Monday, January 25, 2016

Vulnerable Windows virtual machines to hack

There are plenty of vulnerable virtual machines to practice your hacking skills available on vulnhub.com, but they're all Linux boxes. If you'd like to practice on Windows, Microsoft has made available for download Windows XP with Internet Explorer 6, up through Windows 10 with the Edge browser. These 90 day trials are are available in formats to use in Windows, Mac, and Linux running hypervisors including VirtualBox, Vagrant, Hyper-V, VPC, Parallels, and VMware.

Although Microsoft made these virtual machines available to test browser versions with your website and may not have intended to make these available for purposes including hacking, these virtual machines include vulnerable versions of Internet Explorer, as well as missing operating system updates.

Visit the Microsoft Developer Website to download the virtual machines.

First, choose your operating system: Windows, Mac, or Linux.




Next, choose the virtual machine operating system and Internet Explorer version.



Finally, choose your hypervisor and download.




Known Issue: Windows 10 virtual machines may display a message in the Settings app that reads
“Connect to the Internet to activate.” This is due to a bug and does not impact the activation state or
functionality of the virtual machine.

Login Information (for Windows Vista, 7, 8, 10 VMs): IEUser, Passw0rd!
Instructions to set password for XP VMs:
1. Using virtualization platform of choice, load the XP VM
2. Go to Control Panel | User Accounts
3. Select IEUser
4. Select "Create a password" link and enter the desired password