A quick blurb – one thing about setting up the networks from Georgia Weidman’s Penetration Testing book is that she has the networks as bridged. Which is nice, until you start setting up your own static IPs. I use an Apple Express which has Class A public IPs (10.0.1.1 – 10.0.1.254), so I set my static IPs for XP and Windows 7 in that range. If you hop on a network that is in the Class C public IP space (192.168.1.1 – 192.168.1.254), it isn’t going to work. I remembered this when I started using the VMs at the coffee shop rather than home. The solution? Either revert back to DHCP to get on the Internet or create another network, this one should be a NAT (Network Address Translation). This way the VM creates its own NAT behind the LAN/WLAN router. I am going to then disable it after I get what I need from the Internet.
In Georgia Weidman’s Book, Penetration Testing: A Hands-On Introduction to Hacking, it looks like the link to XAMPP 1.7.2, Adobe Reader 8.12, and mona.py is broken.
- I used SourceForge to download XAMPP 1.7.2, direct link here.
- I used Brothersoft to download Adobe Reader 8.1.2, direct link here. (Disclaimer: Brothersoft has an executable wrapper around the software, where it downloads a Brothersoft executable which downloads Adobe Reader. Dumb.)
- I used corelan’s GitHub repo to download mona.py, raw file here.
I have decided to continue working through Georgia Weidman’s book, Penetration Testing: A Hands-On Introduction to Hacking. I got stuck on page 40, chapter 1 when it Georgia asked me to install Zervit 0.4 on Windows XP sp1. Windows XP sp1 comes with IE6 which is so old, most web servers don’t even support the connections to it. So when I tried going to http://www.exploit-db.com/exploits/12582/ to download Zervit, I was getting a blank page.
So, I had two options, one, I thought about installing VMWare Tools and connecting a folder where I could download Zervit on my host machine, put Zervit in the folder, and then open it in XP. I couldn’t seem to be able to install what was needed on the host machine (when I went to Player -> Manage -> Install VMWare it was greyed out), so plan two, I updated IE 6 to IE 8 through automatic updates but didn’t install any of the security updates (I think I might have don’t killbits along with updating IE 6 to IE 8, I hope this doesn’t come to bite me later). Once I got IE 8 installed, I, of course, used it to install chrome.
Now I have access to many more sites, as chrome for XP is supported a bit better than IE 6. Went to http://www.exploit-db.com/exploits/12582/ for Zervit 0.4 on my shiny new XP sp1 chrome browser and viola, I am able to access it.