I haven't used VMWare Player in awhile, but when setting up a new VM in VirtualBox you have to make sure you load the CD/ISO in the virtual CD-ROM, then boot up the VM.  It's like you're setting up the hardware (creating the VM to show up in your list), then installing the OS...if that makes sense.

Most class VM's SHOULD be good to go, already.  If they gave you the vmdk files, and they're fairly sizeable, you shouldn't have to install an OS.  You should just go to the file menu in VMWare, do an Open, and browse to the proper vmx config files, for each.  The only other thing you might have to do (maybe) is edit the vmx to make sure paths are set to your local machine file paths.

Oh, and one more thing...  If you copied the files from CD or DVD, make sure to take off the Read-Only flag on them...  That might be contributing to your grief.

(edit - you can't run them from the CD /DVD unless they're just 'live dvd' images)

Here are the instructions:

On the DVD provided to you, will be a folder named CPT Practical.  In this folder you’ll find a copy of winrar, a copy of vmware player and two virtual machines.  You’ll need to uncompress the .rar files using winrar, then start the virtual machines included in these two .rar files

(CPT VM1.rar and CPT VM2.rar).  Once these are started you’ll need to perform a penetration test against these two virtual machines.

No IP addresses will be given.  You must first discover the ip’s of the two virtual machines first.  Once you’ve discovered them you will need to do recon on both machines. You’ll need to configure your network or computer appropriately to operate on the same network or in the same network range of the two VM’s.   You are allowed to use the Linux Attack VM you were given in the Infosec Institute Ethical Hacking class.  Discover if there’s any services running on them that might be vulnerable.  You’ll need to document your network recon efforts.

It might be helpful to perform man in the middle per your instructions in class, against the two virtual mchines.  From this MiTM you should get at least one of the two root passwords!

You must launch a network based penetration attack against the two machines and discover potential credentials.  The only hint you have in that regard is the paragraph above.  The end result should be that you obtain the root password to one of the virtual machines.

Once you’ve gained root on one machine, you’ll need to crack some other user accounts on that compromised machine.  Remember credentials and accounts MIGHT be used on both machines, so once you’ve cracked the accounts on the first machine, consider that possibility.

Once you gain some level of access on the second machine (it most likely won’t be root privileges), you’ll need to perform a local exploit or as it’s also called a privilege escalation exploit to gather the shadow file on the second machine.  Once you have the shadow file, crack away until you have the second root password.

Be advised you won’t be considered for being awarded the IACRB Certified Penetration Tester certification if both root passwords are not obtained and/or you don’t document your penetration test.

Good Luck!

Oh...  And Good Luck!  :-D

Ok, been working on this for like 4 hrs now.  I have been trying a bunch of passwords to try and get into the first system.

How am I supposed to attack this machine with a brute force if the computer is VM.  Can I attack it from my desktop?  I guess I don't understand how I am supposed to attack VMware if I can't be physically be in the VM yet?

My goal right now is to get the username/password to get into the CPT VM1.

Ya I got the username/password shortly after posting this.  That is common with me as I "jump the gun" on things sometimes.

So let me ask this.  There is no real way to get the files that Infosec gave me on a 2nd CD that has most of the tools I would use to do this onto the VM machine, correct?  I am stuck here now.

Trying to download things like Jon the Ripper and it saves it at the Home but since i have virtually no experience with Linux I am up the river without a paddle.

So again my question is can I get files from my CD drive ontp the VM.  As of right now I don't think so.