DDE_Server

Level 16
Verified
Any one here succeeded in creating windows virtual machine inside Linux system which inside VMware workstation ??
When I was watching hackersploit channel for malware analysis I was advised to use Linux system as host and windows as a guest to reduce the probability of infection by the malware samples which I test
I was already have Kali Linux vm which was created in vmware workstation pro 15 for learning purpose so i decided to create windows vm using virtual box installed from the official repository (create nested vm using different hypervisor's to decrease the possibility of exploitation with certain bug if fount in one of vm creators to not to be repeated in other (I am paranoid man)
So I stuck at the step in creating the another vm I had many challenges as listed below :
  1. I want to move the windows 7 iso inside Kali Linux to create the windows vm using virtual box ( although I enabled drag and drop and copy I face a problem in moving them .
  2. I want to know the way to move the compressed malware sample from my hostt to Linux guest then to windows guest
 
Last edited:

Local Host

Level 20
Verified
The VM is supposed to already be running isolated from the Host, that is one of their main purposes after all.

So the host being Windows or Linux makes no difference whasoever, just don't connect the VM to the Host whasoever (like shared filesystems) and such.
 

DDE_Server

Level 16
Verified
i
The VM is supposed to already be running isolated from the Host, that is one of their main purposes after all.

So the host being Windows or Linux makes no difference whasoever, just don't connect the VM to the Host whasoever (like shared filesystems) and such.
disabled share access but i want to know for network isolation i want to know which is the option NAT or host only although host only is block network access but some malware need network access for C&C server so i want to my network to be isolated to avoid any network infection
 

SeriousHoax

Level 22
Verified
Malware Tester
Personally I think you don't need to go through all these VMs. Just test malwares on your VM and connect to a VPN on your host machine and everything probably should be fine. If you're still paranoid maybe for VPN you may use the Double VPN feature of Nord VPN. Check this: Double VPN
 

Andrew3000

Level 6
Verified
Malware Tester
Yes, you have to use NAT. Host only will completely cut off your internet access. Remember to use a VPN on your main host PC. Technically, NAT + VPN + all types of networks/folders sharing disabled and USB controller disabled should be enough. For greater security if you want you can disable the D&D (drag and drop and copy & paste in both directions). In my opinion there is no need to worry, the VMs are designed to isolate themselves from the main system. If you have a router that supports the ability to enable the guest host/subnetting network you can connect momentarily there while running your tests.
P.S. It is difficult that malware can exit the VM, generally they have to use a sort of exploit so remember to update the VM often!
 

DDE_Server

Level 16
Verified
thanks a lot yes i am using latest update of Vmware workstation 15
Yes, you have to use NAT. Host only will completely cut off your internet access. Remember to use a VPN on your main host PC. Technically, NAT + VPN + all types of networks/folders sharing disabled and USB controller disabled should be enough. For greater security if you want you can disable the D&D (drag and drop and copy & paste in both directions). In my opinion there is no need to worry, the VMs are designed to isolate themselves from the main system. If you have a router that supports the ability to enable the guest host/subnetting network you can connect momentarily there while running your tests.
P.S. It is difficult that malware can exit the VM, generally they have to use a sort of exploit so remember to update the VM often!