Categories
Virtual Machines

Pentesting with VMware

How can VMware help with Penetration Testing and Ethical Hacking within the realm of Cyber Security?

Pentesting with VMware

In our previous article Virtual Machines & Cyber Security we asked ‘What is a Virtual Machine?’. We also looked at how they can help with Cyber Security, went through the Pros & Cons, then summarized the available Products & Options. Here we will take a more in-depth look at the VMware range of products and see how they can support Penetration Testing and Ethical Hacking activities.

Who are VMware?

VMware are an established software company dating back to 1998. They operate across many vertical market sectors including banking, government, healthcare, manufacturing, retail, telecommunications, and transportation.

What products do VMware offer?

VMware have products covering a broad range of areas including:

  • App Modernization
  • Private & Hybrid Cloud
  • Hyperconverged Infrastructure
  • Cloud Management
  • Multi-Cloud Operations
  • Virtual Cloud Networking
  • Intrinsic Security
  • Digital Workspace
  • Desktop & App Virtualization
  • Compute Virtualization
  • Storage & Availability
  • Edge
  • Telco Cloud
  • Personal Desktop
  • Emerging Technologies

As you can see there are a large number of areas covered and within them an even greater number of products. To find out more visit the VMware Products page.

From the above list we are going to focus on Personal Desktop which allows multiple operating systems to run on a single PC or Mac.

Personal Desktop Virtualization

The VMware products within this area are:

  • Fusion & Fusion Pro – applications for running multiple operating systems on Mac.
    Price = $79.99 & $159.99 respectively
  • Workstation Player – simple tool for running a second OS on your Windows or Linux PC, free for personal use.
    Price = $149.99
  • Workstation Pro – application for running multiple operating systems on Windows and Linux.
    Price = $249.99

All of the above offer Free Trials and discounted Upgrade prices.

VWware Fusion

VMware Fusion gives Mac users the power to run Windows on Mac along with hundreds of other operating systems side by side with Mac applications, without rebooting. Fusion is simple enough for home users and powerful enough for IT professionals, developers and businesses.

VMware.com

Fusion provides the ability to run MS Windows (including the latest Win 10) and many variants of Linux on a Mac. This gives Penetration Testers and Ethical Hackers the ability to use the likes of Kali Linux or Parrot OS against Linux or Windows based clients or servers. Doing this within Virtual Machines (VMs) allows investment in existing hardware to be leveraged and to continue to use a Mac for every day tasks such as office tasks, email, surfing the web etc whilst keeping personal data protected.

Features shared between both versions that are relevant to pentesting include:

  • Create and run multiple operating systems as VMs – e.g. run a Linux host against a Windows target.
  • Multiple Snapshots – provides the ability to reset back to a pre-exploited configuration.
  • Host/guest file sharing – upload data, scripts, configurations or password lists into different VMs.
  • Support a Wide Range of Virtual Devices – such as USB wireless adapters that support packet injection or monitor mode.

Features support by Fusion Pro only that are relevant to pentesting include:

  • Secure VM Encryption – allows sensitive & confidential data and tools to be protected e.g. if a computer is stolen or confiscated.
  • Virtual Network Customization (NAT, network rename) – provides the ability to simulate different types of network.

Below is a list of guest Operating Systems supported by Fusion 11.5:

  • CentOS 6.x-8.x
  • Debian 8.x-10.x
  • Fedora 25-32
  • FreeBSD 10.x-12.x
  • openSUSE 15.1 & 42.3
  • Oracle Linux 6.x-8.x
  • OS X 10.11.x & macOS 10.12.x-10.14.x
  • Photon OS 1.0-3.0
  • Red Hat Enterprise Linux 6.x-8.x
  • Solaris 10 & 11.3
  • SUSE Linux Enterprise 12 & 15
  • Ubuntu 14.04-20.04
  • Windows XP, Vista, 7, 8, 8.1, 10
  • Windows Server 2003, 2008, 2012, 2016 & 2019

For further information on VMware Fusion please check the product documentation.

Workstation Player

VMware Workstation Player allows you to run a second, isolated operating system on a single PC. With many uses ranging from a personal educational tool, to a business tool for providing a simplified experience to run a corporate desktop on a BYO* device, Workstation Player leverages the VMware vSphere Hypervisor to provide a simple yet mature and stable, local virtualization solution.

VMware.com

* BYO – Bring Your Own

Being available ‘free for personal use’ makes Workstation Player a great potential product for learning a second operating system (O.S.) that can be used for pentesting purposes (e.g. install Kali Linux or Parrot OS on your existing Windows or Linux computer). Alternatively you might want to test out some cyber security tools without risking corruption of your main operating system or compromising your personal data.

The limitation of having only one guest O.S. is being unable to run a host and target at the same time hence limiting scenarios that can be simulated, tested or explored.

For cyber security professionals Workstation Player could still be a good cost-effective solution because you can keep your day-to-day computer for email, office apps, surfing etc whilst having a guest VM setup to run your security O.S. of choice and desired tools for performing pentesting or ethical hacking activities.

Below is a list of guest Operating Systems supported by Workstation 15.5:

  • CentOS 6.x-8.x
  • Debian 8.x-10.x
  • Fedora 25-32
  • FreeBSD 10.x-12.x
  • openSUSE 15.1 & 42.3
  • Oracle Linux 6.x-8.x
  • Photon OS 1.0-3.0
  • Red Hat Enterprise Linux 6.x-8.x
  • Solaris 10 & 11.1
  • SUSE Linux Enterprise 11, 12 & 15
  • Ubuntu 14.04-20.04
  • Windows 2000, XP, Vista, 7, 8, 8.1, 10
  • Windows Server 2003, 2008, 2012, 2016 & 2019

For further information on VMware Workstation Player please check the product documentation.

Workstation Pro

VMware Workstation Pro is the industry standard for running multiple operating systems as virtual machines (VMs) on a single Linux or Windows PC. IT professionals, developers and businesses who build, test or demo software for any device, platform or cloud rely on Workstation Pro.

VMware.com

Features shared between Workstation Player and Pro that are relevant to pentesting include:

  • Create New VMs for over 200 Supported Guest OSs:
    • For Player users this means that almost any O.S. can be learned and pretty much all cyber security tools can be used.
    • For Pro users this means almost every combination of host and target(s) can be created.
  • Host/guest file sharing – upload data, scripts, configurations or password lists into different VMs.
  • Support a Wide Range of Virtual Devices – such as USB wireless adapters that support packet injection or monitor mode.

Features support by Workstation Pro only that are relevant to pentesting include:

  • Run Encrypted VM – allows sensitive & confidential data and tools to be protected e.g. if a computer is stolen or confiscated.
  • Run Multiple VMs at Once – allows host & target scenarios to be created i.e. test/attach one or more targets from a host.
  • Snapshots – provides the ability to reset back to a pre-exploited configuration.
  • Advanced Networking – provides the ability to simulate different types of network configurations.

For a list of guest Operating Systems supported by Workstation Pro please see the previous section on Workstation Player.

For further information on VMware Workstation Pro please check the product documentation.

Do you use any of the VMware products for cyber security related activities? If so please comment below letting us know which one, your thoughts and experiences.

Leave a Reply