I feel I am over my head on this one.  Sucks cause I wanted it.  No luck on getting the two to be able to talk to each other.

I suppose I am still a bit confusedon which computer am I supposed to use to do the attacking.  I first thought the cptvm1 was the attackeing and I was supposed to get info about it (IP ranges, users, username/passwords) then use that to attack cptvm1.  But in order for me to attack the 2nd one I need the tools loaded onto cptvm1 to use them.  If this is the case then I am having problems getting the programs to execute.

Or..

If I am supposed to use my host computer to attack the two VM's and get the info from there.  This is a bit easier for me, but so far the things I have tried has not worked and I still can't talk to the VM's to begin the attack.

Tried calling the oraganization that offers this cert and they have yet to call me back.....3 weeks ago.  tried calling my teacher from Infosec Institute and he has not picked up or called me back or emailed me back.

R2s,

Thanks for the response. I am a bit frustrated to say the least.  If you have been keeping up with this thread since I brought it back from the dead you will see that I am a recent graduate and have never had a IT related job for the most part. 
My knowledge of networks is very basic.  IP's come from the ISP.  No idea what they look like or how they are really generated.  No experience in that.  What do you mean leverage the VM's??  How can I get the root if I cannot even ping the VM to use certain brute force tools to crack the password.  Fomr playing around with John the Ripper, it asks for a Target IP to begin.  I don't know that target IP.

There was not an attack machine or VM given to me.  Just one disc with cptvm1 and cptvm2 on it and a good luck!

OK answer this for me.

I log onto cptvm1 and I go onto the internet on the VM.  I have wireshark up and catching packets.  Why doesn't wireshark show the HTTP traffic.  I've watched some tutorials about wireshark and they show HTTP traffic when using a regular computer.  (the videos were done on a computer and not a VM).

This is what I am seeing so far.

Ok, I open the cmd on my computer.  I type ipconfig and I get the following


Ethernet adapter local area connection:
blah blah blah
blah blah blah blah
IPV4 192.168.1.XXX This is my IP
blah blah blah
blah blah blah

Ethernet Adapter VMware Network Adapter VMnet1:
blah blah blah
blah blah blah
IPv4 192.168.213.1

Ethernet Adapter VMware Network Adapter VMnet8:
blah blah blah
blah blah blah
IPv4  192.168.191.1

I assume these are my VMware IP's?  Why this didn't show the other day I don't know.  Maybe because I had the VM on "host only" and tonight when I got home I changed it to Bridged.

This is what I have so far.  I'm goin to bed.

ok, your computer is getting an IP address. I would ignore the VMNet ips. If you still cannot sweep the vms, I would check your router settings, and insure you are on DHCP and you have enough leases in your pool to give them IP's, and make sure you arent doing anything crazy like MAC filtering, ect. Failing that, PM me and we'll setup a call, i'll try to get you setup.

A very important question though, did you watch the videos?

Oh, my friend, you need to view the videos before you start the exam!!

I see you have the CEH... im a little confused...

When I took that course, I received a disk with the attack machine from class. The instructor told us we were allowed to log into the boxes as we probably wouldn't be able to find remote exploits for the machines.

You may want to consider using a network discovery tool like autoscan. It will find host even if they aren't on the same subnet or network. That should help you.