Damn Vulnerable Windows 7: Lesson 2: How to Install BadBlue
ComputerSecurityStudent (CSS) [Login] [Join Now]




|WINDOWS >> Damn Vulnerable Windows >> W7-SP1 IE8 >> Current Page |Views: 4079

(Damn Vulnerable Windows 7: Lesson 2)

{ How to Install BadBlue }


Section 0. Background Information
  1. What is BadBlue?
    • BadBlue is the file-sharing web server that allows the sharing of photos, music, videos, and business files.  BadBlue can also be integrated with PHP and Perl applications.

  2. Exploit Description
  3. Pre-Requisite Lab
    1. Damn Vulnerable Windows 7: Lesson 1: How to create a Damn Vulnerable Windows 7 Machine
     
  4. Lab Notes
    • In this lab we will do the following:
      1. Download BadBlue
      2. Install BadBlue
      3. Run BadBlue

  5. Legal Disclaimer
    • As a condition of your use of this Web site, you warrant to computersecuritystudent.com that you will not use this Web site for any purpose that is unlawful or that is prohibited by these terms, conditions, and notices.
    • In accordance with UCC § 2-316, this product is provided with "no warranties, either express or implied." The information contained is provided "as-is", with "no guarantee of merchantability."
    • In addition, this is a teaching website that does not condone malicious behavior of any kind.
    • You are on notice, that continuing and/or using this lab outside your "own" test environment is considered malicious and is against the law.
    • © 2015 No content replication of any kind is allowed without express written permission.

 

Section 1: Start your Windows 7 VM
  1. Open VMware Player on your windows machine.
    • Instructions:
      1. Click the Start Button
      2. Type "vmware player" in the search box
      3. Click on VMware Player

     

  2. Edit Virtual Machine Settings
    • Instructions
      1. Click on Damn Vulnerable Windows 7
      2. Click on Edit virtual machine settings

     

  3. Configure CD/DVE(IDE)
    • Instructions:
      1. Select CD/DVD (IDE)
      2. Click on the Use physical drive: radio button
      3. Select Auto detect
    • Note(FYI):
      1. Do not click on the OK Button

     

  4. Configure Memory
    • Instructions:
      1. Select Memory
      2. Click on "512 MB"
    • Note(FYI):
      • Temporarily lower the amount of memory to 512 MB to limit the size of the crash dump file that we will later analyze in a proceeding lesson.

     

  5. Configure Network Adapter
    • Instructions:
      1. Select Network Adapter
      2. Click the radio button "NAT: Used to share the host's IP address"
      3. Click the OK button
    • Note(FYI):
      1. We will use NAT instead of bridged, because of multiple VMware Player issues with Windows 7 not acquiring an IP Address when using a Wireless connection.

     

  6. Start Damn Vulnerable Windows 7
    • Instructions
      1. Click on Damn Vulnerable Windows 7
      2. Click on Play virtual machine

     

Section 2: Login to Windows 7
  1. Select Login User
    • Instructions:
      1. Click on Administrator

     

  2. Switch User
    • Instructions:
      1. Supply the Administrator password (password).
      2. Click on the arrow

 

Section 3: Download and Install BadBlue
  1. Open Firefox (On Damn Vulnerable Windows 7)
    • Instructions:
      1. Click the Windows Start Button
      2. Search for firefox
      3. Click on Mozilla Firefox

     

  2. Download BadBlue
    • Instructions:
      1. Navigate to the following URL
        • https://www.exploit-db.com/apps/396bedff015be885c1719f39f4561081-badblue.tar_.gz
      2. Click on the Save File Radio Button
      3. Click on OK Button

     

  3. Go To Downloads Folder
    • Instructions:
      1. Tools --> Downloads

     

  4. Open Containing Folder
    • Instructions:
      1. Right Click on 396bedff015be885c1719f39f4561081-badblue.tar_.gz
      2. Click on Open Containing Folder

     

  5. Unzip 396bedff015be885c1719f39f4561081-badblue.tar_.gz
    • Instructions:
      1. Right Click on 396bedff015be885c1719f39f4561081-badblue.tar_.gz
      2. Click on 7-Zip
      3. Click on 396bedff015be885c1719f39f4561081-badblue.tar_

     

  6. Open 396bedff015be885c1719f39f4561081-badblue.tar_ Folder
    • Instructions:
      1. Right Click on 396bedff015be885c1719f39f4561081-badblue.tar_
      2. Click on Open

     

  7. Extract Here
    • Instructions:
      1. Right Click on 396bedff015be885c1719f39f4561081-badblue.tar_
      2. Click on 7-Zip
      3. Click on Extract Here

     

  8. Begin BadBlue Installation
    • Instructions:
      1. Right Click on bb98
      2. Click on Open

     

  9. BadBlue Setup
    • Instructions:
      1. Click on Next Button

     

  10. Install BadBlue
    • Instructions:
      1. Click on Install Button

     

  11. BadBlue Automatic Startup
    • Instructions:
      1. Click on Yes Button

     

  12. Run BadBlue
    • Instructions:
      1. Click on Finish Button

     

  13. License Agreement
    • Instructions:
      1. Full name: Your Name
      2. Email address: name@email.com
      3. Scroll to the end of the EULA
      4. Click the Agree Button

     

  14. View BadBlue Application
    • Note(FYI):
      1. BadBlue will start After clicking the Agree button

     

Section 4: Proof of Lab
  1. Open Command Prompt
    • Instructions:
      1. Click the Start Button
      2. Search for cmd
      3. Click on cmd

     

  2. Proof of Lab (Basic Process Forensics)
    • Instructions:
      1. netstat -nao | findstr ":80"
        • Record the Process ID.  Mine is 2216.
      2. tasklist | findstr "2216"
        • Replace (2216) with your Process ID.
      3. date
      4. echo "Your Name"
        • Replace the string "Your Name" with your actual name.
        • e.g., echo "John Gray"
    • Note(FYI):
      • Command #1, Use (netstat) to list all(-a) the tcp (-n) network connections and their process IDs (-o).  Use (findstr) to only display lines that contain the string ":80".
      • Command #2, Use (tasklist) to display all system processes.  Use (findstr) to only display lines that contain the Process ID string "2216". Your Process ID will probably be different.
    • Proof of Lab Instructions:
      1. Do a PrtScn
      2. Paste into a word document
      3. Upload to Moodle


Help ComputerSecurityStudent
pay for continued research,
resources & bandwidth