Network Connectivity between Kali and CTF machines

I always recommend people run CTF machines in ‘host-only’ mode to ensure they don’t have an internet connection. You may be wondering though how to ensure your Kali machine can have an internet connection, whilst retaining a network connection to the CTF.

If you are using VirtualBox, you can achieve this with two network adapters. Firstly, ensure you have a host network adapter setup. Open the file menu, and visit ‘Host Network Manager…’.

If you can’t see a network adapter in the list, Click ‘Create’. Once created, ensure the DHCP Server tick box is ticked. You may apply your settings and your network adapter is ready to use.

On your CTF virtual machines, you need to ensure the ‘Host-only adapter’ is set under the network settings:

This should be the only network adapter attached to your CTF VM.

Then, on your pen-testing/Kali machine, ensure you have one adapter set to ‘Bridged’, and then a secondary adapter set to ‘Host-only’.

Nearly done – just a few final steps.

By default, Kali doesn’t like having two connected network adapters at the same time. To do this, boot your Kali machine, and edit the /etc/network/interfaces file. In here, you need to statically declare your network interfaces:

As you can see, there are two sets of lines here for your two network adapters.

allow-hotplug eth0
iface eth0 inet dhcp

allow-hotplug eth1
iface eth1 inet dhcp

You may notice the first set is already listed. Just add what is missing and you should be good to go. By the way, your network interfaces may be named slightly different. If you have any issues with these steps, you can verify the names of your network interfaces using the ‘ip addr’ command and adjust these steps accordingly. Once they have been added into the file, either reboot, or run the following command:

ifup eth1

You should now have two live network interfaces on your Kali machine. One with an internet connection, and one that is on the same network as your CTF’s. Use the ‘ip addr’ command to verify your adapters:

By Thomas Williams

Thomas Williams is learning ethical hacking and hacks things as a hobby. Learn new hacking skills, follow up-to-date cyber security news, and play along with CTFs.

4 replies on “Network Connectivity between Kali and CTF machines”

The second interface is only assigned to your attacking/Kali machine, not the CTF machine, therefore the CTF machine doesn’t have internet in this particular setup. It potentially increases security because if the CTF you download is malicious, it prevents it from accessing the internet; it comes down to whether you trust the CTF you’re downloading or not. The author of the CTF may have put something malicious on there which makes it attack websites on the internet (as an example). Giving it a host-only adaptor (and only a host-only adaptor) prevents it connecting to the internet and therefore mitigates this risk.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.