NodeZero Host Virtual Machine

The NodeZero Host virtual appliance is a small virtual machine based on a pre-configured Ubuntu 20.04 installation. It’s designed to execute NodeZero pentests and bundles tools that facilitate pentest execution, as well as debug and maintenance.

Downloads

IMPORTANT:Always verify that the files you download come from Horizon3.

VMWare / VirtualBox importable OVA

download
sha2565e169028cf76bbcf42d85e76fa40c29a4d469be3ea8ffa4509945cba0fb29022

Specs

The NodeZero virtual machine comes pre-configured to use these resources:

  • 2 x CPUs
  • 8GB of RAM
  • 40GB of disk
  • Bridged network adapter

Before Setting Up

If your environment restricts access to external sites through an outbound proxy or similar mechanism, please make sure that it allows connections to the following sites:

  • *.ubuntu.com
  • downloads.horizon3.ai

Installation

Installing the virtual machine is a matter of importing the OVA file from the download link above into your virtualization environment. We provide the following set of steps as an example to use with VMWare’s vSphere client or with VirtualBox.

VMWare vSphere

vSphere client is one of VMWare’s virtual environment management solutions. You can find more information on the client itself in VMWare’s documentation.

NOTE:The following steps are for vSphere client version 7.0.3.00500.

After downloading and verifying the most recent NodeZero-####.ova file from the downloads section above, follow these steps to import and launch the NodeZero virtual machine.

  1. Log into your VMWare vSphere client.
  2. Select Deploy OVF Template from the Actions menu.
  3. Select the Local File option
  4. Click the UPLOAD FILES button to locate the OVA file downloaded in step #1.
  5. Click Next.
  6. Give your VM a name if you want it to be different from the default, and select a location to deploy to.
  7. Click Next.
  8. Select the compute resources you’ll be using.
  9. Click Next.
  10. Verify the import settings are correct and that the signature is from Horizon3.
  11. Click Next.
  12. Select the storage destination.
  13. Click Next.
  14. Select a network to use.
  15. Click Next.
  16. Review your selections
  17. Click Finish.
  18. To launch the VM, select it from the list on the left and click the Power On button.

VirtualBox

After downloading and verifying the most recent NodeZero-####.ova file from the downloads section above, follow these steps to import and launch the NodeZero virtual machine.

  1. Open VirtualBox.
  2. Click on Tools.
  3. Click on Import.
  4. Enter the location of the OVA file.
  5. Click Continue.
  6. Click Import wait for it to complete.
  7. Make sure you use a bridged network adapter:
    • Select the newly imported NodeZero virtual machine from the list on the left.
    • Click Settings.
    • Click Network.
    • Check that Attached to: says Bridged Adapter.
    • Check that Name: is the name of the adapter connected to your internal network.
    • Click OK if you had to change anything.
    • NOTE:There are known issues with VirtualBox network bridges over wireless adapters in newer MacOS versions. If you’re experiencing connectivity problems, consider using a wired connection instead.

  8. Select the NodeZero virtual machine from the list on the left.
  9. Launch the VM by clicking Start.

Usage

Connecting

If using vSphere, once you power on the virtual machine, the client interface gives the option of using a web console or a remote console for your first login.

If using VirtualBox, after starting the VM, a new display window appears that shows the operating system load screen.

With either system, once the OS fully loads, you’ll see a login screen that looks like this:

Username and First Login

When first launching the NodeZero virtual machine, SSH password access is disabled until you login and update the default password.

  1. Login with these credentials:
    • Username: nodezero
    • Password: nodezero
  2. When successful, you’ll see a prompt like the one below:
    You are required to change your password immediately (administrator enforced)
    Changing password for nodezero.
    Current password:
  3. Enter the password from step #1 and hit enter.
  4. Next you’ll see a prompt for New password:, enter a secure password that you’ll use from now on and hit enter.
  5. Next you have to confirm the password Retype new password:, enter the same password from step #4 and hit enter.
  6. You are now logged in with a successful password change. Make sure to keep that password for use in the future.

Once the login process completes, you’ll see an Enabling SSH password authentication message. At this point you can continue working through the vSphere or VirtualBox consoles, but you can also use an SSH client to connect to the IP address shown on the login screen.

Using SSH

To connect over SSH with Linux or MacOS, simply run the command below, replacing IP_ADDRESS with the one shown in the login screen.
$ ssh nodezero@IP_ADDRESS

If you’re using Windows, then you’ll use a client like PuTTY to connect. Simply fill out the Host Name (or IP Address) field with the address shown in the login screen.

Configuration with the n0 command

This virtual machine comes with a simple script that helps adjust basic settings and other maintenance tasks. It’s available under the n0 command, and running it presents you with a menu:

$ n0
1) Check environment
2) System info
3) Configure Static IP
4) Configure network proxy
5) Update
6) Version info

The following sections provide more information on what these options do.

Network configuration

Options #3 and #4 in the n0 command menu allow you to adjust network settings as follows.

Switching between DHCP and Static IP assignment

By default the NodeZero applicance comes with DHCP enabled. But if you need to switch to static addressing, you can use option #3 and follow the prompts to configure a new IP address, Subnet, Gateway and DNS nameserver.

If you ever need to switch back to DHCP, you can use the same option.

Configure a network proxy

You’re also able to setup a proxy server for HTTP and HTTPS traffic. Simply select option #4 and follow the example in the prompt when entering the URL. Note that you’ll have to log out and back in before this change takes effect.

Checking things are working

Option #1 of the n0 command menu checks that the system is ready to execute a pentest. It verifies we have access to the correct amount of resources and the right commands. It’s the same as running the Host Check Script.

Option #2 provides system information and can serve as a way to check your current settings. You’ll find details on the processors, memory, disk and network configuration.

Running a NodeZero pentest

  1. Log into the Horizon3 web portal
  2. Schedule a new pentest following your usual process.
  3. Copy and paste the launch / curl command from the portal into the shell of a NodeZero virtual machine.
  4. Pentest starts executing.

Staying up to date

You can use the n0 command menu’s option #5 to perform an OS and tools update.