How To Build A Vulnerable Machine: Planning

How To Build A Vulnerable Machine: Planning

Sep 2, 2022·

4 min read

What's Up? In this series of articles, I will be documenting the basics of building vulnerable machines. Machines you can submit to HTB, THM, Offsec UGC, etc. As the series gets deeper, we will start configuring more complex services and vulnerabilities.

Entire youtube playlist.

Github Repo

With our first machine, we learn how to configure and exploit the following technologies and services:

  • FTP, SSH, Apache2

  • 32 Bit LSB Binary Exploitation

  • Misconfigured SUID Binary

  • SUDO Privileges


We will be building our machines with VirtualBox and Vagrant. So for whatever operating system you are currently using, get both of those installed and follow along.

Getting Started With Vagrant

The video related to this part can be found here

This lab build will be done using vagrant and virtualbox on a windows host. You can download vagrant here and virtualbox here. The installation is pretty simple so get that done.

Make the directory you would like to work in and initialize it with vagrant. You can pick whichever version of Ubuntu you would like to use, but in this case we will be using Ubuntu 18 which is Bionic64.

To initialize the working directory you can run vagrant init ubuntu/bionic64. Here is a list of a couple of vagrant commands that may come in handy.

Vagrant commands

vagrant init: initialize the directory and generate vagrant files
vagrant up: spin up the virtual machine
vagrant ssh: ssh into the new created virtual machine as the vagrant user
vagrant halt: shut down the machine
vagrant destroy: destroy the virtual machine

Open the entire directory using the desired text editor of choice. The Vagrantfile is the main configuration file that we will be working with. It is initially full of a lot of random things which I remove and use the following template:

# -*- mode: ruby -*-
# vi: set ft=ruby :

Vagrant.configure("2") do |config|

  # Box Settigs = "ubuntu/bionic64" # machine image
  config.vm.hostname = "naruto" # hostname

  # Provider settings
  config.vm.provider "virtualbox" do |vb|
  # vb.memory = 3048
  # vb.cpus = 2

  # Network Settings
  # "forwarded_port", guest: 80, host: 8080
  # "forwarded_port", guest: 80, host: 8080, host_ip: "" "private_network", ip: "" # this gives it a static IP to work with "public_network"

  # Folder settings
  config.vm.synced_folder "./data", "/root/data", :mount_options => ["dmode=777", "fmode=666"]

  # Provision settings
  # config.vm.provision "shell", inline: <<-SHELL
  #   apt-get update
  #   apt-get install -y apache2

  config.vm.provision "shell", path: "./data/"

Create a directory and name it data. This is the directory we will be using to house our installation script and any other scripts or binaries we may want to move to our newly created VM. It will be mounted to /root/data of the newly created VM, and the contents copied to their respective places and root/data will be deleted. All this will take place at a later stage.

The line config.vm.provision "shell", path: "./data/" specifies our installation script in which we will put all our installation commands. So create the file in the /data directory you created.

All of these files and directories we are creating are on your local machine

After creating the file, enter the following contents into it.

# installation commands for the vulnerable machine naruto
# do not run this machine in your local network without monitoring it

echo -e "\e[1;31m updating repos \e[0m" 
apt update

echo -e "\e[1;31m installing apache \e[0m" 
apt install -y apache2

Save the file and run the command vagrant up to spin up a new VM and it will have Apache2 running on it. This can be confirmed by visiting the given IP address in the browser.

The trick with the installation script is to first ssh into the created VM and run whatever command you want to add to the script on the machine first. If it works without any problems then we add it to the script. This will save time when spinning up the machine each time you destroy it.

Take note that this article will continually be updated as the YouTube playlist gets longer