Creating a Windows 7 Buffer Overflow Practice VM in VirtualBox

In this module, we will look at creating a vulnerable Windows 7 VM in VirtualBox that will run some applications which are vulnerable to 32-bit stack-based buffer overflows

8 months ago   •   4 min read

By 0xBEN
Table of contents

This module is a part of a larger series of building a security lab in VirtualBox. Click here to be taken back to the series landing page.

Building a Security Lab in VirtualBox
In this post, we we will take a look at an in-detail process of setting up an entry-level cybersecurity lab using VirtualBox




Overview

In order to initially set up the VM, it is going to require internet access. I would recommend putting on the same LAN as Kali just to give it Internet access while you get things set up. Once the VM is set up and you have a snapshot taken, put it on the Isolated LAN.

You can refer back to Getting Windows ISOs if you need a Windows 7 image. I recommend a 64-bit image for your VM in case you want to graduate up to 64-bit buffer overflows.

Installation

  1. Turn on the VM
  2. Install using the 64 bit Windows 7 .ISO file
  3. Create a user account
  4. Once signed in, follow the steps below




Disable Windows Firewall

Open the Start Menu and search for Control Panel

Click System Security

Click Windows Firewall

Turn off both zones





Disable Windows Updates





Disable Windows Defender

In the Control Panel, click the View by option

Change this to small icons.

Go to Tools > Options

Uncheck this box

Click Administrator and uncheck this box

Click Save





Uninstall Security Updates

I wrote a script for just this purpose. All the instructions for running the script can be found on the GitHub repo.

GitHub - 0xBEN/RemoveWindowsSecurityPatches: PowerShell script that can be used to create vulnerable Windows targets.
PowerShell script that can be used to create vulnerable Windows targets. - GitHub - 0xBEN/RemoveWindowsSecurityPatches: PowerShell script that can be used to create vulnerable Windows targets.




Install Prerequisites on the VM

  • Google Chrome (or any browser other than IE)
  • Git (for cloning mona.py)
  • Python 2.7
  • Immunity Debugger
  • Mona.py (Goes in C:\Program Files (x86)\Immunity Inc\Immunity Debugger\PyCommands)
  • 7-Zip
  • Runtime libraries for vulnerable apps (some programs might require this)




Install a Vulnerable App on the VM





Take a Snapshot of the VM

Take a snapshot of the VM in its current state, so that you can revert to a clean slate after running some exploits on the VM, or if any licensing or activation issues occur.





Next Step: Adding Another Interface to pfSense

Adding Another Interface to pfSense in VirtualBox
In this module, we will look at the process of adding an additional interface to the pfSense VM when the VirtualBox GUI only shows four available interfaces.

Spread the word

Keep reading