owaspbwa – web testing fast-track

20 09 2013

WOW – has it really been since January !!!??? – time flies when you are having fun.

Just wanted to share a nice little project I came across when looking for vulnerable web apps etc.

Many many thanks to Mandiant for sponsoring the bundling of so many of these into the one VM. Means you dont have to spend the day setting up each one before you can start playing with them.

https://code.google.com/p/owaspbwa/

https://code.google.com/p/owaspbwa/wiki/UserGuide

All the favorites are there, as well as plenty I hadn’t seen before.

 

Applications designed for learning which guide the user to specific, intentional vulnerabilities.

 

One tip though, if you download the 1.1 VM, make sure you replace the tomcat init script as identified in this BR: https://code.google.com/p/owaspbwa/issues/detail?id=83 otherwise anything that relies on tomcat (WebGoat etc) wont work & instead just give you the following warning:

503 - Service Temporarily Unavailable






VM BIOS Boot Delay

27 01 2012

Just found a nice little line to add to the VMX file.

So instead of having 0.000001 seconds to hit ESC to bring up the boot menu on your VM, you can have it wait xx milliseconds for you.

Just whack this into the bottom of the VMX file to give you 10 seconds for BIOS

bios.bootDelay = “10000”





P2V the VMware way

26 01 2012

VMware converter standalone is a free download:

http://www.vmware.com/products/converter/

Got Yas:
Insufficient permissions to connect to xxxxxxx ADMIN$ for Windows XP machine you are trying to convert

run gpedit.msc

– Computer Configuration

 – Windows Settings

  – Security Settings

   – Local Policies

    – Security Option

     – Network access: Sharing and security model for local accounts

 

By default XP has the Sharing and security model for local accounts set to “Guest only – local users authenticate as Guest” – this needs to be changed to “Classic – local users authenticate as themselves”

This way you can access the machine remotely with the admin account & do the conversion.





Grrr – VMWare NICs !!!

17 01 2012

I use Astaro (www.astaro.com) as my main FW at home running in VMWare – and while it has been great, recently I was having some comms issues. Intermittently wont pass much traffic, some sessions hang etc.

Especially annoying was connecting via RDP to a machine in my DMZ – anyway, started doing some testing with iperf ….

Inside -> DMZ traffic

ash@mon:~$ iperf -t 60 -i 5 -c 10.0.2.240
————————————————————
Client connecting to 10.0.2.240, TCP port 5001
TCP window size: 16.0 KByte (default)
————————————————————
[ 3] local 192.168.0.210 port 42873 connected with 10.0.2.240 port 5001
[ 3] 0.0- 5.0 sec 84.7 MBytes 142 Mbits/sec
[ 3] 5.0-10.0 sec 59.6 MBytes 100 Mbits/sec
[ 3] 10.0-15.0 sec 53.8 MBytes 90.3 Mbits/sec
[ 3] 15.0-20.0 sec 75.4 MBytes 127 Mbits/sec
[ 3] 20.0-25.0 sec 312 KBytes 511 Kbits/sec
[ 3] 25.0-30.0 sec 96.0 KBytes 157 Kbits/sec
[ 3] 30.0-35.0 sec 48.0 KBytes 78.6 Kbits/sec
[ 3] 35.0-40.0 sec 48.0 KBytes 78.6 Kbits/sec
[ 3] 40.0-45.0 sec 192 KBytes 315 Kbits/sec
[ 3] 45.0-50.0 sec 48.0 KBytes 78.6 Kbits/sec
[ 3] 50.0-55.0 sec 712 KBytes 1.17 Mbits/sec
[ 3] 55.0-60.0 sec 48.0 KBytes 78.6 Kbits/sec
[ 3] 0.0-60.6 sec 275 MBytes 38.1 Mbits/sec

Pretty crappy for two VMs connected to the same ESXi host – across a virtual FW also on the same VM host. Starts out great for the first 10 seconds & then dies in the ass.

Anyway – some googling later & I found a post about the results of changing the NICs from Flexible to E1000 under VMWare – couldnt hurt, so made the switch and voila – problem solved

ash@mon:~$ iperf -t 60 -i 5 -c 10.0.2.240
————————————————————
Client connecting to 10.0.2.240, TCP port 5001
TCP window size: 16.0 KByte (default)
————————————————————
[ 3] local 192.168.0.210 port 53361 connected with 10.0.2.240 port 5001
[ 3] 0.0- 5.0 sec 95.0 MBytes 159 Mbits/sec
[ 3] 5.0-10.0 sec 83.4 MBytes 140 Mbits/sec
[ 3] 10.0-15.0 sec 99.4 MBytes 167 Mbits/sec
[ 3] 15.0-20.0 sec 96.4 MBytes 162 Mbits/sec
[ 3] 20.0-25.0 sec 99.7 MBytes 167 Mbits/sec
[ 3] 25.0-30.0 sec 92.8 MBytes 156 Mbits/sec
[ 3] 30.0-35.0 sec 90.5 MBytes 152 Mbits/sec
[ 3] 35.0-40.0 sec 90.0 MBytes 151 Mbits/sec
[ 3] 40.0-45.0 sec 94.9 MBytes 159 Mbits/sec
[ 3] 45.0-50.0 sec 90.6 MBytes 152 Mbits/sec
[ 3] 50.0-55.0 sec 90.5 MBytes 152 Mbits/sec
[ 3] 55.0-60.0 sec 84.1 MBytes 141 Mbits/sec
[ 3] 0.0-60.0 sec 1.08 GBytes 155 Mbits/sec

Muuuuch better – 155 Mbits/sec is more like it.

So – if you are having comms issues with VMs – check your NIC “Hardware” – reading through the KB article http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1001805 – it becomes pretty clear why its crap:

Setting the NIC to Flexible works well if you have the VMWare Tools / Drivers loaded – but if you dont, its a 10Mbps NIC – and performs as such.

•Vlance — An emulated version of the AMD 79C970 PCnet32- LANCE NIC, an older 10Mbps NIC with drivers available in most 32-bit guest operating systems except Windows Vista and later. A virtual machine configured with this network adapter can use its network immediately.

•VMXNET — The VMXNET virtual network adapter has no physical counterpart. VMXNET is optimized for performance in a virtual machine. Because operating system vendors do not provide built-in drivers for this card, you must install VMware Tools to have a driver for the VMXNET network adapter available.

•Flexible — The Flexible network adapter identifies itself as a Vlance adapter when a virtual machine boots, but initializes itself and functions as either a Vlance or a VMXNET adapter, depending on which driver initializes it. With VMware Tools installed, the VMXNET driver changes the Vlance adapter to the higher performance VMXNET adapter.

•E1000 — An emulated version of the Intel 82545EM Gigabit Ethernet NIC. A driver for this NIC is not included with all guest operating systems. Typically Linux versions 2.4.19 and later, Windows XP Professional x64 Edition and later, and Windows Server 2003 (32-bit) and later include the E1000 driver.

Loading VMWare Tools = Flexible
No VMWare Tools = E1000





bigger, better, faster, more VMware

19 07 2011

No, before we even start, this is not a blog post about the 4 Non Blondes album.

This is a documentation of my mind numbing, soul destroying search for the best performing configuration with the hardware I have in my lab.

I have spent countless hours / days / weeks building, breaking & rebuilding my VM Lab (thankfully I have an understanding wife & daughter).

Hardware primarily consists of:

2x HP Proliant N36L Microservers (Athlon II Neo Dual Core 1.3) (8GB RAM in one box / 2GB in the other).
2x HP DC7100 Desktops (P4 2.8 / 2GB RAM)
1x Dell Precision 370 (P4 3.0 / 4GB RAM)
Cisco 2950 (24×10/100 + 2×1000)

Add to this an assortment of older F5’s / dual P3 pizza boxes & other no name kit – and I have a playground full of toys.

I have been using unRAID for the past few years on various hardware platforms. This has been mainly for storing media, ISO’s & providing a backup target for the various laptops & workstations around the house.

Recently I picked up the two HP N36L Microservers, the 8GB one is my primary VMware ESXi 4.1 host and the 2GB server is running unRAID. Just having the second box sitting there running unRAID seems a little under-utilised to me, the disks are in standby most of the time (thanks to netflix) – and it just hasnt been getting the workout I think it deserves.

So – enter the newest project – whats the best solution for storing media / ISO’s / Backups / VMs etc – I want to be able to use either iSCSI or NFS to play with vMotion of VMs when I finish building my VMware test lab to finish my VCP – I want it fast, but I want it protected in case a disk fails.

I have tested & played with the following in my quest:

Storage Systems:
FreeNAS 7 & 8 (Physical & Virtual)
Openfiler (Physical & Virtual)
Nexenta (Physical & Virtual)
unRAID Physical (Virtual not supported due to USB GUID licensing)

Presentation to Client Machines:
Local storage in the ESXi host presented to Windows 7 VM
iSCSI Raw Device Mappings presented to Windows 7 VM
iSCSI Presented to ESXi -> VMFS-3 filesystem -> VMDK presented to Windows 7 VM
iSCSI Presented to Physical Windows 7 Client
NFS Presented to ESXi -> VMDK presented to Windows 7 VM
CIFS/SMB Presented to Physical Windows 7 Client

I have been using a single test scenario on each config – using Iometer – with the file & results formatted from http://vmktree.org/iometer/

First I want to benchtest them for performance, then to setup the best solution that is a mix of performance & redundancy.

Sounds impossible – im gonna try.

For the performance benchtesting – I decided to go with a 2 spindle ZFS striped config, tested from Windows 7 Clients
Physical Client: HP DC7100
Physical FreeNAS: HP N36L(2GBRAM / 1TB WD Green / 2TB WD Green )

I have mismatched sizes as thats the hardware I have free at the moment. If I find a compelling reason why this wont work, then I may get a second 2TB disk to match. I am using WD Green disks for their low power / cooler running – comodity hardware.

Scenario 1 – Physical FreeNAS 7 with iSCSI
Physical Client -> iSCSI on Physical NAS
Virtual Client -> VMDK on ESXi -> iSCSI Physical NAS

Scenario 2 – Physical FreeNAS 7 with NFS & CIFS/SMB
Physical Client -> CIFS/SMB on Physical NAS (Usual windows sharing type scenario)
Virtual Client -> VMDK on ESXi -> NFS Physical NAS

Scenario 3 – Virtualised FreeNAS 7 with iSCSI
* Physical Disks formatted with VMFS-3, with VMDK presented to FreeNAS VM
Physical Client -> iSCSI on Virtual NAS
Virtual Client -> VMDK on ESXi -> iSCSI Virtual NAS

Scenario 4 – Virtualised FreeNAS 7 with NFS & CIFS/SMB
* Physical Disks formatted with VMFS-3, with VMDK presented to FreeNAS VM
Physical Client -> CIFS/SMB on Virtual NAS
Virtual Client -> VMDK on ESXi -> iSCSI Virtual NAS

Scenario 5 – Virtualised FreeNAS 7 with iSCSI
* Physical Disks presented via Physical RDM passthrough to FreeNAS VM
* RDM Config thanks to http://www.vm-help.com/esx40i/SATA_RDMs.php
* RDM passthrough used to enable SMART monitoring from the FreeNAS VM – very cool
Physical Client -> iSCSI on Virtual NAS
Virtual Client -> VMDK on ESXi -> iSCSI Virtual NAS

Scenario 6 – Virtualised FreeNAS 7 with NFS & CIFS/SMB
* Physical Disks presented via Physical RDM passthrough to FreeNAS VM
* RDM Config thanks to http://www.vm-help.com/esx40i/SATA_RDMs.php
* RDM passthrough used to enable SMART monitoring from the FreeNAS VM – very cool
Physical Client -> CIFS/SMB on Virtual NAS
Virtual Client -> VMDK on ESXi -> iSCSI Virtual NAS

I will be adding follow up posts with the performance results, the PRO’s & CON’s (in my view) with each of these scenarios. Feel free to add comments & kick off discussions about this project.





vsphere client on Windows 7

9 03 2011

So as it always seems to happen, the few apps you really want to work …. dont.

I loaded up the vSphere client under Windows 7 & it failed to connect to my ESXi host, nor would it connect to my Virtual Centre server.

It just fell in a heap with the following errors ……

“Error parsing the server “server name” clients.xml” file.”

and

“The type initializer for ‘VirtualInfrastructure.Utils.HttpWebRequestProxy’ threw an exception.”

After much Google trawling later, I came across the solution.

  • Create lib folder under the Launcher folder

C:\Program Files\VMware\Infrastructure\Virtual Infrastructure Client\Launcher\lib

  • Copy system.dll into the lib folder, or if you prefer to grab your own dll from the %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\ directory of a Windows XP machine with .NET v3.5 SP1 installed.

C:\Program Files\VMware\Infrastructure\Virtual Infrastructure Client\Launcher

The only change in the config file is the addition of the following lines:

<runtime>
<developmentMode developerInstallation=”true”/>
</runtime>

before the last </configuration> close tag.

  • Create a new system variable

DEVPATH=C:\Program Files\VMware\Infrastructure\Virtual Infrastructure Client\Launcher\lib

  • Change the VpxClient.exe app to run as an administrator:

If all things went well – you should now just be able to launch the vSphere client & admin your machines as you did before.





VMware vCenter memory usage issues – tomcat6

10 07 2010

So my vCenter was constantly alerting on memory usage, no matter how much memory I assigned to it. Looking in the process list “tomcat6” was using as much available memory as I fed it …. a little searching of the interwebs & I came across the following, which resolved the issues.

Update: as per http://deinoscloud.wordpress.com/2009/11/30/tomcat-for-vcenter-memory-tuning/ a couple of Jvm memory parameters are pre-set for the vcenter tomcat6 instance.

Removing the fixed-allocation settings in the registry seems to have the desired affect of keeping the tomcat6 memory usage to a more “normal” amount

Locate the following registry key, for either x64 or x86 systems

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Apache Software Foundation\Procrun 2.0\vctomcat\Parameters\Java

HKEY_LOCAL_MACHINE\SOFTWARE\Apache Software Foundation\Procrun 2.0\vctomcat\Parameters\Java

And set each value to 0x0 and restart the vCenter Webservices service

JvmMs = 0x0

JvmMx = 0x0

JvmSs = 0x0

via VMware Communities: vServer – tomcat6 memory usage HIGH ….