CEHv12 LAB SETUP GUIDE

Overview
Use this guide to set up your lab for the CEHv12 activities. You will:

1. Prepare your host PC

2. Set up the virtual machines.

You have TWO options to set up the virtual machines. You can choose whichever is better for your
environment:
 OPTION #1 – Download and use ready-made, pre-configured VMs
o Simpler
o Takes less time
o Requires more Internet bandwidth
 OPTION #2 – Manually build the VMs yourself
o More complex
o Takes longer
o Requires less Internet bandwidth

Virtual Machines Overview

Your lab consists of six virtual machines (VMs) running on your host. Five are traditional VMware VMs, and the
seventh is an Android emulator named BlueStacks. Please note that it is not necessary to run all VMs at the
same time. Depending on the activity, you will be able to suspend or shut down one or more of the VMs to
conserve host CPU and RAM resources.
Prepare Your Host PC
Host PC Minimum Requirements
Your Host PC must meet the following minimum requirements:

 Intel i5 CPU 64-bit

 8 GB RAM (16 GB or more recommended)
 150 GB Free Disk Space
 Windows 10 64-bit
 Camera
 High-speed Internet access

Back Up Your PC
When working with hacking tools, there is always a chance that you could accidentally damage your operating
system, apps, or data. Be sure to back up all important data to a removable drive or the cloud before you start.

Uninstall Hyper-V
Microsoft Hyper-V is incompatible with VMware. If you have ever installed or used the Hyper-V feature on your
Host PC, you will need to completely uninstall it, including editing your boot configuration data (BCD). To
uninstall Hyper-V, follow these steps:

1. Search for and open Control Panel.

2. Click Uninstall a program.
3. Click Turn Windows Features on or Off.
4. Uncheck Hyper-V and click OK.
5. If prompted, reboot your PC, and then log back in.
6. Click Start  Command Prompt.
7. Right-click Command Prompt  Run as administrator. When prompted, click Yes.
8. Type the following command and press Enter:
bcdedit /set hypervisorlaunchtype off
9. Close the Command Prompt window.
10. If prompted, reboot and then log back in.

Install Software on the Host PC

1. On your Host PC, download and perform a default installation of the following items IN THIS ORDER:

 Google Chrome 64-bit Standalone Installer

https://archive.org/details/chrome-standalone-setup-64_202205

 7-zip
https://www.7-zip.org/a/7z2107-x64.exe

 VMware Workstation 17 Player

https://www.vmware.com/go/getplayer-win

 BlueStacks version 5 or later. Make sure you use the desktop version, not the BlueStacks X cloud
version.
 https://www.bluestacks.com/download.html

 Wireshark
https://2.na.dl.wireshark.org/win64/Wireshark-win64-4.0.1.exe

 Netcut
https://arcai.com/download_netcut/

2. Download the Flappy Bird Android app. Do not attempt to install it. You will use it later in an activity:

https://d.apkpure.com/b/APK/bay.flappybird?version=latest
Set Up the Virtual Machines
To set up the virtual machines, choose EITHER Option #1 or #2.

Option #1 – Download Pre-configured VMs

The six VMware VMs have been pre-configured and are ready to use. They are zipped up as 7-Zip self-extracting
archives. Some are in multiple pieces. You will download them from two different Google Drives.

You will:

 Download 4 VMs from a Site A mirror

 Download 2 VMs from a Site B mirror
 Extract the VMs
 Open and test the VMs in VMware Workstation 17 Player

Download Group A VMs

Download these 4 VMs from Site A:

 bee-box
 Kali-Linux-2022.2-vmware-amd64.vmwarevm
 metasploitable-linux-2.0.0
 Windows XP Professional

Site A download links:

You can download from any of the following three mirrors. You do not need an account to download:

https://drive.google.com/drive/folders/1oQ8j53UwXEbu8FLIvl0sIDgHAH-BtJh0?usp=share_link

https://drive.google.com/drive/folders/1GadbMrxil9XbKw81pThZ7CEEHaAnXtZf?usp=share_link

https://drive.google.com/drive/folders/1SdAWvduT5ioSTCgn_AKFKOHciy1hXsQG?usp=share_link

Download Group B VM
Download these 2 VMs from Site B:

 Server2016
 W2k

Site B download links:

You can download from any of the following three mirrors. You do not need an account to download:

https://drive.google.com/drive/folders/1V2wIFHvrRRry1FUBMUgr_bXUV43nSE-_?usp=share_link

https://drive.google.com/drive/folders/1D0tcKlCwK8s8nehMyNX8lTquaFSNED7H?usp=share_link

https://drive.google.com/drive/folders/1b62bE2kaUOYAu9ol03kLKuoEDW7WNaIk?usp=share_link
Extract the VMs
Once all parts of all six VMs have been downloaded, you will unzip them.

1. Locate and double-click Kali-Linux-2022.2-vmware-amd64.vmwarevm.exe.

2. In the 7-Zip self-extracting archive popup dialog box, click Extract.
3. Allow Kali Linux to extract into a folder of the same name.
Note: The extraction process will reassemble all of the Kali Linux pieces into a single VM.
4. Using the same technique, extract the other 5 VMs.

Open the VMs in VMware Player

1. Double-click the VMware Workstation 17 Player launcher to start the app.
2. In Player, click Open a Virtual Machine.
3. Navigate into the Kali-Linux-2022.2-vmware-amd64.vmwarevm folder.
4. Select Kali-Linux-2022.2-vmware-amd64 and click Open.
5. In the VMware Workstation Player Library (left pane), verify that you see the Kali-Linux-2022.2-
vmware-amd64 VM.

6. Click Home.
7. Using the same technique, open the other four VMs in VMware Workstation Player.
Note: For each VM, you will need to launch a new instance of Player.
8. Verify that you now see all six VMs in the VMware Player library.
Test the VMs.
1. In Player, select Server2016.
2. Click Play virtual machine.
3. If you are prompted with a popup stating This virtual machine might have been moved or copied,
click I Copied It.
4. Allow Server2016 to boot up.

5. When you see the splash screen, click the Send Ctrl+Alt+Del to virtual machine button .
6. Log in as Administrator with the password of Pa22w0rd!
7. If the Server Manager Dashboard appears, you can close it.

8. Above the VM, click the Suspend guest button

9. When prompted, click Yes.
10. Server2016 will go into suspended (paused) mode, and its window will close.
11. Using the same technique, launch, log into, suspend and close the other 5 VMs. See the following
table for their usernames and passwords.

(Note: the actual order in which you start and stop the VMs is generally not important)

Virtual Machine Username / Password Comment

Server2016 Administrator / none
Pa22w0rd!
Windows XP Professional admin / password none
Metasploitable2-Linux msfadmin / msfadmin Press Ctrl+Alt to release a trapped mouse
Kali-Linux-2022.2-vmware-amd64 kali / kali Linux is case-sensitive
bee-box v1.6 n/a AFTER you see the desktop, resize the VM if
desired
W2k Administrator / none
password

Congratulations! Your CEHv12 lab is ready for use.

Option #2 – Manually Build Your VMs

If you were unable or decided not to download pre-configured VMs, you can manually build them by following
the steps in this section.

Download VMs and ISOs

Download the following VMs and ISOs to your host PC. These will be used to create your lab.

Note: When downloading ISOs from archive.org, on the right side of the download page under DOWNLOAD
OPTIONS, select ISO IMAGE.

 Kali Linux 2022.2 VM

https://kali.download/virtual-images/kali-2022.2/kali-linux-2022.2-vmware-amd64.7z

 Metasploitable 2 VM
https://sourceforge.net/projects/metasploitable/files/latest/download
  Bee-Box v1.6.7
https://sourceforge.net/projects/bwapp/files/bee-box/bee-box_v1.6.7z/download

 Windows Server 2016 Datacenter ISO

https://go.microsoft.com/fwlink/p/?LinkID=2195174&clcid=0x409&culture=en-us&country=US

Alternate download site for Windows Server 2016:

https://archive.org/details/windows-server-2016-datacenter-eval-en-us-14393-refresh_202205

 Windows XP Pro with Service Pack 2 ISO

https://archive.org/download/xp_pro_w_sp2_slipstreamed/xp_pro_w_sp2_slipstreamed.iso

 Windows 2000 Advanced Server

https://archive.org/details/w-2k-adv-server-eval

 W2kSP3 KB835732 WMwareTools Combo

https://archive.org/details/w-2k-sp-3-kb-835732-vmware-tools-combo

 Microsoft SQL Server 2000 Developer Edition

https://archive.org/details/microsoft-sql-server-2000-developer-edition-2000-iso.-7z

 juggybankDB_vulnapp.zip
https://archive.org/details/juggybankDB_vulnapp

Install Server 2016

1. Double-click the VMware Workstation 17 Player launcher to start the app.

1. Click Player  File  New Virtual Machine.

2. Select I will install the operating system later and click Next.
3. Select the Microsoft Windows radio button, and in the Version dropdown box select Windows Server
2016, then click Next.
4. Change the Virtual machine name to Server2016 and then click Next.
5. On the Specify Disk Capacity page, click Next.
6. Click Finish. You should see Windows Server 2016 appear in the VMware library (left pane).
7. Make sure the VM is selected, then click Edit virtual machine settings.
8. On the Hardware tab, select CD/DVD (SATA)
9. Under Connection, click Use ISO image file, then click Browse.
10. Navigate to Windows_Server_2016_Datacenter_EVAL_en-us_14393_refresh.ISO, select it, and click
Open.
11. Back on the Hardware tab, ensure that Connect at power on is checked, then click OK.
12. Click Play virtual machine.
13. If prompted about Removable Devices, click OK.
14. When prompted to Press any key to boot from CD or DVD, press Enter on your keyboard.
 Note: If you missed the prompt, click the Send Ctrl+Alt+Del button at the top of the VM.
Note: During installation, your mouse might get “trapped” in the VM. Press Ctrl+Alt on your keyboard to
release it.

15. On the Windows Setup page, accept the defaults and click Next.
16. Click Install now.
17. On the Select the operating system you want to install page, select Windows Server 2016 Standard
Evaluation (Desktop Experience) and then click Next.
18. Accept the license terms and click Next.
19. Click Custom: Install Windows only (advanced).
20. Click Next.
21. Click Next again.
22. Allow Windows to install. This should take several minutes, depending on the speed of your host
computer. Note: if prompted to install VMware tools, ignore the prompt.
23. On the Customize settings page, for the Administrator account, enter and reenter Pa22w0rd! as the
password (that’s a zero, not a capital O), then click Finish. You should see the Windows logon screen.

Prepare Server 2016

You will configure Server 2016 and install hacking tools on it.

Log into Server 2016

1. Above the VM logon screen, click the Ctrl+Alt+Del button

2. In the Administrator password field, type Pa22w0rd! and click Enter.
3. If prompted Do you want to allow your PC to be discoverable by other PCs and devices… click Yes.
4. Below the VM, in the VMware Tools banner, click Install Tools.
5. Click the DVD Drive (D:) VMware Tools popup.
6. In the DVD Drive (D:) VMware Tools window, click Run setup64.exe.
7. In the VMware Tools Setup wizard, click Next twice, then click Install.
8. Click Finish.
9. Click Yes, and allow Server2016 to restart.

Rename the Server:

1. Log back into Server2016.

2. If necessary, start Server Manager:
a. Click Start  Server Manager.
3. In the Server Manager Dashboard, on the left pane click Local Server.
4. In the PROPERTIES pane, to the right of Computer name, click the link (the current computer name).
5. In the System Properties, in the Computer Name tab, click the Change button.
6. Change the Computer name to Server2016 and click OK.
7. When prompted to restart the computer, click OK.
8. Click Close.
9. In the You must restart your computer to apply these changes dialog box, click Restart Later.

Enable SMBv1:
1. With the Command Prompt still open, enter the following command:
 DISM /Online /Enable-Feature /All /FeatureName:SMB1Protocol

2. Restart the VM.

a. Click Start  power button  Restart  Continue.

3. Allow the VM to restart.

Turn off Windows Firewall

1. Log in to Server2016 as Administrator / Pa22w0rd!
2. If necessary, close Server Manager.

3. On the left side of the Task bar, next to the Start button, click Search Windows .
4. In the Search Windows field, type Windows firewall.
5. In the Best match results, click Windows Firewall.

The Windows Firewall app should open.

6. On the left, click Turn Windows Firewall on or off.

7. Under both Private and Public network settings, change the setting to Turn off Windows Firewall (not
recommended).
 8. Click OK.
9. Close the Windows Firewall window.

Disable Windows Security features:

1. Click the Start button  Settings

2. Click Update & security.
3. Click Windows Update.
4. If you are prompted to install any updates, ignore the prompt.
5. Under Update settings, click Advanced options.
6. Check the Defer feature updates checkbox.
7. In the upper left corner of the Settings window, click the back button (left arrow).
8. Click Windows Defender.
9. Turn off:
 Real-time protection
 Cloud-based Protection
 Automatic sample submission
 Enhanced notifications

10. Under Exclusions, click Add an exclusion.

11. Click Exclude a folder.
12. In the Select Folder dialog box, click This PC, then click Local Disk (C:)
13. Ensure that Local Disk (C:) is selected as the folder, then click Exclude this folder.
14. Close the Settings window.

Disable Windows Updates

1. At the desktop, click Start, type Edit group policy, and in the Best match open Edit group policy.
2. In the Local Group Policy Editor, navigate into Local Computer Policy\Computer Configuration\
Administrative Templates\Windows Components\Windows Update.
3. Locate and double-click Configure Automatic Updates.
4. Change the setting to Disabled and click OK.
5. Close the Local Group Policy Editor.

Add Hacking Tools to Server 2016

1. Switch to your Host PC.
2. Locate the Google Chrome standalone installer that you downloaded earlier.
3. Drag and drop the Google Chrome installer to the Server2016 desktop.
4. Switch to Server2016.
5. Perform a default installation of Google Chrome browser from the installer you just put on the
Server2016 desktop.
6. In Server2016, use Google Chrome to download CEHv12 Hacking Tools (WINDOWS EXECUTABLE) from:

https://archive.org/details/cehv-12-tools_20221123_0215

7. Once the download is complete, double-click CEHv12_Tools.exe to unzip the hacking tools.
8. If prompted, click Run.
9. Click Extract.
10. Navigate into the CEHv12_Tools folder.
11. It should have three subfolders:

12. Navigate into the Install on Server 2016 folder.

13. You should see 24 tools (some are in folders):

14. Navigate into Colasoft Packer Builder folder, double-click pktbuilder_2.0.0.212.exe, and perform a
default installation. Note that the other folders contain standalone executables that do not require
installation.
15. Perform a default installation of each of the following (in the order shown). If any of the tools open up
after installation, you can close them.
 httrack_x64-3.49.2.exe
 Hyena_English_x64.exe
 ipscan-3.8.2-setup.exe
 Wireshark-win64-3.6.5.exe
  kfsens40.msi
 lc7setup_v7.2.0_Win64.exe
 nmap-7.92-setup.exe
o Note: If prompted to replace Npcap with a lower version, click No.
 putty-64bit-0.78-installer.msi
 QS12Setup
 wde.exe

Note: idserve.exe and LOIC.exe are standalone executables that do not require installation. You also
do not need to explicitly install npcap-1.60.exe.

You will install and configure MailEnable, and then Thunderbird, next.

Install the Email System on Server 2016

Server2016 is the email server for your lab.

Add IIS to Server Features

The email server includes a webmail service. You will need to install the IIS web server on Server2016.

1. In Server2016, click Start  Server Manager.

2. Click Add roles and features.
3. Click Next three times.
4. On the Select server roles page, check the Web Server (IIS) checkbox.
5. Click Add Features
6. Click Next four times.
7. Click Install.
8. Allow the feature to install. When finished, click Close.
9. Close Server Manager.

Install MailEnable Standard Email Server

1. In Server2016 Downloads\ CEHv12_Tools\ Install on Server 2016\ locate and double-click
standard1043.
2. Click Run.
3. Click OK twice.
4. Click Next.
5. On the Get Installation Settings page, for the Name and Company, enter anything you like.
6. Click Next six times.
7. On the Get Postoffice Details page, change the Post Office Name to EXAMPLE.TEST, and change the
Password to 1Password
8. Click Next.
9. Click Next again.
10. On the SMTP Connector Configuration page, for the Domain Name enter example.test and click Next.
11. Click Next again, and allow the installation to run.
12. On the Select WebMail Web Root page, click Next.
13. On the Select Web Administration Web Root page, click Next.
14. Allow the installation to complete. This may take a few minutes.
15. Click Finish.
16. A browser will attempt to open to the MailEnable website. Close it (you may have to click Close several
times before you can close the browser).
 17. Restart Server2016, then log back in again as Administrator / Pa22w0rd!

Configure MailEnable SMTP Settings

1. In Server2016, click Start  Mail Enable  MailEnable. The MailEnableAdmin tool opens.
2. In the navigation pane on the left, under MainEnable Management, expand Servers  localhost 
Services and Connectors.
3. Select and then right-click SMTP  Properties.
4. On the General tab, ensure that the Local domain name and Default mail domain name display
example.test
5. Check the Enable PLAIN authentication checkbox.

6. Click Apply.
7. In the popup warning, click OK.
8. Switch to the Inbound tab.
9. Ensure that Inbound IP Bindings is set to Always bind the service to all available IP addresses.
10. Ensure that Allow IPv6 client connectivity is checked.
 11. Click OK.
12. Right-click SMTP  Stop.
13. Wait a few seconds.
14. Right-click SMTP  Start.

Configure MailEnable IMAP Settings

1. In the MailEnableAdmin, under Services and Connectors, select then right-click IMAP  Properties.
2. In the General tab, ensure that Always bind the service to all available IP addresses is selected.
3. Ensure that the Allow IPv6 client connectivity checkbox is checked.
4. Switch to the Settings tab.
5. Uncheck Enable CRAM-MD5 authentication.
6. Ensure that Enable PLAIN authentication is checked.

7. Click OK.
8. Right-click IMAP  Stop.
 9. Wait a few seconds.
10. Right-click IMAP  Start.

Create Mailboxes
1. In MailEnableAdmin, under MailEnable Management, expand Messaging Manager  Post Offices 
EXAMPLE.TEST.
2. Click Mailboxes.
3. Verify that you see the Postmaster mailbox in the middle pane.
4. In the Actions pane on the right, click New Mailbox…
5. In the Mailbox Name: field, enter moo
6. In the Password: field, enter 1Password
7. Click OK.
8. Ensure that you now also see a moo mailbox.
9. Using the same technique, add one or two more mailboxes with names of your choice. To avoid
confusion, use the same password of 1Password

Note: In this case, mailbox user accounts are not integrated with Windows accounts. You can create
email users without having to also create Windows users.

10. Minimize MailEnableAdmin.

Configure Email Clients

Install and configure the Thunderbird email client for at least two of the mailboxes you created.

1. In the CEHv12_Tools\Install on Server 2016\ folder, locate and double-click Thunderbird Setup
102.5.0.exe.
2. When the setup wizard opens, click Next.
3. Click Next again.
4. Click Install.
5. Click Finish.
6. On the Account Setup page, in the Your full name text field, enter Moo
7. In the Email address text field, enter [email protected]
8. In the Password field, enter 1Password
9. Click Configure manually.
10. In the INCOMING SERVER section, ensure that these values are entered:

 Protocol: IMAP
 Hostname: server2016
 Port: 143
 Connection security: None
 Authentication method: Normal password
 Username: [email protected]

11. In the OUTGOING SERVER section, ensure that these values are entered:

 Hostname: <Server2016 IP address>

 Port: 25
 Connection security: None
 Authentication method: Normal password
 Username: [email protected]
12. Click Done.
13. A popup Warning! window will appear, notifying you that the incoming and outgoing settings do not use
encryption. Check the I understand the risks checkbox, and click Confirm.
14. Click Finish.
15. In Moo’s Inbox, verify that you see a New E-Mail Account Notification email.
16. In the Folders pane on the left, select [email protected].
17. In the middle pane, under Set Up Another Account, click Email.
18. Using the same technique you used for moo, configure the settings for at least one of your other email
users. Except for the Full name, Email address and Username, use the same values that you used for
Moo.
19. When finished, verify that you see inboxes for the users you just configured.

Note: If you don’t see the mailboxes, in the upper left corner of Thunderbird click the Mail icon.
Test the Email System
1. Create and send some test emails between the users to ensure that the system works.

Note: when specifying a recipient, you will need to enter their entire email address, not just the user’s
name. For example: [email protected].

Practice Managing the Server2016 VM

Along with Kali Linux, you will use Server2016 in most of your activities. If you have never used VMware
Workstation before, you should get comfortable managing the VMs.

Pause (Suspend) and Un-pause the VM

You can pause a VM when you don’t need to use it for a while. This preserves the VM in its current state,
including running processes. At the same time, it frees up all host CPU and RAM resources that the VM is
currently using. You can un-pause the VM at any time, and can even reboot your host when the VM is in a
paused state.

1. In the upper-left corner of the VM, above the guest OS desktop, locate and click the Pause button.

2. When prompted Are you sure you want to suspend the virtual machine and exit?, click Yes. The VM
window closes and you can safely continue to use or even reboot your computer.
3. To un-pause the VM, double-click the VMware Workstation 17 Player icon:
 4. In the VMware library, select Server2016. Verify that the State is Suspended.
5. Click Play virtual machine.
6. When the VM has resumed, you can continue using it where you previously left off.

Finish Installing Server2016

1. In Server2016, close any open windows.
2. Leave Server2016 running, as you will need it during the installation of Kali Linux.

Install Kali Linux

Open the Kali Linux VM
1. Locate the Kali Linux download.
2. Right-click kali-linux-2022.2-vmware-amd64.7z  7-zip  Extract here. Allow the extraction to finish.
3. Verify that you now have a folder named Kali-Linux-2022.2-vmware-amd64.vmwarevm.
4. Launch a new instance of VMware Workstation 17 Player.
5. Click Open a Virtual Machine.
6. Navigate into the Kali-Linux-2022.2-vmware-amd64.vmwarevm folder.
7. Select Kali-Linux-2022.2-vmware-amd64 and click Open.
8. In the VMware Workstation Player library (left pane), verify that you see the Kali Linux VM.

9. Ensure that the Kali VM is selected, then click Play virtual machine.
10. When prompted, click I Copied It.
11. If prompted about removable devices, click OK.
12. Allow Kali to boot up.
13. At the login screen, in both the username and password fields, enter kali and then click Log In.

Enable the Kali root account

1. Above the Kali desktop, in the upper left, click the Terminal Emulator launcher. A terminal window
opens.
 2. In the terminal window, type the following command and then press Enter:
(Note: Linux commands are case-sensitive)

sudo passwd root

3. When prompted for the password for kali, type kali and then press Enter.
4. When prompted for New password, type kali and then press Enter.
5. When prompted, retype kali and press Enter.

Install Thunderbird on Kali

1. Above the Kali desktop, in the upper right corner, click the Logout button , then click Log Out.
2. At the login prompt, log in as root with the password of kali.
3. At the desktop, open a terminal.
4. In the terminal window, enter the following command:

sudo apt update && apt upgrade

5. After a moment, the update will pause and prompt you Do you want to continue? Type Y and press
Enter.
6. Allow the update and upgrade to continue. This will take a few minutes.
7. When prompted to restart services without asking, press Tab to select Yes and then press Enter.
8. Allow the upgrade to continue.
9. If prompted about obsolete major version 14 of postgresql, press Tab to select OK, then press Enter.
10. The upgrade continues.
11. When the upgrade is finished, enter this command:

apt install thunderbird

12. When prompted do you want to continue, enter Y

13. Allow Thunderbird to finish installing.
14. Log out of Kali.
a. In the upper right, above the Kali desktop, click the Log Out button.
15. Click Log Out.
16. Log back into Kali as kali with the password of kali.
17. In the upper left corner above the desktop, click the Applications launcher.
18. Click Usual Applications  Internet  Thunderbird.

19. Just as you did in Server2016, set up a mailbox on Kali for Moo:

 Your full name: Moo

 Email address: [email protected]
 Password: 1Password

Click Configure manually

INCOMING SERVER
 Protocol: IMAP
 Hostname: server2016
 Port: 143
 Connection security: None
 Authentication method: Normal password
 Username: [email protected]
 OUTGOING SERVER
 Hostname: server2016
 Port: 25
 Connection security: None
 Authentication method: Normal password
 Username: [email protected]

20. Open Moo’s Inbox.

21. Verify that you see the email correspondence with the other user(s).
22. Send a test reply and ensure that it is successfully sent.

Finish Installing Kali Linux

1. Close all open windows.

2. In VMware Player, click the Suspend guest button to pause Kali. Allow the VM to close.
3. Similarly, pause the Server2016 VM. It too will close.

Install Metasploitable
Note: Keep in mind that Metasploitable has no GUI. You must type all commands, and they are case sensitive.
Additionally, VMware Tools will not install in the OS. The VM will capture your mouse. Press Ctrl+Alt to release
your mouse. If you want to type in Metasploitable, click into the command prompt window first before typing.

Open Metasploitable in VMware Player

1. Browse to your downloads and locate metasploitable-linux-2.0.0.zip.
2. Right-click the zip file  Extract All  Extract.
3. Using the technique you recently learned, open Metasploitable in a new instance of VMware Player.
4. Play the virtual machine.
5. When prompted, click I Copied It.
6. If prompted about removable devices, click OK.
7. Start Metasploitable.
8. If the VMware Tools banner appears at the bottom of the VM, click Never Remind Me.

Correct Configuration Error

Metasploitable 2 shipped with a configuration error. You will manually correct this.

1. At the metasploitable login: prompt, click into the command prompt. Then type msfadmin and press
Enter.
2. At the Password: prompt, again type msfadmin and press Enter.
3. Verify that you have logged in successfully.
4. Enter the following command:

sudo nano /var/www/mutillidae/config.inc

5. When prompted for the password, enter msfadmin

6. Using the arrow keys on your keyboard to navigate, and the backspace key to erase, replace ‘metasploit’
with ‘owasp10’.
 7. Press Ctrl+o
8. Press Enter
9. Press Ctrl+x
10. Verify that the correction was successful by entering this command:

cat /var/www/mutillidae/config.inc

Configure FTP Bounce Vulnerability

1. Navigate into /etc directory with this command:

cd /etc

2. Open vsftpd.conf with this command:

sudo nano vsftpd.conf

3. Press your keyboard down arrow until you reach the end of the file.
4. Add the following lines at the end:

# Make server susceptible to FTP Bounce Attack

pasv_promiscuous=YES
port_promiscuous=YES
 5. Press Ctrl+o
6. Press Enter
7. Press Ctrl+x
8. Press Enter

Finish installing Metasploitable

1. In VMware Player, suspend Metasploitable and allow the VM to close.

Metasploitable is now ready for use.

Note: Here are the commands if you ever wish to shut down or reboot Metasploitable:

Shut down: sudo init 0

Reboot: sudo init 6

When prompted for the password, enter msfadmin

Install Bee-Box
1. Locate and right-click bee-box_v1.6.7z  7-Zip  Extract Here.
2. Open bee-box in VMware Player.
3. Start bee-box.
4. Click I Copied It.
5. Click OK to removable devices.
6. Allow bee-box to boot up.
Note: the bee-box VM will automatically fill your screen. You can resize it AFTER it is fully booted and

you see the desktop. In the upper-right corner of the VM, click the Restore Down button to
resize its window to be smaller.

Note: you might need to grab and drag the lower right corner of the VM to make it slightly larger. This
will allow you to see entire windows without having to scroll inside the VM.

Change the Bee-Box Keyboard to US English

Bee-box uses a Belgian keyboard by default. You will change this.

1. At the top of the bee-box VM, click System  Preferences  Keyboard.

2. Switch to the Layouts tab.

 3. Click + Add
4. Change the Layouts: dropdown box to USA.
5. Click + Add.
6. Change the Default layout to USA.

Finish Installing Bee-Box

1. In bee-box, close any open windows.
2. In VMware Player, suspend bee-box and allow the VM to close.

Install Windows XP
1. In VMware Workstation Player, create a new VM with these choices:

 I will install the operating system later.

 Microsoft Windows – Windows XP Professional

2. In the Windows XP Professional VM Settings, set the CD/DVD to use xp_pro_w_sp2_slipstreamed.iso,

and start the VM.
3. At the Welcome to Setup page, press Enter.
4. At the Windows XP Licensing Agreement page, Press F8
5. At the partition page, press Enter.
6. Press Enter again.
7. Allow XP to install.
8. In the GUI stage, at the Regional and Language Options page, click Next.
9. At the Personalize Your Software page, for the Name and Organization, enter anything you like and
click Next.
10. At the Your Product Key page enter H36CC-HFBHM-FVY9Q-VFPVC-4H9VG and click Next.
11. At the Computer Name and Administrator Password page, enter the following information:

 Computer name: XP-PRO

 Administrator password: password
 Confirm password: password
 12. Click Next.
13. At the Date and Time Settings page, click Next.
14. Click Next two more times.
15. In the Display Settings popup box, click OK.
16. In the Monitor Settings popup box, click OK.
17. On the Welcome to Microsoft Windows page, click Next.
18. On the Help protect your PC page, click Not right now, then click Next.
19. On the Internet connection page, click Next.
20. On the Ready to register with Microsoft page, select No, not at this time, and then click Next.
21. On the Who will use this computer? page, in Your name: enter admin then click Next.
22. Click Finish.
Configure XP-PRO
1. At the XP desktop, click start  Control Panel.
2. Click Switch to Classic View.
3. Open Administrative Tools  Local Security Policy  Local Policies  Security Options.
4. Locate the policy Network access: Sharing and security model for local accounts.
5. Double-click the policy and change the setting to: Classic – local users authenticate as themselves.
6. Click OK.
7. Close the Local Security Settings.
8. Close the Administrative Tools.
9. Open a command prompt:
a. Click Start  Run
b. Enter cmd and then click OK.
c. Type the following command and then press Enter:

net user admin password

10. Test the password:

a. Click Start  Log Off  Log Off
b. In the login screen for admin, type password and then press Enter.
c. Verify that you obtain a desktop.

Install Hacking Tools on XP-PRO

1. Switch to your Host PC.
2. Start the Server2016 VM.
3. Switch back to XP-PRO.
4. Create the C:\Tools folder in XP-PRO.
a. In XP-PRO, click start  My Computer
b. Double-click Local Disk (C:)
5. Click Show the contents of this folder
6. Once in the C: drive, click File  New  Folder
7. Rename the folder to Tools
8. Click Start  Run
9. In the Run line, type \\Server2016\C$ and press Enter.
10. In the Connect to Server2016 dialog box, enter:
  User name: Administrator
 Password: Pa22w0rd!

11. Click OK.

12. In the \\server2016\c$ window, navigate into Users\Administrator\Downloads\CEHv12_Tools\Install
on XP\

13. Copy the four files into C:\Tools\

14. Close the window to \\server2016\c$
15. In C:\Tools, perform a default installation of AdbeRdr812_en_US.
16. Install Internet Explorer 8:
a. Double-click IE8-WindowsXP-x86-ENU.
b. On the Welcome to Windows Internet Explorer 8 page, select I want to help improve Internet
Explorer and then click Next.
c. Click I accept.
d. Uncheck Install updates and click Next.
e. Click Restart now (recommended).
f. Allow XP-PRO to restart.
g. Log in as admin / password
h. If necessary, navigate back into C:\Tools
17. Unzip Valhala honeypot:
a. Right-click valhala180-english.zip  Extract All
b. Click Next twice.
c. Click Finish.
d. Verify that you see the honeypot.
 18. In C:\Tools, unzip prorat_v1.9
19. When prompted for a password, enter pro
20. Allow the extraction to complete and click Finish.

Finish Installing XP-PRO

1. In XP-PRO, close any open windows.
2. In VMware Player, suspend XP-PRO, and allow the VM to close.

Congratulations! Your CEHv12 lab is set up and ready to use.

Install Windows 2000 Advanced Server
Start the OS Installation
1. In VMware Workstation Player, create a new VM with these choices:

 I will install the operating system later.

 Microsoft Windows – Windows 2000 Advanced Server
 Virtual machine name: W2k

2. In the Windows 2000 Advanced Server Settings, set the CD/DVD to use W2kAdvServerEval.iso, and
start the VM.
3. At the Windows 2000 Server Setup page, click into the page and press Enter.
4. At the Welcome to Setup page, press Enter.
5. At the next page, press C.
6. At the licensing page, press F8.
7. At the partitions page, press C.
8. At the partition size page, press Enter.
9. At the next page, press Enter again.
10. At the format partition page, use the down arrow key to select Format the partition using the FAT file
system, and then press Enter.
11. Press Enter again, and allow the installation to run.

Complete the OS Installation

The rest of the installation is GUI-based.

1. At the Regional Settings page, click Next.

2. At the Personalize Your Software page, enter any name and organization you wish, and click Next.
3. At the Your Product Key page, enter RBDC9-VTRC8-D7972-J97JY-PRVMG and click Next.
4. At the Licensing Modes page, click Next.
5. At the Computer Name and Administrator Password page, enter the following and click Next:

 Computer name: W2K

 Administrator password: password

6. Click Next four more times.

7. At the evaluation copy popup warning, click OK.
8. At the Date/Time Properties page, ensure that the date and time are correct and click OK.
9. Click Finish.
10. When the installation is finished, at the login screen, log in as administrator / password.
11. At the desktop, the Configure Your Server page opens. Select I will configure this server later, and then
click Next.
12. Uncheck Show this screen at startup, and then close the window.

Install Service Pack 3, Hotfix, and VMware Tools

1. In the W2k VM Settings, change the CD/DVD ISO to W2kSP3_KB835732_VMwareTools_Combo.iso.
2. 2. In Device status, ensure that the Connected checkbox is checked, then click OK.

3. At the login screen, press the Ctrl+Alt+Del button.

4. In the Administrator password field enter password and click OK.
 5. On the desktop, open My Computer.
6. Double-click ISO Label (D:) to open it.
7. Perform a default installation of the three executables on the CD in the following order. You will have to
reboot W2k after installing each:
a. W2ksp3
b. KB835732-x8-enu
c. Win2k_VMwareToolsUpgrader

Note: If after installing VMWareToolsUpgrader the VM freezes upon reboot, attempt to close
the VM window. You will get error messages, but the VM should unfreeze and continue its
reboot.

Increase the Screen Resolution and VM size

1. Log into W2k as administrator / password.
2. Right-click the desktop  Properties.
3. In the Display Properties, switch to the Settings tab.
4. Verify that Colors is set to True Color (32 bit).
5. Change the Screen area to a higher resolution such as 1024 x 768.
6. Click Apply, then click OK, then click Yes, then click OK again.

Install Microsoft SQL Server 2000 Developer Edition

1. In the W2k VM Settings, change the CD/DVD ISO to Microsoft SQL Server 2000 Developer Edition\
disk01.iso.
2. Start W2k and log in as administrator / password.
3. Open My Computer.
4. Double-click SQL2000_DEV (D:)
5. Locate and double-click autorun.

6. Click SQL Server 2000 Components.

7. Click Install Database Server.
8. At the Welcome page click Next.
9. Click Next three more times.
10. Click Yes.
11. In the CD-Key page, enter H9P9T-J7CB2-362P4-WJ3FG-9FT73 and then click Next.
12. Click Next three more times.
13. At the Services Accounts page, select Use the Local System account and then click Next.
14. At the Authentication Mode page, select Mixed Mode (Windows Authentication and SQL Server
Authentication).
15. Check the Blank Password (not recommended) checkbox and then click Next.
16. Click Next again.
17. Allow the installation to run.
18. At the Setup Complete page, click Finish.

Install the Juggybank Database

1. In the Wk2 VM window, click Player  Manage  Virtual Machine Settings.
2. In the W2k VM Settings, change the CD/DVD ISO to juggybankDB_vulnapp.iso, uncheck Connected,
then click OK.
3. Reopen the VM Settings, select CD/DVD, check Connected, and then click OK.
4. Open My Computer.
5. Open ISO Label (D:).
6. Verify that you see the vulnapp folder, and juggybank_backup.
7. Copy the vulnapp folder and juggybank_backup to C:\Inetpub.

8. In W2k, click Start  Programs  Microsoft SQL Server  Enterprise Manager.

9. In SQL Server Enterprise Manager, under Console Root, expand Microsoft SQL Servers  SQL Server
Group.
10. Expand W2K (Windows NT). Allow it a moment to initialize and expand.
11. When it expands, right-click Databases  All Tasks  Restore Database.
12. On the General tab, in the Restore: section, select From device.
13. In the Restore as database: text box, change master to juggybank (you will have to type the name).
14. Click the Select Devices button.
15. Click Add.
16. In the Choose Restore Destination page, ensure that the File name: radio button is selected, then click
the browse button …
17. Browse to and select C:\Inetpub\juggybank_backup, then click OK.
18. Click OK again.
19. Ensure that Restore from Disk is selected, with the Device name C:\Inetpub\juggybank_backup.
 20. Click OK three times.

21. Verify that you see juggybank amongst the other databases. If necessary, click the Refresh button

22. Minimize SQL Server Enterprise Manager.

Connect Vulnapp to IIS

1. In W2k, click Start  Settings  Control Panel  Administrative Tools.
2. Double-click Internet Services Manager.
3. Under Internet Information Services, expand wk2.
4. Select and right-click Default Web Site  New  Virtual Directory.
5. In the Virtual Directory Creation Wizard click Next.
6. On the Virtual Directory Alias page, in the Alias: text box, type bankapp and click Next.
7. On the Web Site Content Directory page, browse into C:\Inetpub, select the vulnapp folder, and click
OK.
8. Click Next.
9. On the Access Permissions page, ensure that Read, Run scripts, and Execute are all checked, and click
Next.
10. Click Finish.
11. Close Internet Information Services manager.
12. In Administrative Tools, double-click Data Sources (ODBC).
13. In the ODBC Data Source Administrator, switch to the System DSN tab.
14. Click Add…
15. Scroll down and select SQL Server.

16. Click Finish.

17. On the next page, enter or select the following:

Name: juggybank
Description: juggybank database
Server: W2K
18. On the next page, select With SQL Server authentication using a login ID and password entered by the
user.
19. Ensure that the Connect to SQL Server to obtain default settings for the additional configuration
options checkbox is checked.
20. In the Login ID: field, type sa
21. Leave the Password field blank and then click Next.

22. On the next page, check the Change the default database to: checkbox, and select juggybank.
23. Click Next twice.
 24. Click Test Data Source.
25. Verify that the TESTS COMPLETED SUCCESSFULLY and then click OK.
26. Click OK two more times.
27. Close Administrative Tools.

Test the Database

1. Switch to your Host PC.
2. Open a browser to http://W2k/bankapp/client2.htm
3. Ensure that you see the Welcome to JuggyBank page.

4. Scroll down and log in as haja / haja

5. Verify that you see a customer record.

Finish Installing W2k

1. In W2k, close any open windows.
2. In VMware Player, suspend W2k, and allow the VM to close.
 Congratulations! Your lab setup is complete and ready to use!

Troubleshooting
Follow these guides to troubleshoot the most common problems associated with your lab.

Mouse keeps getting trapped in a VM

This happens because VMWare Tools have not been successfully installed in the VM. Perform or keep in mind
the following:

 After you install the operating system, install VMware Tools in the VM:
1. Click Player  Manage  Install VMware Tools.
2. Follow the wizard to perform a default installation.
3. Restart the VM if prompted.
 If you click your mouse into a VM and it is trapped, press Ctrl+Alt to release it.
 You cannot install VMware Tools in Metasploitable, since it has no GUI.
 If you have already installed VMware Tools in a VM, but the mouse becomes trapped again, reinstall
the Tools in that OS, choosing Repair.

You must click an object multiple times in a VM before it opens, or before

you can type
As you switch back and forth between VMs, or between a VM and your Host PC, it’s easy to lose track of which
window has focus.

1. Click into the desired VM once before attempting to select anything inside of it. If you are trying to type
a command in the VM, click inside its command prompt before typing.

How to Shut Down or Reboot Metasploitable

There may be times when it becomes necessary to shut down or restart Metasploitable. This can especially
happen if you have performed an exploit against the VM.

 Command to shut down: sudo init 0

 Command to reboot: sudo init 6

When prompted for the password, enter msfadmin

Allow the VM to finish the shutdown / restart process.

VMware Player prompts you to Take Ownership of a VM

This happens when you already have the VM running in another window, or when the VM is in a suspended
state. Check your Host PC Taskbar carefully for other running instances of that VM. Be sure to only open one
instance of each VM.

Virtual Machine does not start

This most often happens when the VM is already running, and you try to open it again, OR its files were copied
while they were still locked.

Symptoms:

 Your virtual machine does not start.

 You cannot boot your virtual machine.
 You see one of these errors:
 o Cannot open the disk or one of the snapshot disks it depends on.
o Failed to lock the file.
o The virtual machine is already powered on.

To fix the problem:

1. Ensure that the VM is not already running.

2. Navigate into the VM folder.
3. Delete any file or folder that has a .lck extension.
4. Start up the VM.

Virtual Machine freezes / becomes unresponsive

Occasionally, VMware Player may lose its connection to a running virtual machine.

1. If the VM does not respond at all, simply close its window.

2. If prompted to shut down, allow Player to shut the machine down.
3. Reopen / run the machine again in Player.

Problems resizing Bee-box VM

When you start the bee-box VM, you will often see VMware Player’s Menu Bar overlayed on top of the bee-box
Menu Bar:

1. Drag the corners of the VM to make it smaller.

2. Ensure that the Player menu bar is now it is proper place:

3. You should now be able to toggle the VM normally between Minimize, Resize, and Close.

Bee-box Displays Strange or Unexpected Characters When You Type

Bee-box uses a Belgian keyboard by default. During setup, you changed the default Keyboard Indicator
to USA. Unfortunately, you may still get strange or unexpected characters when you type.

1. To fix the problem, locate the Keyboard Indicator button in the center of the desktop Menu Bar. Toggle
it from USA to Bel (or back) as needed.
Verify XP-PRO is activated
1. In XP-PRO, click Start  Command Prompt.
2. Type cd c:\windows\system32\oobe and then press Enter.
3. Then type msoobe /a and press Enter.
4. In the Windows Product Activation window, verify that Windows is already activated.
5. Close the Activate Windows window.

Verify when W2k evaluation period expires

Unfortunately, the Windows 2000 evaluation period cannot be extended. You will have to create a new W2k VM
every 180 days to continue using it. Follow these steps to determine when the evaluation period will expire:

1. At the W2k desktop, click Start  Run.

2. In the Run line, type winver and press Enter.
3. In the About Windows popup window, locate and examine the Evaluation copy expiration date.
4. Close the About Windows window.

Extend Activation Period for Server2016

You can extend the 180-day activation period for Windows Server 2016 evaluation copy up to six times, for a
total of 3 years (180 days * 6 = 3 years).

Note: Wait until the Windows License is expired or near expiration before reactivating.

1. In Server2016, click the Start window and then start typing Command Prompt.
2. In the Best match results, right-click Command Prompt  Run as administrator.
3. In the Command Prompt, type or paste the following command, then press Enter:

cscript.exe %windir%\system32\slmgr.vbs /dlv

4. At the bottom of the results, verify that you still have at least one remaining Windows rearm count.
5. Enter the following:

cscript.exe %windir%\system32\slmgr.vbs /rearm

6. Close the Command Prompt.

Alternate Tools Download Sites

The tools in CEH_v12_Tools.iso can also be obtained from their original sources. Be sure to disable any antivirus
or real-time protection before you download these tools.

 7-zip
https://www.7-zip.org/a/7z2107-x64.exe

 Adobe Acrobat Reader v8.1.2

 https://archive.org/details/adbe-rdr-812-en-us

 Angry IP Scanner
https://github.com/angryip/ipscan/releases/download/3.8.2/ipscan-3.8.2-setup.exe

 Bluestacks 5
https://www.bluestacks.com/download.html

 Cain & Abel

https://web.archive.org/web/20160214132154/http://www.oxid.it/downloads/ca_setup.exe

 Colasoft Packet Builder

https://www.colasoft.com/download/products/download_packet_builder.php

 Facebook Lite APK

https://archive.org/details/facebook-lite-v-305.0.0.12.106-apkpure.com

 FOCA
https://foca.en.softonic.com/download

 Google Chrome 64-bit Standalone Installer

https://archive.org/details/chrome-standalone-setup-64_202205

 High Orbit Ion Cannon (HOIC)

https://sourceforge.net/projects/highorbitioncannon

 HTTrack
https://www.httrack.com/page/2/en/index.html

 Hyena x64 (trial)

https://www.systemtools.com/hyena/trial_download.htm

 ID Serve
https://www.grc.com/files/idserve.exe

 Internet Explorer 8 (IE8)

https://archive.org/details/ie-8-windows-xp-x-86-enu_202211

 KFSensor (trial)
http://www.keyfocus.net/kfsensor/download/kfsens40.msi

 L0phtCrack7
https://l0phtcrack.gitlab.io/releases/7.2.0/lc7setup_v7.2.0_Win64.exe

 Low Orbit Ion Cannon (LOIC)

https://sourceforge.net/projects/loic
 MailEnable Standard Edition
https://www.mailenable.com/download-thank-you.asp?prod=1&v=1043

 Netcat for Windows

https://archive.org/details/nc111nt

 Netcut
https://arcai.com/download_netcut/

 Nmap for Windows

(Note: Be sure to obtain both Nmap-7.92-setup.exe AND npcap-1.60.exe)
https://nmap.org/download.html#windows

 ophcrack
https://sourceforge.net/projects/ophcrack/

 ProRat 1.9
https://prorat.software.informer.com/download/

 PuTTY
https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html

 Pwdump7
https://www.tarasco.org/security/pwdump_7/

 QuickStego
https://download.cnet.com/QuickStego/3000-2092_4-75593140.html

 Snow (snwdos32.zip)
http://darkside.com.au/snow/

 SoftPerfect Network Scanner (Windows portable 8.1.4)

https://www.softperfect.com/download/files/netscan_portable.zip

 Thunderbird Email Client

https://www.thunderbird.net/en-US/download/

 Valhala Honeypot 1.8 English Edition

https://sourceforge.net/projects/valhalahoneypot/

 VMware Workstation 16 Player

https://www.vmware.com/go/getplayer-win

 Web Data Extractor 8.3

http://www.webextractor.com/download.htm

 Wireshark (Windows Installer 64 bit)

 https://www.wireshark.org/download.html

~ finish ~