Category Archives: General How-to

Creating a VM and installing an OS from an .iso

Currently, the ISEAGE CDCs are using the vSphere Web Client version 5.5.0.  I imagine this is pretty similar in any versions, but if not … well … sorry.

To get started with a new server, we’ll first need to create the virtual machine in vSphere.  When you first log in to the web client, you should be presented with a screen pretty similar to this:


To setup a new server, click on the “VMs and Templates” icon.  Now you should see your team’s specific folder.  Right click on your team name and choose “New Virtual Machine…”, like so:


The default option (“Create a new virtual machine”) is what we want – go ahead and click next.  The next step is to name your VM.  Typically it’s a good idea to keep a similar naming convention, and it’s always helpful to give it a meaningful name (“Firewall”, “RDP”, “Useless testing box”, etc).  Be sure to drill down in the options to your teams datacenter location, like below.  You’ll have to do the same in the next window – drill down in the menu options to select your team’s competition pool cluster.


Next you have to pick a HostX data storage to use.  It doesn’t matter. Pick your favorite.  Or the one with the most space available.


Next is the ESXi compatibility check.  The default option here is fine.

Now here’s where the information will vary depending on the server you want to build. You have three options for the Guest OS family – Windows, Linux, and Other. (Note that FreeBSD falls into “other”.)   From there on you can pick which version of that OS you will be installing.  Note! This is just for vSphere’s pleasure! This will not actually install anything – we haven’t gotten there yet.  I’m going to pretend I’m installing an ubuntu server:


Now here’s where you get to specify the “hardware” of your new server. The number of CPUs, the memory (RAM), the hard disk space, any network cards, CD drives, floppy disks, video cards … much more than you should care about.  For now, we really only care about the “New CDC/DVD Drive” option, as well as setting our RAM and Hard Disk space.  Once those are set to your liking, we can select “Datastore ISO File” from the dropdown menu next to “New CDC/DVD Drive”.  Click on the ISO Datastore (not the down arrow – just the actual text) and you should see a list of possible ISOs populate.



Once you’ve selected your desired OS, you can close out of that.  BE SURE you select the “Connect at Power On” check-box next to the dropdown menu! Then click next and verify that everything is how you want it.  Then click Finish! 🙂

Now you should see your newly created VM in the list on the left – Right click and select “Power On”.  Next, right click and click “Open Console”.  You should now see a window with your OS having booted up, and can help guide you from there!


General Usage of Metasploit

Metasploit is an essential tool for any penetration testing. It is installed on Kali, and comes loaded with over 1300 exploits, 800 auxiliary modules, 340 malicious payloads, and the ability to incorporate your own scripts.

Let’s start out with some general usage information!

To start the Metasploit framework, open up your console and type


Once this loads up, it’s always a good idea to check for updates:

msf > msfupdate

To use different Metasploit tools, you type the “use” command along with the tool you wish to use. There are X categories. Finish this later.

Basic NMAP

NMAP is a great tool to scan your IP range and see what information attackers can gather about your network.  This information can be which ports are open, what services are running, what version those services are, if you have a firewall, the operating systems being run on hosts, which hosts are up, reverse DNS, etc.  Below are the scans we’ve found most helpful.  For example purposes, we’ll use as our example target host IP.
Generic NMAP scan – give you which ports are open, services running, resolve IP to domain name, whether hosts are up:
Scanning multiple IPs:
nmap 192.168.1.*
nmap -iL List_Of_IPs.txt
Output results as XML:
nmap -oX Output_file.xml
unix can then convert from xml to html:
xsltproc Output_file.xml > Output_html_file.html
Operating System Fingerprinting:
nmap -O
Generally more information scan – does version detection, OS fingerprinting, and tracerouting with verbose output:
nmap -v -A