Hello all and welcome to the first episode of the Hacking WordPress series. With this series, I will be putting together a series of videos and articles that will comprise a set of tutorials to show you the ins and outs of building a home lab that will give you the flexibility to test, hack, or learn just about anything in IT.
Personal or home labs can be very subjective because I know people in the industry who have spent thousands of dollars building out personal labs with the latest hardware and software in the industry. I tend to take a bit more of a minimalist approach to building out my personal lab. Of course, if you work for a manufacturer of certain technology and they provide you with that technology then there is really no excuse for not having a great lab around said tech.
What I am going to show you in this article will range in price from free to a few hundred dollars which for most people is acceptable to spend on a personal lab. To perform the upcoming tutorials, you can use a couple of different configurations. The first is the all-in-one approach which entails simply virtualizing everything on a regular laptop or desktop PC based on MS Windows or Mac. I will include products for both that will work great.
The first lab I build to do this tutorial was for a Windows Machine and then I got my hands on a Mac to build out the lab. I will say that the Windows 10 OS has a lot more, free utilities than OS X does, however, OS X is built on Linux and therefore affords you some features that Windows does not, such as terminal sessions that work simply with other Linux servers. Windows has the capability to do some of this through MS PowerShell however, I found it to be a bit more cumbersome to use and the other tools I used don’t really work easily with Windows or OS X.
I chose to use Kali Linux virtualized on both the Windows and Mac machines as it is honestly the most comprehensive penetration tool I have found on the internet, that is widely accepted without the fear of bringing tons of malware into my test environment that I don’t want. But more on that in another episode. Below is a list of apps and utilities I used to perform the testing tutorials I will be releasing in future episodes.
https://www.kali.org/downloads/
Offensive Security was born out of the belief that the only real way to achieve sound defensive security is through an offensive mindset and approach. Kali Linux is one of several Offensive Security projects – funded, developed and maintained as a free and open-source penetration testing platform.
WPScan is a free, for non-commercial use, black box WordPress vulnerability scanner written for security professionals and blog maintainers to test the security of their sites.
https://bitnami.com/stack/wordpress
Bitnami offers a suite of products and projects that accelerate the delivery of applications and containers to multiple clouds. Built modularly, Bitnami easily plugs into anywhere in your application pipeline and deploys to any major cloud platform.
https://www.vmware.com/products/fusion.html (Mac Trial)
VMware Fusion: Powerfully Simple Virtual Machines for Mac
VMware Fusion gives Mac users the power to run Windows on Mac along with hundreds of other operating systems side by side with Mac applications, without rebooting. Fusion is simple enough for home users and powerful enough for IT professionals, developers, and businesses.
https://www.vmware.com/products/workstation-player.html (for Win)
VMware Workstation Player allows you to run a second, isolated operating system on a single PC. With many uses ranging from a personal educational tool to a business tool for providing a simplified experience to run a corporate desktop on a BYO device, Workstation Player leverages the VMware vSphere hypervisor to provide a simple yet mature and stable, local virtualization solution.
https://www.offensive-security.com/
Offensive Security
Industry-Defining Penetration Testing Courses and Certifications for Information Security Professionals. These are the security professionals that wrote Kali Linux and basically the book on Offensive Security as we know it today.
Once you visit these sites and download the appropriate versions of software installation, setup is pretty simple. I will cover that in the next article and video episode.
Now we come to the really fun stuff. You will see in upcoming videos that I will be using my home lab which is a bit more substantial in set up but allows me to do a lot more and test full networks for a number of things.
Let’s take a look at all the ingredients for the home lab. I will admit I got pretty lucky to find of these devices for the price I got them for. It just takes a little time and a lot of shopping around but you can find good tech for a very good price to put into your lab that will allow you to create a diverse test environment.
The ingredients
When I decided to build out my home lab it was to create a test bed for the USM Anywhere product. I wanted to do this because I work a lot of Proofs of Concept with end clients and there is always some odd-ball configuration or issue that arises during these POCs. I found that without a lab to work from some of these questions don’t get appropriately answered.
Let’s take a look at what is in the lab.
I started with Amazon and eBay. I found a number of pretty good deals on Amazon for servers and switches, however, I really wanted to do this on the cheap as much as possible so I combed eBay and found exactly what I was looking for.
Server 1
HP DL385 G6 with Dual Opteron 2435 processors, 64 GB of Ram and 8 – 300 GB 10K SAS HDD with 2 – 750W power supplies. No OS (This is a production-grade server, though it is one of the older models, it works great and it is fast.) I configured it with 4 of the 8 drives and removed 4 drives for another project. This gave me a total of 1024 GB of usable HDD space. – Total Cost $154.00 Free Shipping.
Server 2
HP DL385 G5 with Dual Opteron 2435 processors with 32 GB of Ram, No HDD and 2 – 750W power supplies. I took the 4 HDD from the first server and used them in this server in the exact same configuration. Total Cost $10 + $50 Shipping.
Switching
I then searched eBay for deals on switches. I had some specifics in mind for what I needed. I finally chose 2 HP 2610 24 port 10/100 managed switches with advanced Layer 2 capabilities so that I can set up VLANs and Monitor ports. I can also forward switch logs to the USM Anywhere sensor so that as I run the lab through a course of tests I can see activity from server logs, switch logs and firewall logs. Cost for switching $37.95
Firewall
For firewalling I am using a WatchGuard T35 Firebox with the entire UTM package. I picked this up about a year ago as a WatchGuard certified engineer I was able to purchase this model for $200 which included 3 years of the Advanced UTM package.
For Firewall Analytics I will be deploying WatchGuard Dimension which basically takes in all the WatchGuard logs and creates detailed traffic and flow-log views of all the traffic and connections within the firewall environment. This gives me a lot of insight into what effect different tests have on the network as a whole.
Total Cost – $251.00 plus the cost of the firewall last year $454.00.
Software and Operating System
So, remember this mantra… It’s a LAB. It’s just a lab.
I downloaded an.ISO file for Windows 10 Pro, Server 2012, Server 2016 and Server 2019 both standard and enterprise. I also downloaded the Windows Management system, primarily so I can learn it. I also downloaded Ubuntu Server 19.04 and Ubuntu Desktop 19.04 for free. I will deploy these along with the personal lab inventory as there are a number of tests I will be running along with more hacks I will be doing articles and videos on, in the upcoming months.
In the new home lab, I will be deploying the exact same setup as I have in my personal lab that resides on my Mac Book Pro. This ought to make for some interesting video and articles in the upcoming series. I hope you will check them out when they come out and I appreciate you taking this time to check out episode 1. There is more to come, soon. See you then.