How to install Web for Pentester VM in Oracle Virtual Box

Web for Pentester is a pre-configured Virtual Machine ISO prepared for practicing Web Pentesting by PentesterLab. They also provide a course about Web penetration testing along with it. The course page can be found here. So its highly recommended to reviewing the course material to get a better understanding of the topic. This particular vulnerable VM focuses on web application pentesting and its fundamental elements. You can download the VM ISO from here.

Note : Some screenshots are small in sizes, so to saw them in big size please click on it.

Direct Download Link :  https://pentesterlab.com/exercises/web_for_pentester/iso

Now in order to use the provided VM, first you need to insatll the Virtualization software like Oracle Virtualbox. To install virtual box please check my previous post : Virtual Box Installation. Now start virtualbox and Click on "File >> Host Network Manager"

Now at new window click on Create button to create a new Host network adapter, then click on Properties button

Now at at adapter properties which is below side of the window, click on the radio button 'Configure Adapter Manually' then put the configuration as given below

IPv4 Address : 192.168.56.1
IPv4 Network Mask : 255.255.255.0
IPv6 Prefix Length : 0

Now click on the 'DHCP Server' tab and check the 'Enable Server' check box as given below :

Server Address : 192.168.56.1
Server mask : 255.255.255.0
Lower Address Bound : 192.168.56.101
Upper Address Bound : 192.168.56.254

click on the Close button. Now click on New button in Virtualbox and put the following details and click next button.

Name : PentesterLab
Type : Linux
Version : Ubuntu (32-bit)

Now at Memory Size window set memory size to 256 MB and click next

Now at next window click Create button

Again click on next button twice.

Now at Virtualbox main window select the PentesterLab VM and right click on it and open Settings option

Click on Network Tab at right side of the window, now at here check the Enable Network Adapter box and at Attached to choose Host-only Adapter, and in Name box your host-only adapter name is appear vboxnet0 or vboxnet1 something.

After that click on the Storage tab at right side of the window, at here on the Storage Devices panel under the Controller IDE select the Empty  attachment.

Now at the left side of the window check the Live CD/DVD check box and click on the CD button and then click "Choose virtual optical disk file" and select your downloaded Web for Pentester cd image file and then click open button, after that click OK button.

Now at virtual box main window select the VM and click on the start button to start PentesterLab VM, and wait until the boot-up process is completed.

Then click on the VM and type the command 'ifconfig eth0' to know the IP address of VM

 $ ifconfig eth0

The IP address of VM is 192.168.56.102 (Note : in your system it may be 192.168.56.101 or something else). Now start your Web browser and put your ip address in the address bar like below

 http://192.168.56.102/

and press enter

and thats it. we have successfully installed Web for Pentester VM in our system.



Conclusion : 

In this post we installed Web for Pentester VM. Theres are also various pre-configured VMs are available for prectice, such as Metasploitable2, OWASPBWA etc. To install metasploitable2 in Oracle Virtualbox please visit our previous post : here.


Links :

Web for Pentester VM :  https://pentesterlab.com/exercises/web_for_pentester
Web for Pentester Course : https://pentesterlab.com/exercises/web_for_pentester/course
PentesterLab : https://www.pentesterlab.com