Tuesday , December 18 2018
Breaking News
Home / How-To's / How-To Build a Hacking Lab For Wireshark Training

How-To Build a Hacking Lab For Wireshark Training

Every successful penetration tester should learn how to build a hacking lab in order to practice their skills. One of the many lab environments tailored towards security professionals is the W4SP-Lab from the Wireshark for Security Professionals book, written by Jessey Bollock and James T. Parker. I can’t recommend this book enough, whether you are just getting started with Wireshark or you are a seasoned security professional.

The W4SP Lab comes complete with routers, switches, servers and victim machines that you can use for hacking lab simulations and packet capture exercises. However, unlike traditional hacking lab systems using physical equipment or virtualization technologies, the W4SP Lab uses very little memory and disk space by storing everything within Docker container images.

A Docker container is a stand-alone, lightweight, executable piece of software that contains everything it needs to run in a single package, including code, libraries, tools, configuration files and a runtime environment. Docker containers running on a single host share that host’s CPU, memory, system libraries and operating system kernel. As a result, container images start almost immediately and use less of the host’s valuable system resources.

Hacking Lab Requirements

In order to run the W4SP Lab, you should have a system with the following minimum requirements:


Let’s get on with the hacking lab installation. The first thing you will want to do is to open VirtualBox and fire up your Kali Linux virtual machine. Once Kali has started, login as the root user and open up a terminal window.

Being a security professional, I’m sure you are well aware of the risks you take when you continuously login as root. Normal day-to-day operations should always be performed using a less-privileged user account. For the purposes of this lab, and all associated W4SP-Lab exercises, we are going to create a new user called w4sp-lab. You can use the following commands to create the new user on your Kali Linux system and assign a password. You will need to type the new password twice. Don’t worry, it’s typical not to see any feedback on the screen as you are typing the passwords.

# Create lab user and add password
root@thc:~# useradd -m w4sp-lab -s /bin/bash -G sudo -U
root@thc:~# passwd w4sp-lab

# You should see feedback similar to the following:
Enter new UNIX password: <--type password, press Enter
Retype new UNIX password: <--repeat password, press Enter
passwd: password updated successfully

Once you have created the w4sp-lab user account, log out of the Kali virtual machine and log back in as the w4sp-lan user. Next we will clone a copy of the W4SP-Lab repository files from GitHub to your local Kali machine so we can build the lab. The repository contains an easy setup file, written in python, that will install and configure everything we need for our lab environment. Run the following command to clone a copy of the repository.

# Clone w4sp-lab files from GitHub to your machine
w4sp-lab@thc:~$ git clone https://github.com/w4sp-book/w4sp-lab.git

# You should see feedback similar to the following:
Cloning into 'w4sp-lab'...
remote: Counting objects: 146, done.
remote: Total 146 (delta 0), reused 0 (delta 0), pack-reused 146
Receiving objects: 100% (146/146), 1.10 MiB | 1.60 MiB/s, done.
Resolving deltas: 100% (36/36), done.

Now type in the following command to switch to the cloned w4sp-lab directory and list the contents.

# Switch to w4sp-lab directory and list contents
w4sp-lab@thc:~$ cd w4sp-lab/ && ls -al

# You should see feedback similar to the following:
total 64
drwxr-xr-x  8 w4sp-lab w4sp-lab  4096 Jun 18 14:54 .
drwxr-xr-x 16 w4sp-lab w4sp-lab  4096 Jun 18 14:54 ..
drwxr-xr-x  8 w4sp-lab w4sp-lab  4096 Jun 18 14:54 .git
-rw-r--r--  1 w4sp-lab w4sp-lab  1045 Jun 18 14:54 .gitignore
drwxr-xr-x 12 w4sp-lab w4sp-lab  4096 Jun 18 14:54 images
-rw-r--r--  1 w4sp-lab w4sp-lab   598 Jun 18 14:54 README.md
drwxr-xr-x  6 w4sp-lab w4sp-lab  4096 Jun 18 14:54 static
drwxr-xr-x  2 w4sp-lab w4sp-lab  4096 Jun 18 14:54 templates
drwxr-xr-x  4 w4sp-lab w4sp-lab  4096 Jun 18 14:54 tests
drwxr-xr-x  2 w4sp-lab w4sp-lab  4096 Jun 18 14:54 w4sp_app
-rw-r--r--  1 w4sp-lab w4sp-lab  7764 Jun 18 14:54 w4sp.py
-rwxr-xr-x  1 w4sp-lab w4sp-lab 14885 Jun 18 14:54 w4sp_webapp.py

With all of the w4sp-lab files now downloaded from GitHub, we are ready to move on to running the installation and configuration script. You will need to use sudo with your command as some of the installations steps need to be run as root.

# Run setup script, it will take several minutes to run
w4sp-lab@thc:~/w4sp-lab$ sudo python w4sp_webapp.py 

We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:

    #1) Respect the privacy of others.
    #2) Think before you type.
    #3) With great power comes great responsibility.

[sudo] password for w4sp-lab:
Collecting netifaces

At this point you should probably go grab yourself a cup of coffee. This part is going to take a while. First, the script will download, install and configure all necessary files. Next, it will move on to building the Docker images and linking them all together. And finally, the script will launch a browser window displaying the lab web page.

Click Page 2 below to continue …

Leave a Reply

Your email address will not be published. Required fields are marked *