Creating Vulnerable Machines: VMware Setup and Network Configuration

Kavishka Gihan
9 min readJan 6, 2024

In 2022, I published an article about explaining how you could approach creating a vulnerable machine as a beginner. I am delighted to share that the article did so extremely well and got loads of positive feedback with messages of appreciation.

If you haven’t read that yet, go and check it out.

In that article, I outlined my approach to overseeing the machines I create and established the fundamental hierarchy for maintaining their organization. One that we came across in there was setting up VMware.

Even though I directed you to use VMware, I didn’t explain it in detail. So I thought it would be a good idea to walk you through how you can get the maximum usage of VMware and how to make this process more organized and easy by using it the correct way.

I won't be talking about installing it because there resources of resources you can find on how to install VMware. However, I will be talking about what you should do after you have VMware for a better machine development process.

Machine Templates

The first thing I will be talking about is the usage of machine templates in your development process. This is something that has helped me save so much time and effort.

First off, what is a machine template?

Think of it like this. Say for some reason you need to spin up a new VM real quick. What you normally would do is, Create a new VM -> Select an ISO-> Setup the Hardware options-> Start the VM, and install the OS of your choice.

This is alright if you are a person who doesn’t use VMs often. But as a person who works with them often, having to go through this painful of a process is not so ideal. That’s where machine templates come in.

With machine templates, you can make this process so much less painful and easier. What you do is once you have a clean installation of a certain OS, say Ubuntu for example, you set it as a template for any other VM that you may need in the future. Let’s see it in action.

I have a VM called “Ubuntu Template” which is nothing but a vanilla installation of Ubuntu 20.04 with only ssh installed. Nothing else.

To make this a template, you have to go to Machine settings->Options(in the top left menu)-> Advanced and tick the Enable Template Mode

Save the changes, and exit. Now, you can use this as a template and clone a new VM anytime you want. For that, select your template VM and go to VM (in the top menu) -> Manage-> Clone

Then you can go through this wizard and create a clone of this VM. Just make sure when you are asked to select the Clone Type, if you use the “Linked Clone” option, you will need to make sure the template VM is always present, so this won’t be a good option when you need to export the VM and send it over to someone. In that case, choose the “Full Clone” option.

But for a simple case like testing an application or installing something, a link clone should be fine.

I personally have 2 such template machines.

The “Ubuntu Template” is what I use for creating my Linux machines. “Windows 11 Template” is for the windows machines I create and for lab VMs I have in my AD home lab.

Virtual Networks

Virtual Networks allow you to add your VMs to separate virtual networks. This comes in handy when you have VMs that you often access through SSH where the IP of the machine shouldn’t change from time to time. In other words, where a static DHCP setup is required.

To add a virtual network, go to Edit-> Virtual Network Editor. Since I am on Debian, this didn’t work as I need sudo permissions to do that. So I have to run sudo vmware-netcfg in my terminal.

By default, you will see 3 networks.

  1. Bridged Network — allows you to get a IP from the same subnet as your host machine to get internet access
  2. Host-Only Network — allows you to have a connection only with the host machine, no internet access.
  3. NAT Network — allows you to use the share IP from your host to get internet access.

While these 3 are more than enough for a normal user, for a scenario like I mentioned above, we do need to add a custom virtual network.

I personally have 2 networks configured.

One is a bridged network (vmnet0) like above connected to my physical network adapter wl01 and another NAT network (vmnet1) where I have my machine I create connected to.

This NAT network is configured to be use static IPs.

Here you can see I have disabled the option Use local DHCP service and added a subnet myself. In this case, I have used 192.168.100.0 as the subnet.

Also, notice that I have checked the option Connect a host virtual adapter to this network so that I have a virtual network adapter that I can access from my host VM.

In the NAT Setting, I have setup the Gateway IP to be 192.168.100.1

You can specify any port forwarding rules if you need.

If you remove all the default networks, you will need to add the network you have configured one by one to your VMs. So in order to have network access, I connect the vmnet0 to the VM. And if I want the VM to be added to the development process, I add it to the vmnet1 network which is my NAT network.

To add a network, go to VM settings->Add (at the bottom left)->Network Adapter. Once you have added an adapter, select the adapter, switch to custom network and select your relevant network from the drop down menu.

Once you have done that, when you power on VM you should see a new network interface with a IP from the subnet you specified in my case 192.168.100.0/24

You don’t have to stop here. You can your own networks according to your preference. I.e if you have a home lab setup, you can have a separate network for that with only the VMs in your home lab so that other VMs can’t access them.

Static IP Setup

Even though I said I configured the NAT network vmnet1 to use static IPs, this should be configured within the VMs themselves. There are a lot ways you can configure static IPs with 3rd party tools, but I will be using the default network managers within the system to configure this.

Assuming that the interface you want to setup static IP is eth1 and the IP is 192.168.100.12, for Debian based systems that use networkd you can set up static IPs as follows.

  1. Edit the /etc/network/interfaces
auto eth1
iface eth1 inet static
address 192.168.100.12
netmask 255.255.255.0

2. Restart network service

sudo systemctl restart networking.service

For Ubuntu that uses netplan, you use the following steps.

1. Edit /etc/netplan/01-static.yaml

network:
version: 2
ethernets:
eth1:
addresses: [192.168.100.12/24]

2. Apply the rules

sudo netplan apply

For both the cases, if you are using this interface just to have connectivity between machines and not to access internet, DON’T add the gateway option. But if you are configuring this to access the internet, specify the gateway under the relevant interface.

Like this, you can setup your VMs to have static IPs so that you can access them easily.

My Network Setup

The way I have my network setup is as follows.

Like I mentioned, I have 2 virtual networks configured. vmnet0 is the bridged network that uses the wl01 and bridges the network interface to get an IP from the same subnet that the host gets an IP from. vmnet1 is the custom NAT interface with the static IP setup.

Talking about the VMs,

  1. Kali Linux VM : This is the VM I use to usually play CTFs and test my boxes by approaching as an attacker. This one needs internet access because I have to install tools and use other sites when I play CTFs. Therefore, it has both the vmnet0 and vmnet1 connected.
  2. Windows 11: I use this VM primarily to run any windows applications that may need testing or researching. I also use this to do some windows -based parts of CTFs. Therefore, I also connected this to both the networks.
  3. Local Development Server : This is the VM I use to test out any application or software out of the box. Whether it’s just for educational purposes or to configure in a machine that I am making, I set it up here first. For example, if I am trying to setup rocketchat application in a box, first I will set it up in this and once I am done with everything, I will move it to the machine. This way I can make sure nothing wrong will happen and I don’t have to redo all the past configurations again. (Even with snapshots, reverting and re-configuring things is a pain)
  4. DEV VMs: These are the VMs that I am creating. Usually, I don't attach this to the vmnet0 because I don’t need internet access in the these machines most of the time. But sometimes I do connect DEV VMs to the vmnet0 depending on what applications and tools I have to install. However, most of the time, once I have installed the basic tools like docker, python and pip I disconnect it from the vmnet0

Static IP and hostname setup

In the above diagram, you can see I have static IPs configured in all my VMs. I also have hostnames configured in the /etc/hosts file so that I can use the hostname when connecting to different VMs. I.e when I connect to my Kali Linux VM through ssh, I don’t need to remember its IP address, I can just do ssh root@kali.local and I am in. The Same goes for all the other VMs.

But if you look closely, there is something odd in the above setup. Its the fact that all the DEV VMs have the same static IP from vmnet1 That is because I have configured my template machine I talked about earlier to have static IP. This is because whenever I start with a new machine, I just clone a new VM from the template and start it up. Now to connect to the VM, I don’t need to login from VMware, find the IP, setup static IP for future use and all that. I could just do ssh root@dev.local and get in so easily without having to do anything. Also, since I have my “Ubuntu Template” connected to vmnet0 , I can easily install all the tools I need and disconnect it from the network.

But this does come with one loophole. Which is when you have 2 DEV machines powered on at the same time, there is going to be a IP conflict. That means the 2nd VM that’s powered on will not get that IP to its relevant interface as that IP is already reserved for the 1st VM. Since I don’t power on 2 machine at the same time often, this doesn’t bother me that much. Even if I wanted to, I could ssh in from the other IP the 2nd machine gets from the vmnet0 interface.

These are the key topics I aimed to discuss in this brief walkthrough. By incorporating these techniques into your skill set, I hope you’ll enhance your efficiency and organization, not only during machine creation but also in your day-to-day workflow.

As always, if you have any questions, leave them in the comments or contact me through social media.

Happy Hacking!

--

--

Kavishka Gihan

Cyber Security Student | Machine author @hackthebox | find me on instagram @_kavi.gihan