Virtual Machines

Penetration Testing with VirtualBox

In this article we take a look at the Virtual Machine hypervisor product VirtualBox, which is a useful tool for White Hat Hacking and Pentesting.

In our first article on Virtual Machines (VM) we took a look at what indeed a VM is. We outlined how they can help an Ethical Hacker or Penetration Tester go about their tasks. Next we checked out their Advantages and Disadvantages as well as the Products and Options available.

Here we check out one of those products, namely VirtualBox, in more detail and see what it has to offer to assist Pentesting within the realm of Cyber Security.

What is VirtualBox?

VirtualBox is a Type 2 Hypervisor (i.e. runs on top of a machine’s operating system) as opposed to a Type 1 that runs directly on the machine hardware.

VirtualBox is a powerful x86 and AMD64/Intel64 virtualization product for enterprise as well as home use. Not only is VirtualBox an extremely feature rich, high performance product for enterprise customers, it is also the only professional solution that is freely available as Open Source Software under the terms of the GNU General Public License (GPL) version 2.

Originally developed by Innotek, VirtualBox was acquired by Sun Microsystems in 2008, who were subsequently acquired by Oracle in 2010. Oracle has since continued to develop VirtualBox in conjunction with the product’s community contributions.

Hosts & Guests

VirtualBox is a single product running on the following Host platforms:

  • Windows
  • Linux
  • Mac
  • Solaris

To see a comprehensive list of Host platforms supported please click here.

A large number of Guest operating systems are supported including:

  • Microsoft Windows (NT 4.0, 2000, XP, Server 2003, Vista, Windows 7, Windows 8, Windows 10) & DOS/Windows 3.x
  • Linux (2.4, 2.6, 3.x & 4.x)
  • Solaris & OpenSolaris
  • OS/2
  • OpenBSD

To see a comprehensive list of Guest OS’s supported please click here.

Features offered

Below is a summary of the key features of VirtualBox:

Guest additions

These are software packages that can be installed ‘inside’ support guest operating systems e.g.

  • Mouse pointer integration to seamlessly move from the Host into a Guest.
  • Shared Folders to exchange files between the Host & Guest.
  • Better video support for resizing windows and changing resolution.
  • Seamless windows so that a window from within the Guest appears that it is a window on the Host.
  • Shared clipboard for cut/copy & paste of information between the Host & Guest in either direction.

Great Hardware support

  • Guest multiprocessing via SMP (Symmetric MultiProcessing) for up to 32 virtual CPUs.
  • USB device support e.g. access a wireless adapter or USB thumb drive.
  • Hardware compatibility such as a wide variety of hard disk controllers, network cards, sound cards, serial & parallel ports.
  • Full ACPI (Advanced Configuration and Power Interface) support to enable the cloning of disk images from real machine, use of energy saving features, awareness of power remaining on laptops.
  • Multiscreen resolutions which means a Guest OS can spread over multiple monitors.
  • Built-in iSCSI (Internet Small Computer Systems Interface) support for direct access to this type of storage server.
  • PXE (Preboot eXecution Environment) Network boot for remotely booting a Guest.

Other features

  • Portability – running on a large number of 64-bit operating systems (see previous section). In general a VirtualBox VM created for one host can run on a different host e.g. create a VM on Windows and move it to Linux.
  • Multigeneration branched snapshots – for saving the state of a VM that can be reverted to as needed e.g. to return to a different configuration.
  • VM groups – enables a user to organize and control VMs collectively e.g. Start, Pause, Reset, Close and more.
  • Remote machine display – VRDE (VirtualBox Remote Desktop Extension) enables remote access to a running VM via RDP (Remote Desktop Protocol).

How does VirtualBox help Pentesting?

Here are some of the key benefits of using VirtualBox for performing Ethical Hacking or Penetration Testing:

  • Comprehensive – Provides an enormous amount of functionality together with extensive Host platform and Guest operating systems support.
  • Cost – It is free plus existing hardware and operating systems can be leveraged reducing cost of ownership and effort with building new systems. The only caveat here is that VM’s can be hungry for memory and CPU cycles in order to obtain good performance so a fast processor and plenty of RAM are usually prerequisites.
  • Flexibility – VM’s provide tool options for carrying out different types of Pentesting e.g.
    • Multiple operating systems can be installed on a single machine as individual VM’s so you can fire up the one that suits your purpose e.g. Parrot OS or Kali.
    • Snapshots can be used to rollback target Guests so you can retry different types of attacks against the same scenario.
    • Two or more VM’s can be set up with different OS’s to simulate different Host/Guest combinations e.g. attacking a Windows or MacOS machine from Linux.

As you can see from this article VirtualBox provides plenty of options and a very cost-effective alternative tool for carrying out Pentesting activities.

Do you use VirtualBox for cyber security related activities? If so please comment below letting us know your thoughts and experiences.

Leave a Reply