VMware Workstation

View Only

VMWare subnets

Nick Perks posted Nov 22, 2024 11:27 AM

Hi, I've asked a question before about a network that I'm trying to build in GN3 but incorporating VMWare virtual machines. The reason I'm doing this is that I'm following a course in networking and the lecture is about using Kali to attach DHCP. The network that I've kind of built is this:

When I created the network I ran into all sorts of problems with VMWare subnets and I'm not sure that I currently understand what they are doing. As far as I understand GN3 uses a VMWare VM to model the network which has one subnet in VMWare and uses DHCP. When I added the Kali VM and Windows 10 VM I thought that they would use the same subnet but I was wrong. So I changed them to use VMnet2 and changed the subnet to 10.1.1.0/24. However, I could not attach both of the Virtual machines to the same subnet as there was an error in GN3:

So I added a new subnet in VMWare but was informed that it couldn't use the same ip subnet as another VMWare subnet. So I created VMnet3 with an ip address of 10.1.2.0/24. I connected the Windows 10 machine to VMnet2 and the Kali VM to VMet3 and this seemed to work as I could now create the network and both VMs picked up an ip address from the DHCP server R1.

The next part of the lecture was to use the Yersinia on the Kali machine to launch a DHCP attack exhausting all the ip addresses of the DHCP server R1 which it did. The Windows VM was then started and I attempted to create a DHCP rogue server. However, this failed and I'm not sure why:

I'm not really sure why it failed but I don't really understand what VMWare workstation is doing when it is opened in GN3. From my limited understanding of networks I thought all of the machines had to be on the same subnet and yet the GN3 VM, the Windows VM and the Kali VM are all on different subnets and yet they appear to be on the same subnet when they are opened in GN3. How does that work? My only thought for the reason Yersinia is failing is that the Kali VM is in actual fact on a different subnet to the Windows VM even though it appears to be on the same subnet in GN3. I was hoping that somebody could explain this to me and even better offer some advice as to why the Kali attack is failing.

Thanks

RaSystemlord posted Nov 22, 2024 12:15 PM

I don't know enough about networking so that I could answer your questions, but ...

... you brought it up already earlier. I was thinking of commenting back then, that your picture misses the key elements of creating subnets - DHCP servers what you have and where you don't have them.

R1 to my understanding, is a hardware piece that has a DHCP server (active) and gives addresses to a subnet. To my understanding R2 is PC of some kind and that gets the IP address from the R1 DHCP server. I don't see any other pieces of hardware in that subnet.

Your VMware is software running on R2 - that's the octopussy in the drawing. VMware (Pro or Player) has a couple of DHCP servers, which can be configured in Virtual Network Editor. That can be used if you load the Pro version - even if the Evaluation period will be exceeded and you use Player afterwards (or all the time since it is always installed too). I will NOT go into the discussion of Free everything-VMware and how they work and where to download those ... you need to look up the other discussions for that and also I haven't used any of that new stuff (sticking to commercial 17.5.2 which I have had for a long time).

Now, your R2-VMware has NAT Network. It is VMnet8 or something, see it from the Editor. ALL those computers belonging to this NAT network are in the same subnet. They CAN be connected to each other. Whether they WILL connect, just like that, depends on each operating system. Everybody will see physical computer. Physical computer might NOT see every NAT computer - because they might be copies and copies might have the same identity network-wise and that is a no-no and confuses the Windows Host. They will NOT have same IPs, not because they are in the NAT, unless you have used (the same) fixed ip-addresses.

Now that why physical computer might not see a NAT computer OR why NAT computers might not see each other - depends on the OS. With Windows, you have a "hosts" file, where you can say which ip is which computer - that will force that (and don't forget that you had them). If not obvious, NAT computers can change their IP depending on the Lease time. I usually don't care about the Lease time, but instead give them fixed IPs, they must be in the NAT address space, and then they will work "forever" and always see each other. IP is two-way - they need to see each other both ways, otherwise many IP-dependent thingies don't work. Don't be fooled by ping - that might work when you just edit the "hosts" file, however, something like Windows filesharing might NOT work, until you reboot (and there might be finer things than reboot to get it running). Now in Linux, like Kali, you have other things than the Windows HOSTS file (in C:\Windows\System32\drivers\etc) to do the same thing. You need to look that up from the particular distro (and yes, in Linux there certainly is a better way to restart the networking that rebooting the whole thing).

In VMware Host-only networking you can do basically the same thing, they say. I have never used that since then I couldn't get into interwebs from the VM computer and for me that would be a useless scenario. Maybe for you it would be an interesting scenario.

You can get into a computer in the same network as the Host, when in NAT VM, like with Windows-type-of-filesharing. That might be dependent on Host OS and setups, but generally speaking it works, if the Host is setup for that, too. This might not be anything you are now doing - but could be useful. Vice-versa, does not work by default - that's the minor protection of the subnet.

I hope this explains somewhat.

RaSystemlord posted Nov 23, 2024 06:00 AM

I want to add one thing - when you start to use Fixed IPs:

- be careful to add correct values. See what they are now. Fixed needs to be outside the range of DHCP...often that is defined by default in a ridiculous way not to allow any range outside it. Change the range in that case.
- please notice that every Upgrade or Reinstall of VMware, has the tendency to rearrange its subnet values. You need to use the Virtual Network Editor to change them back. With the wrong subnet values, your fixed IP computers will not work.

as mentioned previously, do not forget afterwards that you used a fixed IP, if you plant to copy your VM for some other purpose

I hope this explains somewhat more.

Nick Perks posted Nov 23, 2024 11:12 AM

Hi RaSystemlord, thanks for getting back to me. Some of what you said has makes sense to me but in my network I don't think that R2 is on the NAT network but exists is created in the GN3 VM (not sure if I'm right about that. Also neither the Kali VM or the Windows VM are on the NAT network but I had to create them a subnet for each VMNet2 and VMnet3. In both of these subnets DHCP has been disabled so that both the Kali VM and the Windows VM attempt to get an ip address from R1 which is the DHCP server in my model. What doesn't really make sense to me is why they both need to be allocated a subnet in VMWare and yet are on a different subnet in GN3 which is 10.1.1.0/24? Everything works correctly up to the point that I try and create the rogue DHCP in yersinia on Kali and I can't figure out why that fails?

A screenshot of the various subnets in VMWare:

RaSystemlord posted Nov 23, 2024 12:39 PM

Hi! Yes, I don't know for sure what your hardware is, where the software is and where are the active DHCP servers - well, because your picture does not have that information.

Not sure what you are trying to do, but by large, the idea of the subnet is to work within the subnet.

The idea of forming a subnet is NOT to be working outside the very subnet. DCHP server of VMware or some piece of hardware (called routers, but usually just used for creating a NAT subnet) or some piece of software running on some computer - they create a subnet providing that there is hardware or virtual hardware to support that pursuit.

In VMware, you have "bridged networking mode" if you are NOT working in a subnet. That would probably allow what you are doing. Now, I cannot see you using that.

Whether some particular device gives a DHCP address to some device - well, maybe it does, maybe it doesn't. I don't know why, but I have had Linux computers that do not get an address from a normal (home) DHCP/NAT-box/modem/switch -device, called routers for short. That can be solved by giving a fixed address.

On the other hand, if you are trying to hack through subnets - you have Kali there which might indicate that kind of study - I cannot help you, because I have no expertise in that.