Yeah, I keep getting torn between trying to convince the powers that be to let me beef up a server and use it for this purpose or avoid that altogether and just confiscate a few engineering workstations and put a couple VMs each.  Or just have static VMs powered down and boot them on my laptop when needed.

Actually I had an HP 350? G5 server about a year ago and put ESXi on it, but mistakenly used static sized hard disks for the VMs and ran out of space.  The VMs were being used as a test environment for an active project so I couldn't delete them and I wasn't given approval to get more disks.  After the project was finished the server got used for something else and I couldn't keep it.

Wow, don't know how I missed that one.  That's what I was looking to find out.

Thanks!

I'm sure everyone here has set up a test lab in one way or another.  If someone were to have access to a multitude of OS's via TechNet or another legitimate means, how would you recommend configuring a test lab?

For example, do you even have a working test lab?  Do you configure one quickly to test a newly disclosed vulnerability?  How often do you test new vulnerabilities?

Anyone seen Live Free or Die Hard?  Just saw it last weekend.

I'm new to these boards too, so welcome!  I think you'll find all sorts of skill levels around here, and the eagerness to learn is infectious!

Oh and one other thing, the USB device can only associate to one device at a time, so it cannot be active in the host if you want it to be used in the guest.  It may be a minor point, but something to keep in mind.

What is the guest OS you are using?

This might be a good time to ask what exactly you mean by "injection."  Is this referring to a MITM scenario or something more basic?

I've worked with LOTS of virtualization hypervisors, and ultimately I would agree with hayabusa.  It's a matter of preference.

VMware has been in the industry the longest so VMware Workstation or VMware Server have typically been the preferred choice.  VirtualBox is open source, so if you like playing around with code you can do that.  Even Microsoft VirtualPC is easy to use if you're in a Windows environment.

It used to be that VMware was the only vendor with USB passthrough, but now the other vendors have that technology too (though I have honestly had problems with USB in VirtualBox, but those problems were from a few versions ago and may have been addressed).  I'd say it comes down to the reliability and capabilities in the VM tools that get installed on the VMs.  In my opinion, VMware still has the upper hand in this area.  But, again, it's a matter of preference.

Yeah, that's what I think my problem is.  Right now I'm just trying to crack a WEP key, which will require having the adapter show up as a wireless device in the VM, as you say.  If I can get this working, then I won't need another computer and can set up a mini lab on my primary box.

I have tested other network-based exploits like MS08-067 and a few browser-based ones, but the wireless attacks are more challenging (if not impossible) if you can't switch to monitor mode.



This looks promising, but I don't know why a specific wireless device should matter since the VM layer sits in between.  I suppose as a USB device the association can be directed strictly to the VM which can't be done with integrated or PCMCIA cards... Does this sound right?  If so, then any USB wireless card should work, so long as you have the right driver and the hypervisor supports USB passthrough.



I may want a dedicated box anyway for the reason you say, hayabusa.  I was trying to avoid scrounging one up though since the ones we have lying around are lying around for a reason...

Hello all, long time reader but never posted before.

I'm in the process of trying to prove a colleague that WEP is about the worst business risk in history, but I ran into a problem trying to crack a WEP key using a BackTrack VM.

Is it possible to access the wlan device from within the VM?  From what I can tell, the VM tools act kind of like an adapter and only contain an interface to a physical ethernet device.  Mapping the wireless device to a VM adapter shows up only as standard ethernet (ie. no monitor mode...).

I've tried this on VirtualPC, VMware and VirtualBox.

Thanks!
yatz