In the "Guest Operating System Installation" step, select "Installer disc image file (iso)", browse to the ISO file for SamuraiWTF 2.0 ("SamuraiWTF-2.0-i386.iso"), and click "Next >". In the "Select a Guest Operating System" select Linux as the "Guest operating system" and Ubuntu as the "Version", and click "Next >".
The "Name the Virtual Machine" window allows you to select the virtual machine name (eg. "SamuraiWTF-2.0"), and indicate where you want to save the new VM (directory, such as "C:\VMWARES\SamuraiWTF-2.0"). Click "Next >". The "Processor Configuration" screen allows you to select the number of processors and cores, where the default of "1:1" is fine, for a total of 1 processor core. Click "Next >". The next "Memory for the Virtual Machine" screen allows you to change the amount of RAM to 2048 MB or more from the default of 1024 MB. Click "Next >". In the "Network Type" screen it is possible to select the network interface type (by default, NAT). Click "Next >". The "Select I/O Controllers Type" can be left with the default SCSI controller: "LSI Logic". Click "Next >". In the "Select a Disk" screen it is recommended to "Create a new virtual disk", click "Next >", leave the default disk type in the next screen ("SCSI"), click "Next >", and define the maximum hard disk size (by default, 20 GB). All the other disk capacity options can be left with the default values. Click "Next >". The "Specify Disk File" allows you to provide the exact filename to be used for the VM disk (eg. "SamuraiWTF-2.0.vmdk"). Click "Next >". Finally, the "Ready to Create Virtual Machine" screen details all the VM settings selected, and by default will automatically power on the VM after creation.
As the VM is ready to boot, click the "Finish" button.
Booting SamuraiWTF 2.0
The recently created VM will start up, using the default Linux boot option, "Start SamuraiWTF". Wait till the SamuraiWTF desktop shows up.
Installing SamuraiWTF 2.0 to the hard disk
Double click the "Install SamuraiWTF 2.0" icon from the desktop and follow the installation wizard. From the "Language" screen select the language for the installation process and click "Continue".
The "Prepare" step recommends to have more than 15GB of free disk space and Internet connectivity. Select the "Download updates while installing" option to get the latest software, and optionally the "Install this third-party software", and click "Continue".
On the "Disk Setup" window leave the default guided disk layout and click on "Install Now".
On the "Timezone" screen select your timezone and, while the installation process starts copying files (a significant time optimization improvement over previous versions, but take into account that it can consume lots of your computer's resources while following the next installation steps), and click "Continue".
On the "Keyboard" screen select your keyboard layout and click "Continue".
On the "User Info" screen select your username and password, plus the hostname. It is highly recommended to change the default SamuraiWTF password (samurai - www.whatisthesamuraipassword.com) and use a long passphrase instead. It is preferable to select a custom hostname that does not include references to SamuraiWTF (by default "samurai-virtual-machine" is pre-filled). Leave the "Require my password to log in" option, although it won't be applied in version 2.0 due to recent changes to fix a very old bug. Click "Continue".
NOTE: A race condition has been identified (sometimes) depending on the time it takes to reach from the "Disk Setup" screen till the "User Info" screen, where the "Keyboard" step will directly jump into the "Install" step, bypassing the "User Info" screen. Quickly moving through the timezone and keyboard setup seems to help to avoid this unexpected behavior. If you suffer this behavior it is recommended to repeat the setup by booting the VM again from the ISO image.
The process will remain on the "Install" screen while all the files are copied and the different system elements are configured.
Once the installation finishes you will get an "Installation Complete" popup. It is recommended to click the "Restart Now" button to start using the SamuraiWTF instance installed on the hard disk, instead of the live instance from the ISO image.
There is a bug in the reboot/shutdown process of the live CD/DVD version, where the message that suggests the user to eject the CD/DVD and press any key to restart/shutdown does not show up. Once you get the following background SamuraiWTF image, press any key to reboot/shutdown the VM.
After rebooting, the VM CD/DVD is not connected, so the system directly boots from the recently installed hard disk. You can unplug the SamuraiWTF ISO image from the CD/DVD by going to the VM settings window, using the "CD/DVD (IDE)" icon and selecting "Use physical drive".
Once the new SamuraiWTF VM boots up you will be directly presented with the desktop, where the installation icon is not available anymore, but access to the README and CHANGELOG files, the latest version of the official SamuraiWTF training material in PDF format (as of today, v13 - see more details about upcoming training sessions below) and folders with the output of tools, a few wordlists, and exploit/payloads from several tools.
If you do not see the desktop icons, simply resize the VM window (this seems to be a bug in VMware Workstation).
Updating VMware Tools
VMware Tools are already installed in SamuraiWTF 2.0, thus you can directly copy & paste between the host and the guest operating systems. However, depending on the VMware version you are using you might want to update VMware Tools.
Go to the "VM - Update VMware Tools" menu in VMware. Depending on your setup, or if this is the first time you install/update VMware Tools on a Linux VM, VMware might need to download them first. If this is the case, click the "Download" button. Once they have been downloaded, or if they were already available, click on the "Install" button to connect the VMware Tools CD to the VM.
The CD is not automatically mounted on Ubuntu 12.04 if there is no password set for the root user (see related VMware doc), as in SamuraiWTF 2.0, so you need to manually mount the CD and launch the VMware Tools installation process:
$ sudo mount /dev/cdrom /media/cdrom
$ cd /tmp
$ tar xvzf /media/cdrom/VMwareTools-8.8.4-743747.tar.gz
$ cd vmware-tools-distrib/
$ sudo ./vmware-install.pl
...
Follow the installation process and reply with the default answer to all the questions:
- You have a version of VMware Tools installed. Continuing this install will first uninstall the currently installed version. Do you wish to continue? (yes/no) [yes]
- In which directory do you want to install the binary files? [/usr/bin]
...
- Would you like to enable VMware automatic kernel modules? [yes]
Post installation steps
You can clean up the bash command line history by closing all terminals, launching a new one, and running a couple of commands:
$ > $HOME/.bash_history
$ exit
You can manually remove VMware Tools from /tmp or wait till the next boot for automatic removal.
Your new SamuraiWTF 2.0 VM is ready to run and assist you in your web-app penetration tests! Do not forget to take a VMware snapshot in case you need to restore back to this clean state.
The instructions to create a SamuraiWTF 2.0 virtual machine in VMware Fusion are available on a previous blog post, as well as for VMware Player.
Shameless Training Plug
This is an introductory guide to the official "Assessing and Exploiting Web Applications with Samurai-WTF" 2-day training I will be running at the BruCON 2012 conference during September 24-25 in Ghent (Belgium). This training session will be based on the latest SamuraiWTF 2.0 version and its new target web-apps and tools. If you are an OWASP member, you can take advantage of a 10% discount on the training fee.
Posts
No comments:
Post a Comment