Skip to content

NodeZero Host Virtual Machine (OVA/VHD)

The NodeZero Host virtual appliance is a small virtual machine based on a pre-configured Ubuntu 20.04 installation. It’s designed to execute NodeZero pentests and bundles tools that facilitate pentest execution, as well as debug and maintenance.

Downloads

Tip

Always verify the files download come from Horizon3.

VMWare/Virtualbox importable OVA

Download SHA256

Windows Hyper-V importable VHD

Download SHA256

Specifications

The NodeZero host virtual machine comes pre-configured to use these resources:

  • 2 x CPUs
  • 8GB of RAM
  • 40GB of disk
  • Bridged network adapter

Before Setting Up

If your environment restricts access to external sites through an outbound proxy or similar mechanism, please make sure that it allows connections to the following sites:

  • *.ubuntu.com
  • downloads.horizon3ai.com
  • github.com (optional for h3-cli updates)

Installation

Installing the virtual machine is a matter of importing the OVA file from the download link above into the virtualization environment. We provide the following set of steps as an example to use with VMWare’s vSphere client or with VirtualBox.

VMWare vSphere

vSphere client is one of VMWare’s virtual environment management solutions. You can find more information on the client itself in VMWare’s documentation.

Note

The following steps are for vSphere client version 7.0.3.00500.

After downloading and verifying the most recent NodeZero-####.ova file from the downloads section above, follow these steps to import and launch the NodeZero host virtual machine.

  1. Log into your VMWare vSphere client.
  2. Select Deploy OVF Template from the Actions menu.
  3. Select the Local File option
  4. Click the Upload Files button to locate the OVA file downloaded in step #1.
  5. Give your VM a name if you want it to be different from the default, and select a location to deploy to. Click Next.
  6. Select the compute resources you’ll be using. Click Next.
  7. Verify the import settings are correct and that the signature is from Horizon3. Click Next.
  8. Select the storage destination. Click Next.
  9. Select a network to use. Click Next.
  10. Review your selections. Click Finish.
  11. To launch the VM, select it from the list on the left and click the Power On button.

VirtualBox

After downloading and verifying the most recent NodeZero-####.ova file from the downloads section above, follow these steps to import and launch the NodeZero host virtual machine.

  1. Open VirtualBox.
  2. Click on Tools, then Import.
  3. Enter the location of the OVA file. Click Continue.
  4. Click Import wait for it to complete.
  5. Make sure you use a bridged network adapter:
  6. Select the newly imported NodeZero virtual machine from the list on the left.
  7. Click Settings, then Network.
  8. Confirm that Attached to is set to Bridged Adapter.
  9. Confirm that Name is set to the name of the adapter connected to your internal network.
  10. Click OK.
  11. Select the NodeZero virtual machine from the list on the left.
  12. Launch the VM by clicking Start.

Note

There are known issues with VirtualBox network bridges over wireless adapters in newer MacOS versions. If you’re experiencing connectivity problems, consider using a wired connection instead.

Windows Hyper-V

After downloading and verifying the most recent NodeZero-####.vhd file from the downloads section above, follow these steps to import and launch the NodeZero host virtual machine.

  1. Ensure Hyper-V has both the Management Tools and Platform enabled and installed. See Windows docs for more info
  2. Create a virtual machine. From the Hyper-V manager's menu bar, select Action > New > Virtual Machine...
  3. In that New Virtual Machine Wizard enter a name for the new virtual machine for use in Hyper-V
  4. Select the virtual machine as Generation 1
  5. Select the amount of memory to use for the virtual machine. Set startup memory to 8192 or greater. Note: Dynamic memory can be used or disabled, per customer's environment standards.
  6. Select a network to have NodeZero run in. Ensure the network connection is to a production network where a real IP is given (DHCP) or an assigned IP (Static) can connect. NOTE: Hyper-V's default switch setting will NOT work
  7. Select the virtual hard disk (vhd). Select Use an existing virtual hard disk and browse to the NodeZero-xxx.vhd file that you recently downloaded
  8. Review the information is correct
  9. From the Hyper-V manager select the newly created virtual machine and click Connect
  10. A new window will show the virtual machine and select Start to initialize a new NodeZero host virtual machine.

Usage

Connecting

If using vSphere, once the host is powered on, the client interface gives the option of using a web console or a remote console.

If using VirtualBox/Hyper-v, after starting the VM, a new display window appears that shows the operating system load screen.

With either system, once the OS fully loads, there will be a login screen that looks like this:

Screenshot

Username and First Login

When first launching the NodeZero host, SSH password access is disabled until the host is initially logged into and updates the default password.

Login with these credentials:

  • Username: nodezero
  • Password: nodezero

When successful, there will be a prompt like the one below:

You are required to change your password immediately (administrator enforced)
Changing password for nodezero.

Passwords require min 14 characters and must include at least
1 Digit, 1 Special, 1 Upper and 1 Lower Case

Current password:

Enter the password from step #1 and hit enter.

Next there will be a prompt for New password:, enter a secure password that can be used from now on and hit enter.

Finally confirm the password with Retype new password:, enter the same password and hit enter.

Once password has been successfully changed, the user is logged into the host. Make sure to keep that password for use in the future.

Once the login process completes, there will be a message of Enabling SSH password authentication displayed. At this point SSH has been enabled on the host and it may be accessed using an SSH client.

Screenshot

Using SSH

To enable SSH on the host, connect to the host over a management console and change the default password for the user nodezero as described in the previous step. Once that is done SSH will be enabled on the host.

To connect over SSH with Linux or MacOS, run the command below, replacing <IP_ADDRESS> with the one shown in the login screen.

ssh nodezero@<IP_ADDRESS>

If using Windows, a client like PuTTY will be needed to connect. Fill out the Host Name (or IP Address) field with the address shown in the login screen.

n0 utility

The NodeZero host virtual machine comes with a script for setup and maintenancece of the host. To invoke it, type n0 into the command prompt and a menu like the one below will be presented.

n0

1) Check Environment
2) System Info
3) Configure Static IP
4) Configure Network Proxy
5) Update
6) Set Timezone
7) Version Info
q) Exit

Choose an option: _

The following sections provide more information on what these options do.

Check Environment

This runs NodeZero's checkenv.sh script to verify the host has the required configuration and settings as well as access externally to the required sites.

System Info

Displays basic system information about the host such as CPUs, Memory and Network settings

Example:

Screenshot

Configure Static IP / Configure DHCP

By default the NodeZero host virtual machine comes with DHCP enabled. The option here will toggle between Configure Static IP and Configure DHCP.

This defaults to Configure Static IP to switch from using DHCP to static ips. Once selected follow the prompts to configure a new IP address, Subnet, Gateway and DNS nameserver

If there is a need to switch back to DHCP, it can be selected with same option number which will show Configure DHCP

Configure Network Proxy

Super User Needed

Must switch users with sudo su before running n0 for the changes to system proxy to take effect.

Follow the steps in the prompt to setp a proxy server for HTTP and HTTPS traffic. The user must log out and back in before the changes takes effect.

Update

This does three things:

  1. Updates the underlying OS, mostly for getting the latest security patches
  2. Pulls the latest h3-cli while preserving the current configuration
  3. Updates the n0 utility itself.

Ensure Latest Updates

It is suggested to run the update option two times back-to-back to ensure the latest updates are retrieved and implemented

Set Timezone

Allows for setting the timezone on the host. Currently supports UTC, GMT, US and EU timezones

Version Info

Prints the version of n0 being used

Exit

Exits the prompt inface of n0

Running a NodeZero Pentest

  1. Log into the Horizon3 web portal
  2. Create a new pentest providing the relevant setup information.
  3. Copy and paste the curl command from the portal into the shell of a NodeZero host.
  4. The pentest starts executing like the in the screenshot below.

Screenshot

Automating NodeZero

NodeZero supports automating the running of itself through the use of the h3-cli and setting up a runner on the host. This can be done by following the steps for setting up a runner