1

I am doing an online course on web penetration testing where the instructor tells us to install Kali Linux on one virtual machine (the attacker), and any other OS (I chose Manjaro Linux) on another virtual machine as the victim machine.

We install Damn Vulnerable Web App (dvwa) on the victim machine using XAMPP and then we are supposed to attack it with the attacker machine.

At this point he takes us to the Kali Machine and types in the browser some.arbitrary.ip.adress/dvwa and voila, he is on the log on page of his dvwa hosted from the other machine. He just says that this i.p address will depend on the environment that you have but doesn't explain how he actually found it. (Then I think he uses Burp with that same address).

I tried googling to find out what my IP address is but when I tried to do what he did using my IP address it sent me to my router's page.

How do I find out what the IP address is for my victim machine so that I can type it into the URL on my attacker machine?

mdemont
  • 11
  • 2
  • 1
    Easy way is to look on the victim machine - it'll be shown in network options or using commands like `ifconfig`. Alternative would be to scan your local network from the attacker box using a tool like `nmap`. However, you may also need to check your VM settings - they don't always default to networking being available from other VMs. – Matthew Nov 15 '16 at 11:44
  • See, Buddy there are many ways to do it. First way is use ifconfig and check Local IP , you won't be able to find your Target Machine's Local IP on Google. Another which is much more better than`ipconfig` is known as `netdiscover` . This will list down the IP's connected & if your victim machine is up and running, it would display :-) – Gerorge Timber Nov 15 '16 at 18:22
  • Yep, I had already tried ifconfig but it turns out I had to change the network settings on each virtual machine for communication to work, since the default settings don't always allow that, as Matthew pointed out. Now I can learn to haxx.. Thanks :) – mdemont Nov 16 '16 at 09:34

0 Answers0