About Me

葉柏毅 Alex
Contact: alrex5401@gmail.com
Linkedin：https://www.linkedin.com/in/alrex5401/

虛擬環境建置

Apple M1安裝Kali

安裝虛擬機軟體Vmware Fusion 13

個人版，可以免費註冊使用
https://www.vmware.com/products/fusion/fusion-evaluation.html

下載Kali

現成VM版，不支援ARM，請下載ISO檔自行安裝
https://www.kali.org/get-kali/#kali-arm
kali-linux-2022.3-installer-arm64.iso

建立VM主機

請參考原廠教學，但使用默認值（雷：更改CD-Rom driver會卡在找不到光碟機）
https://www.kali.org/docs/virtualization/install-vmware-guest-vm/

安裝Kali

請參考原廠教學
https://www.kali.org/docs/installation/hard-disk-install/

記得安裝Vmware tools
https://www.kali.org/docs/virtualization/install-vmware-guest-tools/

Window版Workstation Player和Kali安裝

1.Download VMware Workstation Player

https://www.vmware.com/tw/products/workstation-player/workstation-player-evaluation.html

Image Not Showing Possible Reasons

The image file may be corrupted
The server hosting the image is unavailable
The image path is incorrect
The image format is not supported

Learn More →

2.安裝VMWare Player(需重啟作業系統)

Image Not Showing Possible Reasons

The image file may be corrupted
The server hosting the image is unavailable
The image path is incorrect
The image format is not supported

Learn More →

Image Not Showing Possible Reasons

The image file may be corrupted
The server hosting the image is unavailable
The image path is incorrect
The image format is not supported

Learn More →

*此選項需開啟Windows的Hyper-V功能(裝完需重啟作業系統)

Image Not Showing Possible Reasons

The image file may be corrupted
The server hosting the image is unavailable
The image path is incorrect
The image format is not supported

Learn More →

Image Not Showing Possible Reasons

The image file may be corrupted
The server hosting the image is unavailable
The image path is incorrect
The image format is not supported

Learn More →

Image Not Showing Possible Reasons

The image file may be corrupted
The server hosting the image is unavailable
The image path is incorrect
The image format is not supported

Learn More →

Image Not Showing Possible Reasons

The image file may be corrupted
The server hosting the image is unavailable
The image path is incorrect
The image format is not supported

Learn More →

Image Not Showing Possible Reasons

The image file may be corrupted
The server hosting the image is unavailable
The image path is incorrect
The image format is not supported

Learn More →

＊裝完VMWARE需重啟作業系統

3.下載 kali for VMware

https://www.kali.org/get-kali/#kali-virtual-machines

Image Not Showing Possible Reasons

The image file may be corrupted
The server hosting the image is unavailable
The image path is incorrect
The image format is not supported

Learn More →

4.安裝Kali

從這裡我們需要選擇“Open a Vitual Machine”。然後我們導航到我們的 VM 下載的位置並找到該.vmx文件：

Image Not Showing Possible Reasons

The image file may be corrupted
The server hosting the image is unavailable
The image path is incorrect
The image format is not supported

Learn More →

Image Not Showing Possible Reasons

The image file may be corrupted
The server hosting the image is unavailable
The image path is incorrect
The image format is not supported

Learn More →

我們選擇這個然後我們可以繼續前進：

Image Not Showing Possible Reasons

The image file may be corrupted
The server hosting the image is unavailable
The image path is incorrect
The image format is not supported

Learn More →

若需驗證將在此處設置的設置，或需要更改任何設置，可以先執行”Edit vitual machine settings”。

Image Not Showing Possible Reasons

The image file may be corrupted
The server hosting the image is unavailable
The image path is incorrect
The image format is not supported

Learn More →

一旦滿意了，我們就可以選擇啟動虛擬機並正常使用它。請記住，默認登錄用戶為 kali，密碼為 kali 。

Image Not Showing Possible Reasons

The image file may be corrupted
The server hosting the image is unavailable
The image path is incorrect
The image format is not supported

Learn More →

Image Not Showing Possible Reasons

The image file may be corrupted
The server hosting the image is unavailable
The image path is incorrect
The image format is not supported

Learn More →

Windows Docker版Kali安裝

1.下載 Docker Desktop

https://www.docker.com/products/docker-desktop

Image Not Showing Possible Reasons

The image file may be corrupted
The server hosting the image is unavailable
The image path is incorrect
The image format is not supported

Learn More →

執行
Docker Desktop Installer.exe
需勾選Install required Windows component for WSL 2

Image Not Showing Possible Reasons

The image file may be corrupted
The server hosting the image is unavailable
The image path is incorrect
The image format is not supported

Learn More →

重新啟動作業系統。

系統重啟後，會出現對話方塊，提示您需先安裝下一步驟下載的WSL2 Linux kernel update再按對話方塊的Restart鍵。

Image Not Showing Possible Reasons

The image file may be corrupted
The server hosting the image is unavailable
The image path is incorrect
The image format is not supported

Learn More →

安裝WSL2 Linux kernel update
https://wslstorestorage.blob.core.windows.net/wslblob/wsl_update_x64.msi

2.下載並安裝Git

https://git-scm.com/downloads

Image Not Showing Possible Reasons

The image file may be corrupted
The server hosting the image is unavailable
The image path is incorrect
The image format is not supported

Learn More →

Image Not Showing Possible Reasons

The image file may be corrupted
The server hosting the image is unavailable
The image path is incorrect
The image format is not supported

Learn More →

3.執行 Docker Desktop

Image Not Showing Possible Reasons

The image file may be corrupted
The server hosting the image is unavailable
The image path is incorrect
The image format is not supported

Learn More →

4.下載並執行Kali Linux

下載
GitCMD
docker pull iphoneintosh/kali-docker:large

Image Not Showing Possible Reasons

The image file may be corrupted
The server hosting the image is unavailable
The image path is incorrect
The image format is not supported

Learn More →

執行
GitCMD
docker run –name my-kali –rm -it -p 9020:8080 -p 9021:5900 iphoneintosh/kali-docker:large

Image Not Showing Possible Reasons

The image file may be corrupted
The server hosting the image is unavailable
The image path is incorrect
The image format is not supported

Learn More →

5.登入Kali Linux

https://localhost:9020/vnc.html

Image Not Showing Possible Reasons

The image file may be corrupted
The server hosting the image is unavailable
The image path is incorrect
The image format is not supported

Learn More →

密碼:changeme

Image Not Showing Possible Reasons

The image file may be corrupted
The server hosting the image is unavailable
The image path is incorrect
The image format is not supported

Learn More →

Container版OWASP Mutillidae II和WebGoat安裝

1.下載OWASP Mutillidae II

GitCmd
git clone https://github.com/webpwnized/mutillidae-docker.git

啟動OWASP Mutillidae II

在命令提示字元中輸入
ipconfig
找到乙太網路卡 Ethernet(WSL)的IPv4 Address 如: 10.0.1.2

編輯檔案路徑在使用者/<UserName>/mutillidae-docker/docker-compose.yml設定檔

在WWW的ports啟動參數中加入前步驟取出的IP
ports:
- 127.0.0.1:80:80
- 127.0.0.1:443:443
- 192.168.1.91:80:80
- 192.168.1.91:443:443

在GitCmd命令提示字元中輸入以下指令啟用mutillidae
cd mutillidae-docker

docker-compose up

使用noVNC kali的Firefox測試是否連線成功

啟用WebServer

檢視 phpMyAdmin:
http://127.0.0.1:81/

2.設定OWASP Mutillidae II LDAP

登入LDAP Admin: http://127.0.0.1:82/

輸入帳號密碼
Login DN: cn=admin,dc=mutillidae,dc=localhost
Password: mutillidae

複製GITHUB的LDAP設定檔
https://github.com/webpwnized/mutillidae/tree/master/configuration/openldap
的mutillidae.ldif

匯入mutillidae.ldif設定檔(如果匯入失敗，可以直接貼上文字)

檢視LDAP
進入OWASP Mutillidae WWW
http://192.168.1.91/
或http://mutillidae.localhost/

3.下載並執行WebGoat Container

GitCmd
docker pull webgoat/goatandwolf

docker run –name Webgoat -p 192.168.1.91:8080:8080 -p 192.168.1.91:9090:9090 -e TZ=Asia/Taipei webgoat/goatandwolf

WebGoat 將位於：http://192.168.1.91:8080/WebGoat
WebWolf 將位於：http://192.168.1.91:9090/WebWolf
重要事項：選擇正確的時區，以便 docker 容器和主機位於同一時區。因為它對於某些練習中使用的JWT令牌的有效性很重要