Brief Overview
Hello everybody! I haven't been awake this early in quite a while, so I decided to be a nerd and hop on DEV to create a post dedicated to virtual machines. As many of you guys know, there are different types of operating systems (windows, macOS, linux... etc). In this post, I have the joy of working through a task I was given by my boss Roman (shoutout again). With little to no knowledge about them, this was my best attempt at it.
The Task
Before I start breaking down what I did, let's take a look at the task I was given!
Hmm... okay. Initially, I had a couple of thoughts that came into my head.
????????????????????????????????????
Ok, let's break this down now, step by step! (OOH BABYYY)
1. Download the virtual machines.
This step isn't too hard, I decided to use Oracle VM Virtualbox (https://www.virtualbox.org/wiki/Downloads) and downloaded the earliest version. To be honest, I already had Virtualbox downloaded as I used to for hackthebox, but it's quite easy to download!
Next, I downloaded the 3 following OS onto Virtualbox: Windows, Kali and Ubuntu.
Downloading them wasn't too difficult as there were lots of online videos/tutorials showing me how, but it was a little annoying setting up each VM as the settings that were shown in the tutorial were for different computers. As for me, I already had Kali installed on my VM, but the other two weren't hard to find.
Windows: https://developer.microsoft.com/en-us/windows/downloads/virtual-machines/
Ubuntu: https://ubuntu.com/download/server
Kali: https://www.kali.org/get-kali/#kali-platforms
Setting up the virtual machines could be hassle, but make sure to watch some tutorials on YouTube! It saves you the trouble of trying to figure it out on other websites!
2. Install and configure Apache on the Ubuntu VM.
What is Apache you ask? Well, Apache is the most frequently used web server on Linux (which are used to serve web pages requested by client computers), which is why we need to set it up. You'll see on step 4 :).
First, I opened up the terminal in Ubuntu and typed these 3 commands:
Now that I have Apache installed, time to configure the firewall to allow HTTP traffic:
Alright! Now since that's done, let's download the MySQL database.
3. Install and configure MySQL on the windows VM.
First, download and install the MySQL Server for Windows from the website: https://dev.mysql.com/downloads/windows/installer/
For the settings, make sure to do these things!
- Server-only installation.
- Set up strong root password.
- Configure the Windows firewall to allow MySQL traffic by creating an inbound rule.
Once those steps are complete, it's time to move on to the next step!
4. Configure the WordPress server.
First Apache... and now... What the hell is WordPress?
https://kinsta.com/knowledgebase/what-is-wordpress/
On Kinsta, it explains WordPress as "the simplest, most popular way to create your own website or blog". Basically, it is a content management system that allows you to host and build your own websites!
Ok, now onto actually configuring it:
After running those commands, download the latest WordPress release from the website: https://wordpress.org/download/.
Once downloading is complete, make sure to extract it to the Apache web server document root directory! (/var/www/html/).
This step was a little difficult for me and actually took a couple of days! For some reason, I was able to ping my Ubuntu VM from my Windows VM, but not vice versa. My VM's weren't able to talk to each other! Luckily, I had some help from YouTube and my Dad, and was able to figure it out by changing some settings within the Virtualbox itself, and playing around with each VM. If you want to see all the resources I looked at, I'll leave a google document with everything in it here:
https://docs.google.com/document/d/1TV0G5exJOmv-ZgnQBiOwrf7VfBZswzJpnV_JKDFToAA/edit?usp=sharing
5. Use ngrok to make the WordPress instance accessible from the internet.
Oh man, another difficult word I do not understand. Ngrok allows us to instantly open access to remote systems without the troubles of touching any of our network settings or opening any ports on your router. In other words, it is a highly secure platform for remote access!
Firstly, I went onto the official ngrok website (https://ngrok.com/) to install it.
After the download is complete, I opened my terminal and ran this command to expose the local WordPress instance to the internet:
Once it is entered, you should see something like this:
Make sure to take a screenshot or mental note of the public URL provided by ngrok, as it will forward incoming HTTP traffic to your local WordPress instance!
6. Generate a packet capture using Wireshark or TCPDump.
This step is a little more versatile as there are two different programs that allows you to capture packets from a network connection. It's main usage is network troubleshooting, analysis, software and communications protocol development as it allows you to analyze network traffic!
As for me, I tried to use Wireshark but had trouble actually finding the interfaces that connected the MySQL database VM and the Apache server VM. After changing the settings in the Oracle Virtualbox to Host only adapter in the network section, I wasn't able to see the interfaces. If you do happen to use Wireshark, be on the lookout for interface names like eth0, enp0s3, or enp0s8 as it should look very similar to it.
Anyways, I ended up using tcpdump instead. After downloading the file online, I was able to install it through the terminal, using these commands:
Lastly, I was able to capture packets using this command:
If you have trouble finding your interface name, type "ifconfig" into the terminal, and find the appropriate interface name to start capturing packets.
7. Access the WordPress site from the browser in the Kali machine.
The last and final step to this accursed step... This one is quite easy!
Remember back in step 1 where I told you to download 3 different types of VM's on Virtualbox? Well now we are going to use Kali.
After logging into Kali, open firefox, or any browser you want. Now think back to step 5 where I told you to take a screenshot of the URL... Just copy and paste it into the browser!
If working correctly, the page should load and you should be able to access the WordPress site from the Kali machine as well:
Final Thoughts & Closing Statements
So, the journey has come to an end. I can't lie, it was stressful trying to do everything from scratch, especially when I had almost no knowledge about anything. To be completely honest, this blog should be even longer, as there were like 5+ more steps that I had to do... but we can cover that on a different day! Remember, learning things take time, and with week 2 of my internship slowly coming to a close, I guess everything paid off.
Top comments (0)