Penetration testing requires the use of skills that take time and practice to perfect. To encourage the absorption of the material within this chapter, we will be adding a load balanced instance of an intentionally vulnerable Linux distribution to our lab. We will also use our Ubuntu virtual machine to host Mutillidae (provided to the community at http://www.irongeek.com/), which is a web-based application with intentional security flaws which we will then exploit.
If you worked your way through the chapters of this book, you will already be familiar with Kioptrix Level 1. We now move on to a more advanced Kioptrix distribution, that has been made available to the community by Steven McElrea (aka loneferret) and Richard Dinelle (aka haken29a ) of the www.kioptrix.com team.
In order to follow along with the examples in this chapter, the virtual lab will need to be configured as follows:
Kali Linux: This has to be connected to internal network
VMnet9
KioptrixVM Level...