Let's get started with video 24. Right click the Ubuntu Desktop VM and select >_Console to launch the environment with NoVNC. Log in with the user name "sandbox" and the password "password". This is the machine running the web server.
Since we don't know which web server is actually running we'll need to find out. To do so, we can check the status of the three most likely ones to be installed. Open a terminal and run systemctl status apache2. You'll see that it returns a status of inactive. This means it is indeed installed but is not quite running yet. You can also run systemctl status nginx or systemctl status httpd to see if those are installed. As you can see, they are not, which tells us that we're just going to be dealing with Apache2 here.
You can also check under the /etc/ directory to see what is installed on the computer. If you do, you'll see there is no directory for nginx or httpd, but there is for apache2.
So now we need to get apache2 running. To do that, we'll need elevated permissions, so we run the command sudo systemctl start apache2. We can check that it's running by executing systemctl status apache2 again.
Hit Q on your keyboard to get out of that prompt.
Back in video 20, we had to assign the Ubuntu machine an IP address. The way the environment is set up is that Ubuntu uses 192.168..2/24 as it's primary IP address. To get your team number you'll have to start up the External Kali VM. Right click it and select >_Console just like before.
Now we need to open up the web browser by clicking the Kali logo in the top left corner of the machine's screen and selecting Web Browser from the right column when Favorites is highlighted.
When it opens, click the first bookmark. It will bring you to 172.20.0.1. In the URL bar add /dashboard to the end of the IP. This is where we will see our team number and a small diagram of how the network is set up.
Now that we know our team number we can go back to Ubuntu and edit the file /etc/netplan/01-network-manager-all.yaml with sudo privileges. Add the following to the file, being mindful of the leading spaces/indentations on each line.
ethernets: ens18: addresses: - 192.168..2/24 ens18 is the name of our network adapter. Save and close the file, and make sure to apply the changes with sudo netplan apply. You can then run ip a and see that your VM has an IP address now.
Open Firefox and navigate to the URL 192.168..2 (in my case, 235). You'll see a bit of text there once the page loads: "This file is owned by: team0." Part of this challenge is to change that text to make it read our own team number instead of team0. As we know, Apache hosts it's websites in /var/www/html by default, and ls'ing that directory shows us that there's a index.html file with that very same text in it. By opening up that file with nano and replacing the 0 at the end with our team number, we can refresh the page in Firefox and see now that it has been updated server-side.
It's time to go backwards now to video 18 where we change some configuration settings on the network interface there. Open Kali External back up if you don't have it running and open another terminal. Open the file /etc/network/interfaces with whatever text editor you like and delete the 2nd small block of text, the two lines that start with auto and iface. Leave the first little block alone, and where the 2nd block was, put the following: auto eth0 iface eth0 inet static address: 172.20..100 netmask 255.255.0.0
We pulled this information from the network map given to use on the c2games dashboard. Save the file and back at the terminal restart your network with sudo systemctl restart networking. Double check that the changes you made were successfully applied by running ip a again and checking that the eth0 interface does indeed have the new IP address you just gave it in the interfaces configuration file.
Jumping forward to video 44, now we're going to launch the MikroTik Router VM and configure it with some more IP addresses. To do this, login with the user 'admin' and a blank password. Then it will ask you what you want your new password to be, and in this instance we'll just use 'password' as our password. If this were a real production, obviously please use something much more secure as your password.
Now we need to configure the external and internet network adapters with their respective IPs. Run a quick /ip address print and you'll see that nothing is returned. Next run /interface print. This will give you the names of our two network adapters, 'ether5' and 'ether6'. Now that we know their names we can set up some Ips. For external we'll go with /ip address add address=172.20.235.1/16 interface=ether5 and then for internal run /ip address add address=192.168.235.2/24 interface=ether6. Again, we got these addresses from the network diagram on the scoring dashboard they set up for us in the external Kali machine. Let's run /ip address print again and you'll see our two network adapters are set with their addresses.
Jump back onto the external Kali and open up your Firefox if it's not already. Navigate to 172.20.0.1:8080 -- this is the web GUI for further MikroTik configuration which makes things much easier now. Log in with admin/password and go through the quick set, setting the gateway to 172.0.0.1, toggle on "Bridge All LAN Ports" and "NAT", and hit the Apply Configuration button.
Now we'll hit that Port Mapping button and set up some port forwarding. Click New, call it www-tcp, put 80 in for the port, 192.168.235.2 for the To Address and 80 again for the To Port.
Pretty much the same thing for UDP, but call it www-udp and tick the UDP box instead of TCP.
Hop back to the Ubuntu machine and restart Apache again with sudo systemctl restart apache2 just for kicks and giggles. If you check the C2Games Sandbox Scoreboard now, you should now see green lights across the whole board. Congratulations! You completed the challenge.
