Howto: Import TCM PEH Capstone Machine 'Blue' into Proxmox
By SecBurg
I’m currently doing the Practical Ethical Hacking Course on the TCM Security Academy.
When reaching the chapter New Capstone, you’ll get access to some downloadable virtual machines, on which you can practically test what you’ve learned before.
Since I’m using Proxmox in my Homelab, I wanted to import the Capstone machine called “Blue” into my Proxmox environment.
Spoiler for the machine 'Blue'
It’s a Windows 7 machine, vulnerable to “Eternal Blue”.
You can easily confirm this via Metasploit (with module scanner/smb/smb_ms17_010) or with nmap:
nmap -p 139,445 --script smb-vuln* IP_OF_MACHINE
The 7z-archive from TCM contains an OVF file, as well as the disk image in vmdk format.
So the first steps are:
- upload the files of the archive to the Proxmox-host into the “import"-directory via scp
- use the “Import Wizard” or the CLI from Proxmox to import the OVF
When you now try to start the machine, it miserably fails with a blue screen, and opens the “Windows Error Recovery”. Whatever option you choose here, it just won’t start - and you’ve to hard poweroff the machine.
The culprit is the harddisk, which is connected via a (virtual) SCSI controller.
Here’s how to fix it:
- poweroff the machine
- choose the harddisk, click on “Detach”, confirm with “Yes”
- double click on the now unused harddisk, choose “SATA”, and click “Add”
Now you can finally boot the machine.
Happy Hacking! :-)