(Damn Vulnerable Windows XP: Lesson 3)

{ Rearm or Extend Trial Period }

Section 0. Background Information

What is Damn Vulnerable Windows XP?
- This is a Windows XP Virtual Machine that provides a practice environment to conduct ethical penetration testing, vulnerability assessment, exploitation and forensics investigation.
- The Microsoft Software License Terms for the IE VMs are included in the release notes.
- By downloading and using this software, you agree to these license terms.
How Rearm or Extend the Windows XP Trial Period Before expiration?
- Rearming or extending the Windows XP Trail period before the expiration is fairly simply and only requires the following:
  1. Login as Administrator or with an account that has Administrative Privileges.
  2. Open up a command prompt
  3. Type C:\windows\system32\rundll32.exe syssetup,SetupOobeBnk
- Note(FYI):
  - You are allowed to rearm 4 times (120 days), if you do not let each trial period expire.
How to Rearm or Extend the Windows XP Trial Period After expiration?
- Rearming or extending the Windows XP Trail period after the expiration is not difficult, but there are two drawbacks:
  1. You must boot the machine into safe mode, and
  2. You can rearm it 2 more times
- Note(FYI):
  - This lab will teach you how to rearm after the expiration period has occurred.
Pre-Requisite
- Damn Vulnerable Windows XP: Lesson 1: How to create a Damn Vulnerable Windows XP Machine
Lab Notes
- In this lab we will do the following:
  1. Increase VMware Player Bios Boot Delay
  2. Boot into Safe Mode
  3. Rearm Trial Period
  4. Reboot Machine
  5. Verify Machine is Rearmed
Legal Disclaimer
- As a condition of your use of this Web site, you warrant to computersecuritystudent.com that you will not use this Web site for any purpose that is unlawful or that is prohibited by these terms, conditions, and notices.
- In accordance with UCC § 2-316, this product is provided with "no warranties, either express or implied." The information contained is provided "as-is", with "no guarantee of merchantability."
- In addition, this is a teaching website that does not condone malicious behavior of any kind.
- You are on notice, that continuing and/or using this lab outside your "own" test environment is considered malicious and is against the law.
- © 2015 No content replication of any kind is allowed without express written permission.

Section 1. Log into Damn Vulnerable WXP-SP2

Open VMware Player on your windows machine.
- Instructions:
  1. Click the Start Button
  2. Type "vmware player" in the search box
  3. Click on VMware Player
Edit Virtual Machine Settings
- Instructions:
  1. Click on Damn Vulnerable WXP-SP2
  2. Edit Virtual Machine Settings
- Note:
  - Before beginning a lesson it is necessary to check the following VM settings.
Set Network Adapter
- Instructions:
  1. Click on Network Adapter
  2. Click on the radio button "Bridged: Connected directly to the physical network".
  3. Click the OK Button
Start Up Damn Vulnerable WXP-SP2.
- Instructions:
  1. Start Up your VMware Player
  2. Play virtual machine
Logging into Damn Vulnerable WXP-SP2.
- Instructions:
  1. Click on Administrator
  2. Password: Supply Password
    - (See Note)
  3. Press <Enter> or Click the Arrow
- Note(FYI):
  1. Password was created in (Lab 1, Section 1, Step 8)
Windows Product Activation
- Instructions:
  1. Click the No Button
- Note(FYI):
  - If you click the Yes Button, then you will need a license key which you do not have, hence you must click the No Button.
Turn off computer
- Instructions:
  1. Click the Turn Off button in the lower left window
  2. Click the Turn Off button in the pop up window.

Section 2. Increase VMware Player Bios Boot Delay

Open VMware Player on your windows machine.
- Instructions:
  1. Click the Start Button
  2. Type "vmware player" in the search box
  3. Click on VMware Player
Edit Virtual Machine Settings
- Instructions:
  1. Click on Damn Vulnerable WXP-SP2
  2. Edit Virtual Machine Settings
- Note:
  - Before beginning a lesson it is necessary to check the following VM settings.
Copy VM Path Directory
- Instructions:
  1. Click on Options Tab
  2. Click the General Setting
  3. Highlight and Right Click on the Working directory path
  4. Click Copy
Open Notepad (On Host Computer)
- Instructions:
  1. Click the Start Button
  2. Type "notepad" in the search box
  3. Click on Notepad
Open File (Part 1)
- Instructions:
  1. File --> Open
Open File (Part 2)
- Instructions:
  1. Paste VM Path in Navigation Bar (See Picture)
  2. Select All Files
  3. Click on Damn Vulnerable Windows XP-SP2
  4. Click Open
Edit File and Add Delay
- Instructions:
  1. Press <Enter> after the first list .encoding = "UTF-8"
  2. Add the below text on the second line
    - bios.bootdelay = "20000"
- Note:
  - This will introduce a 20 second delay when the virtual machine loads up, giving you plenty of time to press the <F2> to enter Maintenance Mode or to <Esc> and access the boot menu.
Save File
- Instructions:
  1. File --> Save
Exit Notepad
- Instructions:
  1. File --> Exit

Section 3. Boot Windows XP into Safe Mode

Open VMware Player on your windows machine.
- Instructions:
  1. Click the Start Button
  2. Type "vmware player" in the search box
  3. Click on VMware Player
Start Up Damn Vulnerable WXP-SP2.
- Instructions:
  1. Start Up your VMware Player
  2. Play virtual machine
Enter Safe Mode
- Instructions:
  1. Hold down the <F8> key.
- Note(FYI):
  - Just pressing <F8> is not enough, you must hold down the <F8> key until you see the Safe Mode Boot Option Menu in the following step.
Safe Mode Menu Selection
- Instructions:
  1. Arrow Down to Safe Mode with Command Prompt, and press <Enter>
Logging into Damn Vulnerable WXP-SP2.
- Instructions:
  1. Click on Administrator
  2. Password: Supply Password
    - (See Note)
  3. Press <Enter> or Click the Arrow
- Note(FYI):
  1. Password was created in (Lab 1, Section 1, Step 8)

Section 4. Extend Windows XP Trail Period - "Rearm"

Windows XP Extend Trial Period - "Rearm"
- Instructions:
  1. cd C:\WINDOWS\system32
  2. rundll32.exe syssetup,SetupOobeBnk
  3. shutdown -r -t 3
- Note(FYI):
  1. Uppercase "O" after the word Setup, and followed by lowercase "o".
  2. Wait a minute before rebooting to make sure the process completes.
  3. If your XP was expired, and you've rearmed it, then you can rearm it 2 more times with this command.
Boot Machine
- Instructions:
  1. Press <Enter> to bypass the Bios Boot Delay

Section 5. Proof of Lab

Logging into Damn Vulnerable WXP-SP2.
- Instructions:
  1. Click on Administrator
  2. Password: Supply Password
    - (See Note)
  3. Press <Enter> or Click the Arrow
- Note(FYI):
  1. Password was created in (Lab 1, Section 1, Step 8)
Open the Command Prompt
- Instructions:
  1. Click the Start Button
  2. All Programs --> Accessories --> Command Prompt
System Information
- Instructions:
  1. cd "C:\Program Files\Common Files\Microsoft Shared\MSInfo"
  2. msinfo32.exe
  3. Notice the Activation Status says 30 days remain
  4. Click X to Close
Proof of Lab (System Information Report)
- Instructions:
  1. msinfo32.exe /report info.txt
  2. type info.txt | find /i "activation"
  3. date /t
  4. echo "Your Name"
    - Put in your actual name in place of "Your Name"
    - e.g., echo "John Gray"
- Proof of Lab Instructions
  1. Press the <Ctrl> and <Alt> key at the same time.
  2. Press the <PrtScn> key.
  3. Paste into a word document
  4. Upload to Moodle