Setting Up Websites in virtnet

Introduction

virtnet allows for quick deployment of Linux nodes in a virtual network using VirtualBox. Then those nodes, which are setup in a chosen network topology, can be used to explore different network and security technologies. To test software and protocols, having a website on one of the nodes is useful. In the the following I show some quick ways to deploy simple demo websites within virtnet.

Apache Web Server and MySQL Database Server

Apache web server and MySQL database server are already installed on every node. When you deploy a website in the following sections the servers are automatically started. However if you need to manually start (or stop) a server you can use the following commands.

To start Apache web server:

sudo systemctl start apache2.service

To start MySQL database server:

sudo systemctl start mysql.service

You can also stop or restart either server by replacing start in the above commands.

Deploy Simple Static Website

To deploy a simple, static website on any node run:

sudo bash ~/virtnet/bin/vn-deploywebindex

This creates demo web pages in the directory /var/www/html and starts the Apache web server. The demo web pages consist of:

The pages have links between each other. They are all static HTML (there is no PHP or use of MySQL).

Deploy MyUni Website

MyUni is a slightly more complex website, using PHP and MySQL, to provide logins and forms for staff/students to access course grades. It was built to demonstrate web application attacks, such as SQL injection, CSRF and cookie stealing.

Deploying (the real) MyUni

Although the MyUni website can be deployed on any node, the web application attack demos use topology 7, with MyUni deployed on node4. In the following I assume you have already created topology 7.

On node4, run:

sudo bash ~/virtnet/bin/vn-deployrealmyuni

This copies the web pages to /var/www/html, loads data into the necessary databases, and starts the Apache and MySQL servers.

Deploying the Fake MyUni and FreeStuff Websites

Some of the web application attack demos involve a malicious user running a fake MyUni site and another website called FreeStuff. Again, this assumes you use topology 7. These two sites should be deployed on node5.

On node5, run:

sudo bash ~/virtnet/bin/vn-deployfakemyuni

This copies the web pages (for both the fake MyUni and FreeStuff) to /var/www/html and starts the Apache servers.

Domain Names

Inside virtnet all nodes have IP addresses, but there is no DNS. However since it is an internal internet, we can use any domain name for hosts by using the /etc/hosts file. Note however that every node that will make a request (e.g. run client software) must have the domain/IP mappings set in the /etc/hosts file. In latest versions of virtnet, the /etc/hosts file includes the following mappings for the websites:

192.168.2.21 www.myuni.edu
192.168.2.22 www.freestuff.com
192.168.2.22 www.myuni.edu.gr

In topology 7 this corresponds to MyUni on node4 and fake MyUni and FreeStuff on node5. If you use a different topology you may have to change the IP addresses.

If the /etc/hosts file does not contain the above values, or you want to change them, then you can edit the file with a text editor:

sudo nano /etc/hosts

Change the IP addresses and domain names as you wish. Remember that you should make the changes on all nodes (or at least the nodes that will run clients).

Using MyUni

On node 1, visit http://www.myuni.edu/grades/. The grading system has the following features:

There is also a special web page that redirects users to external websites:
www.myuni.edu/grades/redirect.php?url=www.example.com

Adding New Users or Courses

When the database for MyUni is created, an initial set of users and grades for courses are created. If you want to add more, then you can use SQL commands. To start MySQL client on node4:

mysql -u root -p webdemo_grades

The password is network.

Now in the MySQL prompt you can run queries. Below is sample output that illustrates how to insert a new user and grades.

network@node4:~$ mysql -u root -p webdemo_grades
Enter password: network
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 6
Server version: 5.7.17-0ubuntu0.16.04.1 (Ubuntu)

Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> show tables;
+--------------------------+
| Tables_in_webdemo_grades |
+--------------------------+
| coursegrades             |
| users                    |
+--------------------------+
2 rows in set (0.00 sec)

mysql> insert into users values ('scott','s3cr3T');
Query OK, 1 row affected (0.01 sec)

mysql> select * from users;
+------------+----------+
| username   | password |
+------------+----------+
| 5000000000 | student  |
| 5012345678 | student  |
| s0000000   | student0 |
| s1234567   | student7 |
| scott      | s3cr3T   |
| steve      | mysecret |
+------------+----------+
6 rows in set (0.00 sec)

mysql> insert into coursegrades values ('scott','coit20262','F');
Query OK, 1 row affected (0.01 sec)

mysql> select * from coursegrades;
+------------+------------+-------+
| studentid  | coursecode | grade |
+------------+------------+-------+
| 5000000000 | css322     | D+    |
| 5000000000 | its335     | B+    |
| 5012345678 | css322     | B     |
| 5012345678 | its323     | C     |
| 5012345678 | its335     | A     |
| s0000000   | coit20262  | F     |
| s0000000   | coit20263  | C     |
| s1234567   | coit20262  | D     |
| s1234567   | coit20263  | D     |
| s1234567   | coit20264  | C     |
| scott      | coit20262  | F     |
+------------+------------+-------+
11 rows in set (0.00 sec)