The W4SP Lab comes complete with routers, switches, servers and victim machines that you can use for hacking lab simulations and packet capture exercises. However, unlike traditional hacking lab systems using physical equipment or virtualization technologies, the W4SP Lab uses very little memory and disk space by storing everything within Docker container images.
A Docker container is a stand-alone, lightweight, executable piece of software that contains everything it needs to run in a single package, including code, libraries, tools, configuration files and a runtime environment. Docker containers running on a single host share that host’s CPU, memory, system libraries and operating system kernel. As a result, container images start almost immediately and use less of the host’s valuable system resources.
Hacking Lab Requirements
In order to run the W4SP Lab, you should have a system with the following minimum requirements:
- Host system: Windows, Linux or Mac
- Oracle VirtualBox
- Quad-Core Processor
- 250GB Disk Space
- 16GB RAM
- VirtualBox Virtual Machine:
Let’s get on with the hacking lab installation. The first thing you will want to do is to open VirtualBox and fire up your Kali Linux virtual machine. Once Kali has started, login as the root user and open up a terminal window.
Being a security professional, I’m sure you are well aware of the risks you take when you continuously login as root. Normal day-to-day operations should always be performed using a less-privileged user account. For the purposes of this lab, and all associated W4SP-Lab exercises, we are going to create a new user called w4sp-lab. You can use the following commands to create the new user on your Kali Linux system and assign a password. You will need to type the new password twice. Don’t worry, it’s typical not to see any feedback on the screen as you are typing the passwords.
# Create lab user and add password root@thc:~# useradd -m w4sp-lab -s /bin/bash -G sudo -U root@thc:~# passwd w4sp-lab # You should see feedback similar to the following: Enter new UNIX password: <--type password, press Enter Retype new UNIX password: <--repeat password, press Enter passwd: password updated successfully
Once you have created the w4sp-lab user account, log out of the Kali virtual machine and log back in as the w4sp-lan user. Next we will clone a copy of the W4SP-Lab repository files from GitHub to your local Kali machine so we can build the lab. The repository contains an easy setup file, written in python, that will install and configure everything we need for our lab environment. Run the following command to clone a copy of the repository.
# Clone w4sp-lab files from GitHub to your machine w4sp-lab@thc:~$ git clone https://github.com/w4sp-book/w4sp-lab.git # You should see feedback similar to the following: Cloning into 'w4sp-lab'... remote: Counting objects: 146, done. remote: Total 146 (delta 0), reused 0 (delta 0), pack-reused 146 Receiving objects: 100% (146/146), 1.10 MiB | 1.60 MiB/s, done. Resolving deltas: 100% (36/36), done.
Now type in the following command to switch to the cloned w4sp-lab directory and list the contents.
# Switch to w4sp-lab directory and list contents w4sp-lab@thc:~$ cd w4sp-lab/ && ls -al # You should see feedback similar to the following: total 64 drwxr-xr-x 8 w4sp-lab w4sp-lab 4096 Jun 18 14:54 . drwxr-xr-x 16 w4sp-lab w4sp-lab 4096 Jun 18 14:54 .. drwxr-xr-x 8 w4sp-lab w4sp-lab 4096 Jun 18 14:54 .git -rw-r--r-- 1 w4sp-lab w4sp-lab 1045 Jun 18 14:54 .gitignore drwxr-xr-x 12 w4sp-lab w4sp-lab 4096 Jun 18 14:54 images -rw-r--r-- 1 w4sp-lab w4sp-lab 598 Jun 18 14:54 README.md drwxr-xr-x 6 w4sp-lab w4sp-lab 4096 Jun 18 14:54 static drwxr-xr-x 2 w4sp-lab w4sp-lab 4096 Jun 18 14:54 templates drwxr-xr-x 4 w4sp-lab w4sp-lab 4096 Jun 18 14:54 tests drwxr-xr-x 2 w4sp-lab w4sp-lab 4096 Jun 18 14:54 w4sp_app -rw-r--r-- 1 w4sp-lab w4sp-lab 7764 Jun 18 14:54 w4sp.py -rwxr-xr-x 1 w4sp-lab w4sp-lab 14885 Jun 18 14:54 w4sp_webapp.py
With all of the w4sp-lab files now downloaded from GitHub, we are ready to move on to running the installation and configuration script. You will need to use sudo with your command as some of the installations steps need to be run as root.
# Run setup script, it will take several minutes to run w4sp-lab@thc:~/w4sp-lab$ sudo python w4sp_webapp.py We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things: #1) Respect the privacy of others. #2) Think before you type. #3) With great power comes great responsibility. [sudo] password for w4sp-lab: Collecting netifaces ...
At this point you should probably go grab yourself a cup of coffee. This part is going to take a while. First, the script will download, install and configure all necessary files. Next, it will move on to building the Docker images and linking them all together. And finally, the script will launch a browser window displaying the lab web page.
Click Page 2 below to continue …