Vulnerable Windows virtual machines to hack

There are plenty of vulnerable virtual machines to practice your hacking skills available on vulnhub.com, but they’re all Linux boxes. If you’d like to practice on Windows, Microsoft has made available for download Windows XP with Internet Explorer 6, up through Windows 10 with the Edge browser. These 90 day trials are are available in formats to use in Windows, Mac, and Linux running hypervisors including VirtualBox, Vagrant, Hyper-V, VPC, Parallels, and VMware.

Although Microsoft made these virtual machines available to test browser versions with your website and may not have intended to make these available for purposes including hacking, these virtual machines include vulnerable versions of Internet Explorer, as well as missing operating system updates.

Visit the Microsoft Developer Website to download the virtual machines.

First, choose your operating system: Windows, Mac, or Linux.

Next, choose the virtual machine operating system and Internet Explorer version.
Finally, choose your hypervisor and download.
Known Issue: Windows 10 virtual machines may display a message in the Settings app that reads
“Connect to the Internet to activate.” This is due to a bug and does not impact the activation state or
functionality of the virtual machine.
Login Information (for Windows Vista, 7, 8, 10 VMs): IEUser, Passw0rd!
Instructions to set password for XP VMs:
1. Using virtualization platform of choice, load the XP VM
2. Go to Control Panel | User Accounts
3. Select IEUser
4. Select “Create a password” link and enter the desired password 

How to Install Kali Nethunter 3 on a Nexus 7

The steps outlined at Offensive Security’s Nethunter wiki were incomplete or vague in some spots so I’m going to outline what worked for me. I’m using a 2013 Nexus 7 in my instructions.

Put your device in Developer Mode:

This is done by navigating to Settings -> About and tapping on the Build number field 7 times until you receive the notification that developer mode has been enabled. Go back to the main settings page and you will have a new section titled Developer options. Tap on the new Developer options section and enable both the Advanced Reboot and Android Debugging options.

Unlocking and Rooting Your Android Device:

For first time installations, it is usually best to completely flash your device “to stock” and bring it to a known-good state. This will ensure as painless an installation as possible, removing many of the variables that would cause an incomplete or failed installation. While there are many ways to unlock and root your Android devices, we chose to use the Windows based “Boot Rootkit” by WugFresh.

Download the Nexus Root Toolkit.

Download and install the NRT and execute it for the first time. Once loaded, click the Full Driver Installation Guide button. A Window with installation instructions will pop up – it is vital you read these instructions very carefully and follow them slowly. Once you have successfully completed a Full Driver Test in Step 4, proceed with the next step.

Flashing Back to Stock:

I found this post that said use Android 5.1.1 build LMY48M if you want to use Nethunter 3.0.

I used the NRT and chose Restore/Upgrade/Downgrade, and Device is on/Normal. I chose the build referenced above and let it download and install for me.

Now you need to go back and follow the steps above to unlock and root the device again. Make sure that “And also flash: Custom Recover” is checked.

Now download the appropriate Nethunter installation package from here. For my 2013 Nexus 7 running Android 5.1.1 build LMY48M I chose Nexus 7 2013 Lollipop. After its finished downloading, you need to copy it to the root of the Nexus file system.

Shutdown the device and hold down the power and volume down button it will boot into the boot loader. Use volume buttons to navigate to recovery and power to enter. After booting into recovery select install button,select the nethunter.zip swipe to flash and wait until it finishes. You’ll be promted to install some packages. Choose the ones you want and accept the defaults. You can’t go wrong here.

When it’s finished, it will say “Zip Install Complete” near the top. Press the button to “Reboot System”.

Enjoy Kali Nethunter on your Nexus 7!

Upgrading CUCM Call Manager from 9.1.2.11018-1 to 10.5 and above

Cisco Unified Communications Manager upgrade RSA Version-3 keys COP file

This update is a required intermediate step before upgrading to version 10.5 and above if the UCM servers are below version 9.1.2.11018-1.

To improve software integrity protection, new RSA keys are being used to sign Cisco Unified Communications Manager releases and any of their associated updates such as Phone Firmware, Device Packages, DST Updates, Locales, Dialplans, or any other update that can be applied to the system.

Time to complete the update is about two minutes minus preparation time.

Proceed at your own risk! These steps worked for me but I provide no support and take no responsibility for anything that goes wrong!

Step 1: Download ciscocm.version3-keys.cop
Step 2: Copy the upgrade file above to a writeable CD or DVD, or an ISO file if your CUCM is virtual.
Step 3: Insert the new CD or DVD into the disc drive on the local server that is to be upgraded.
Step 4: Open Cisco Unified Communications Operating System Administration directly by entering the following URL:
http://server-name/cmplatform
where server-name is the host name or IP address of the admin server.
Step 5: Enter your OS Administrator username and password.
Step 6: Choose Software Upgrades > Install/Upgrade.
Step 7: For the software location source, choose DVD/CD.
Step 8: If you burned the patch file to a subdirectory on the CD or DVD, enter the path in the Directory field.
Step 9: To continue the upgrade process, click Next.
Step 10: Choose “ciscocm.version3-keys.cop.sgn” and click Next.
Step 11: In the next window, monitor the progress of the download, which includes the filename and the number of
megabytes that are getting transferred.
When the download completes, the Checksum window displays.
Step 12: Verify the checksum value:
95a676f969777f72bfe82fa0ffd896fa
Step 13: After determining that the cheksums match, click Next to proceed with the software upgrade.
A Warning window displays the selected option.
Step 14: Click Install.
The Install Status window displays the Install log.
Step 15: When the installation completes, click Finish
Step 16: Verify the COP file version using this command from the CLI:
admin:show version active
Active Master Version: 8.6.2.xxxxx-xx <– Note: 8.6.2 is shown for example only; your version may vary
Active Version Installed Software Options:
cmterm-9971.9-0-3ES-1.cop <– Note: Other COP files such as this may or may not already be present on your system
ciscocm.version3-keys.cop

Call Manager disk cleanup and size reallocation

Version 10 and later CUCM virtual machine ovf has grown from 80 to 110 GB. I have read accounts of the upgrade from 9.1.x to 10.x failing because of a lack of space. This procedure is for virtual CUCM servers.
1. I strongly suggest that you take a storage snapshot before performing this upgrade. You can’t take a VMware snapshot because you would then be prohibited from increasing the disk size. It would be greyed out.

2. (UCM 9.1 and earlier only) Install the ciscocm.vmware-disk-size-reallocation-1.0.cop.sgn COP file.
3. Shutdown guest VM
4. Open VMware Infrastructure (VI) Client and connect to VirtualCenter or the ESX host.
5. Right-click the virtual machine.
6. Click Edit Settings.
7. Select Virtual Disk.
8. Increase the size of the disk to 110GB.
9. Power on guest VM.