Kali Linux Network Scanning Cookbook - Second Edition

Title Page

Kali Linux Network Scanning Cookbook

Second Edition

Take your penetration-testing skills to the next level

Michael Hixon

Justin Hutchens

   BIRMINGHAM - MUMBAI

Copyright

Kali Linux Network Scanning Cookbook

Second Edition

Copyright © 2017 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

First published: August 2014

Second edition: May 2017

Production reference: 1220517

Published by Packt Publishing Ltd.

Livery Place

35 Livery Street

Birmingham 

B3 2PB, UK.

ISBN 978-1-78728-790-7

www.packtpub.com

Credits

About the Authors

Michael Hixon currently works as a security consultant with a focus on penetration testing and web application security. He previously served in the United States Marine Corp, where he was an infantryman, security forces member, and counterintelligence agent. After the military, he worked as a programmer before changing his focus to IT security. He has worked for the Red Cross, Department of Defense, Department of Justice, and numerous intelligence agencies in his career. He holds a bachelor’s degree in management information systems and multiple professional information-security certifications, including Certified Information Systems Security Professional (CISSP), eLearnSecurity Web Application Penetration Tester (eWPT), Certified Ethical Hacker (CEH), and eLearnSecurity Certified Professional Penetration Tester (eCPPT).  He currently runs the Baltimore chapter of the Open Web Application Security Project (OWASP).

Justin Hutchens currently works as a security consultant and regularly performs penetration tests and security assessments for a wide range of clients. He previously served in the United States Air Force, where he worked as an intrusion-detection specialist, network-vulnerability analyst, and malware forensic investigator for a large enterprise network with over 55,000 networked systems. He holds a bachelor's degree in information technology and multiple professional information-security certifications, including Certified Information Systems Security Professional (CISSP), Offensive Security Certified Professional (OSCP), eLearnSecurity Web Application Penetration Tester (eWPT), GIAC Certified Incident Handler (GCIH), Certified Network Defense Architect (CNDA), Certified Ethical Hacker (CEH), EC-Council Certified Security Analyst (ECSA), and Computer Hacking Forensic Investigator (CHFI). He is also the writer and producer of Packt's e-learning video course Kali Linux - Backtrack Evolved: Assuring Security by Penetration Testing.

About the Reviewer

Ahmad Muammar WK is an IT security consultant and penetration tester. He holds Offensive Security Certified Professional (OSCP), Offensive Security Certified Expert (OSCE), and elearnsecurity Mobile Application Penetration Tester (eMAPT) certifications. He is the founder of ECHO (http://echo.or.id), one of the oldest Indonesian IT security communities, and is also a founder of IDSECCONF (http://idsecconf.org), the biggest annual security conference in Indonesia. He also a reviewed Kali Linux Cookbook by Willie L. Pritchett and David De Smet, Packt Publishing, and Kali Linux Network Scanning Cookbook by Justin Hutchens, Packt Publishing.

www.PacktPub.com

For support files and downloads related to your book, please visit www.PacktPub.com.

Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at service@packtpub.com for more details.

At www.PacktPub.com, you can also read a collection of free technical articles, sign up for a range of free newsletters and receive exclusive discounts and offers on Packt books and eBooks.

https://www.packtpub.com/mapt

Get the most in-demand software skills with Mapt. Mapt gives you full access to all Packt books and video courses, as well as industry-leading tools to help you plan your personal development and advance your career.

Why subscribe?

Fully searchable across every book published by Packt

Copy and paste, print, and bookmark content

On demand and accessible via a web browser

Customer Feedback

Thanks for purchasing this Packt book. At Packt, quality is at the heart of our editorial process. To help us improve, please leave us an honest review on this book's Amazon page at https://www.amazon.com/dp/1787287904.

If you'd like to join our team of regular reviewers, you can e-mail us at customerreviews@packtpub.com. We award our regular reviewers with free eBooks and videos in exchange for their valuable feedback. Help us be relentless in improving our products!

Table of Contents

Preface

What this book covers

What you need for this book

Who this book is for

Sections

Getting ready

How to do it…

How it works…

There's more…

See also

Conventions

Reader feedback

Customer support

Downloading the example code

Downloading the color images of this book

Errata

Piracy

Questions

Getting Started

Introduction

Configuring a security lab with VMware Player (Windows)

Getting ready

How to do it...

How it works...

Configuring a security lab with VMware Fusion (macOS)

Getting ready

How to do it...

How it works...

Installing Ubuntu Server

Getting ready

How to do it...

How it works...

Installing Metasploitable2

Getting ready

How to do it...

How it works...

Installing Windows Server

Getting ready

How to do it...

How it works...

Increasing the Windows attack surface

Getting ready

How to do it...

How it works...

Installing Kali Linux

Getting ready

How to do it...

How it works...

Using text editors (Vim and GNU nano)

Getting ready

How to do it...

How it works...

Keeping Kali updated

Getting ready

How to do it...

How it works...

Managing Kali services

Getting ready

How to do it...

How it works...

Configuring and using SSH

Getting ready

How to do it...

How it works...

Installing Nessus on Kali Linux

Getting ready

How to do it...

How it works...

Reconnaissance

Introduction

Using Google to find subdomains

Getting ready

How to do it...

How it works...

Finding e-mail addresses using theHarvester

Getting ready

How to do it...

How it works...

Enumerating DNS using the host command

Getting ready

How to do it...

How it works...

Enumerating DNS using DNSRecon

Getting ready

How to do it...

Standard DNS enumeration

Reverse lookups

Zone transfer

How it works...

Enumerating DNS using the dnsenum command

Getting ready

How to do it...

Default settings

Brute-force

How it works...

Discovery

Introduction

Knowing the OSI model

Using Scapy to perform host discovery (layers 2/3/4)

Getting ready

How to do it...

Layer 2 discovery - ARP

Layer 3 discovery - ICMP

Layer 4 discovery - TCP and UDP

How it works...

Using Nmap to perform host discovery (layers 2/3/4)

Getting ready

How to do it...

Layer 2 discovery - ARP

Layer 3 discovery - ICMP

Layer 4 discovery - TCP and UDP

How it works...

Using ARPing to perform host discovery (layer 2)

Getting ready

How to do it...

How it works...

Using netdiscover to perform host discovery (layer 2)

Getting ready

How to do it...

How it works...

Using Metasploit to perform host discovery (layer 2)

Getting ready

How to do it...

How it works...

Using hping3 to perform host discovery (layers 3/4)

Getting ready

How to do it...

Layer 3 discovery - ICMP

Layer 4 discovery - TCP and UDP

How it works...

Using ICMP to perform host discovery

Getting ready

How to do it...

How it works...

Using fping to perform host discovery

Getting ready

How to do it...

How it works...

Port Scanning

Introduction

UDP port scanning

TCP port scanning

Port scanning with Scapy (UDP, stealth, connect, and zombie)

Getting ready

How to do it...

UDP port scanning with Scapy

Stealth scanning with Scapy

Connect scanning with Scapy

Zombie scanning with Scapy

How it works...

Port scanning with Nmap (UDP, stealth, connect, zombie)

Getting ready

How to do it...

UDP scanning with Nmap

Stealth scanning with Nmap

Connect scanning with Nmap

Zombie scanning with Nmap

How it works...

Port scanning with Metasploit(UDP, stealth, and connect)

Getting ready

How to do it...

UDP scanning with Metasploit

Stealth scanning with Metasploit

Connect scanning with Metasploit

How it works...

Port scanning with hping3 (stealth)

Getting ready

How to do it...

How it works...

Port scanning with DMitry (connect)

Getting ready

How to do it...

How it works...

Port scanning with Netcat (connect)

Getting ready

How to do it...

How it works...

Port scanning with masscan (stealth)

Getting ready

How to do it...

How it works...

Fingerprinting

Introduction

Banner grabbing with Netcat

Getting ready

How to do it...

How it works...

Banner grabbing with Python sockets

Getting ready

How to do it....

How it works...

Banner grabbing with DMitry

Getting ready

How to do it...

How it works...

Banner grabbing with Nmap NSE

Getting ready

How to do it...

How it works...

Banner grabbing with Amap

Getting ready

How to do it...

How it works...

Service identification with Nmap

Getting ready

How to do it...

How it works...

Service identification with Amap

Getting ready

How to do it...

How it works...

Operating system identification with Scapy

Getting ready

How to do it...

How it works...

Operating system identification with Nmap

Getting ready

How to do it...

How it works...

Operating system identification with xprobe2

Getting ready

How to do it...

How it works...

Passive operating system identification with p0f

Getting ready

How to do it...

How it works...

SNMP analysis with Onesixtyone

Getting ready

How to do it...

How it works...

SNMP analysis with SNMPwalk

Getting ready

How to do it...

How it works...

Firewall identification with Scapy

Getting ready

How to do it...

How it works...

Firewall identification with Nmap

Getting ready

How to do it...

How it works...

Firewall identification with Metasploit

Getting ready

How to do it...

How it works...

Vulnerability Scanning

Introduction

Vulnerability scanning with the Nmap Scripting Engine

Getting ready

How to do it...

How it works...

Vulnerability scanning with MSF auxiliary modules

Getting ready

How to do it...

How it works...

Creating scan policies with Nessus

Getting ready

How to do it...

How it works...

Vulnerability scanning with Nessus

Getting ready

How to do it...

How it works...

Vulnerability scanning with OpenVAS

Getting ready

How to do it...

How it works...

Validating vulnerabilities with HTTP interaction

Getting ready

How to do it...

How it works...

Validating vulnerabilities with ICMP interaction

Getting ready

How to do it...

How it works...

Denial of Service

Introduction

Fuzz testing to identify buffer overflows

Getting ready

How to do it...

How it works...

Remote FTP service buffer-overflow DoS

Getting ready

How to do it...

How it works...

Smurf DoS attack

Getting ready

How to do it...

How it works...

DNS amplification DoS attacks

Getting ready

How to do it...

How it works...

SNMP amplification DoS attack

Getting ready

How to do it...

How it works...

SYN flood DoS attack

Getting ready

How to do it...

How it works...

Sock stress DoS attack

Getting ready

How to do it...

How it works...

DoS attacks with Nmap NSE

Getting ready

How to do it...

How it works...

DoS attacks with Metasploit

Getting ready

How to do it...

How it works...

DoS attacks with the exploit database

Getting ready

How to do it...

How it works...

Working with Burp Suite

Introduction

Configuring Burp Suite on Kali Linux

Getting ready

How to do it...

How it works...

Defining a web application target with Burp Suite

Getting ready

How to do it...

How it works...

Using Burp Suite Spider

Getting ready

How to do it...

How it works...

Using Burp Suite Proxy

Getting ready

How to do it...

How it works...

Using Burp Suite engagement tools

Getting ready

How to do it...

How it works...

Using the Burp Suite web application scanner

Getting ready

How to do it...

How it works...

Using Burp Suite Intruder

Getting ready

How to do it...

How it works...

Using Burp Suite Comparer

Getting ready

How to do it...

How it works...

Using Burp Suite Repeater

Getting ready

How to do it...

How it works...

Using Burp Suite Decoder

Getting ready

How to do it...

How it works...

Using Burp Suite Sequencer

Getting ready

How to do it...

How it works...

Using Burp Suite Extender

Getting ready

How to do it...

How it works...

Using Burp Suite Clickbandit

Getting ready

How to do it...

How it works...

Web Application Scanning

Introduction

Web application scanning with Nikto

Getting ready

How to do it...

How it works...

SSL/TLS scanning with SSLScan

Getting ready

How to do it...

How it works...

SSL/TLS scanning with SSLyze

Getting ready

How to do it...

How it works...

GET method SQL injection with sqlmap

Getting ready

How to do it...

How it works...

POST method SQL injection with sqlmap

Getting ready

How to do it...

How it works...

Requesting a capture SQL injection with sqlmap

Getting ready

How to do it...

How it works...

Automating CSRF testing

Getting ready

How to do it...

How it works...

Validating command-injection vulnerabilities with HTTP traffic

Getting ready

How to do it...

How it works...

Validating command-injection vulnerabilities with ICMP traffic

Getting ready

How to do it...

How it works...

Attacking the Browser with BeEF

Hooking the browser withBeEF

Getting ready

How to do it...

How it works...

Collecting information with BeEF

Getting ready

How to do it...

How it works...

Creating a persistent connection with BeEF

Getting ready

How to do it...

How it works...

Integrating BeEF and Metasploit

Getting ready

How to do it...

How it works...

Using the BeEF autorule engine

Getting ready

How to do it...

How it works...

Working with Sparta

Information gathering with Sparta

Getting ready

How to do it...

How it works...

Creating custom commands for Sparta

Getting ready

How to do it...

How it works...

Port scanning with Sparta

Getting ready

How to do it...

How it works...

Fingerprinting with Sparta

Getting ready

How to do it...

How it works...

Vulnerability scanning with Sparta

Getting ready

How to do it...

How it works...

Web application scanning with Sparta

Getting ready

How to do it...

How it works...

Automating Kali Tools

Introduction

Nmap greppable output analysis

Getting ready

How to do it...

How it works...

Port scanning with NMAP NSE execution

Getting ready

How to do it...

How it works...

Automate vulnerability scanning with NSE

Getting ready

How to do it...

How it works...

Automate web application scanning with Nikto

Getting ready

How to do it...

How it works...

Multithreaded MSF exploitation with reverse shell payload

Getting ready

How to do it...

How it works...

Multithreaded MSF exploitation with backdoor executable

Getting ready

How to do it...

How it works...

Multithreaded MSF exploitation with ICMP verification

Getting ready

How to do it...

How it works...

Multithreaded MSF exploitation with admin account creation

Getting ready

How to do it...

How it works...

Preface

For better or for worse, we now live in a world where hacking is the norm. It's in our daily news stories, entertainment, governments, businesses, and homes. While it has become more and more prevalent, it has also become easier. A great deal of attacks take very little technical knowledge as scripts can be found and used by even a novice. For the technically savvy hacker, the stakes are very high as more and more systems can be compromised for financial or political gain.

In a world where hacking has become so easy that a child could do it, it is absolutely essential that organizations verify their own level of protection by having their networks tested using the same tools that cybercriminals use against them. However, the basic usage of these tools is not sufficient knowledge to be an effective information-security professional. It is absolutely critical that information-security professionals understand the techniques that are being employed by these tools and why these techniques are able to exploit various vulnerabilities in a network or system. A knowledge of the basic underlying principles that explain how these common attack tools work enables one to effectively use them, but more importantly, it also contributes to one's ability to effectively identify such attacks and defend against them.

The intention of this book is to enumerate and explain the use of common attack tools that are available on the Kali Linux platform, but more importantly, this book also aims to address the underlying principles that define why these tools work. In addition to addressing the highly functional tools integrated into Kali Linux, we will also create a large number of Python and Bash scripts that can be used to perform similar functions and/or to streamline existing tools.

Ultimately, the intention of this book is to help forge stronger security professionals through a better understanding of their adversary.

What this book covers

Chapter 1, Getting Started, explains the configuration of a security lab and then the installation and configuration of Kali Linux and other security tools.

Chapter 2, Reconnaissance, explains how to collect information on your target using passive information-gathering techniques. Collecting subdomains, e-mail addresses, and DNS enumeration are covered in depth.

Chapter 3, Discovery, explains gathering domain information on our target and identifying hosts on a given network segment.

Chapter 4, Port Scanning, covers multiple tools and methods for finding open ports on one or more hosts.

Chapter 5, Fingerprinting, explains identifying the services and versions associated with them once having identified open ports on our target(s).

Chapter 6, Vulnerability Scanning, discusses ways to identify vulnerabilities based on the services and versions found in the previous chapter.

Chapter 7, Denial of Service, covers how to execute several types of DoS attack.

Chapter 8, Working with Burp Suite, covers Burp Suite and how to use the many tools it comes bundled with.

Chapter 9, Web Application Scanning, covers a number of tools and techniques for testing web applications.

Chapter 10, Attacking the Browser with BeEF, covers the Browser Exploitation Framework (BeEF), including configuration, hooking a browser, and a number of exploits.

Chapter 11, Working with Sparta, looks at how to configure and modify Sparta. We also cover how to take full advantage of the tool to collect and organize your information gathering.

Chapter 12, Automating Kali Tools, demonstrates automating a number of Kali tools to both collect information and exploit targets.

What you need for this book

In order to perform the examples provided in this book, you will need the following:

Vmware Workstation Player 12 (or newer) or Vmware Fusion 8.5 (or newer) 

PuTTY 6.9 (for Windows users needing SSH)

Nessus 5.2.6

Kali Linux 2016.2

Ubuntu 64-bit 16.x

Metasploitable2

Wndows XP SP2

Who this book is for

This book is for information-security professionals and casual security enthusiasts alike. It provides foundational principles if you're a novice but will also introduce scripting techniques and in-depth analysis if you're more advanced. Whether you are brand new to Kali Linux or a seasoned veteran, this book will help you both understand and ultimately master many of the most powerful and useful scanning techniques in the industry. It is assumed that you have some basic security-testing experience.

Sections

In this book, you will find several headings that appear frequently (Getting ready, How to do it..., How it works..., There's more..., and See also).

To give clear instructions on how to complete a recipe, we use these sections as follows:

Getting ready

This section tells you what to expect in the recipe, and describes how to set up any software or any preliminary settings required for the recipe.

How to do it…

This section contains the steps required to follow the recipe.

How it works…

This section usually consists of a detailed explanation of what happened in the previous section.

There's more…

This section consists of additional information about the recipe in order to make the reader more knowledgeable about the recipe.

See also

This section provides helpful links to other useful information for the recipe.

Conventions

In this book, you will find a number of text styles that distinguish between different kinds of information. Here are some examples of these styles and an explanation of their meaning.

Code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles are shown as follows: Enumerating DNS using the host command.

A block of code is set as follows:

Any command-line input or output is written as follows:

New terms and important words are shown in bold. Words that you see on the screen, for example, in menus or dialog boxes, appear in the text like this: On this page, scroll down to the VMware Workstation Player link and click on Download.

Warnings or important notes appear in a box like this.

Tips and tricks appear like this.

Reader feedback

Feedback from our readers is always welcome. Let us know what you think about this book-what you liked or disliked. Reader feedback is important for us as it helps us develop titles that you will really get the most out of.

To send us general feedback, simply e-mail feedback@packtpub.com, and mention the book's title in the subject of your message.

If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, see our author guide at www.packtpub.com/authors .

Customer support

Now that you are the proud owner of a Packt book, we have a number of things to help you to get the most from your purchase.

Downloading the example code

You can download the example code files for this book from your account at http://www.packtpub.com. If you purchased this book elsewhere, you can visit http://www.packtpub.com/support  and register to have the files e-mailed directly to you.

You can download the code files by following these steps:

Log in or register to our website using your e-mail address and password.

Hover the mouse pointer on the SUPPORT tab at the top.

Click on Code Downloads & Errata.

Enter the name of the book in the Search box.

Select the book for which you're looking to download the code files.

Choose from the drop-down menu where you purchased this book from.

Click on Code Download.

You can also download the code files by clicking on the Code Files button on the book's webpage at the Packt Publishing website. This page can be accessed by entering the book's name in the Search box. Please note that you need to be logged in to your Packt account.

Once the file is downloaded, please make sure that you unzip or extract the folder using the latest version of:

WinRAR / 7-Zip for Windows

Zipeg / iZip / UnRarX for Mac

7-Zip / PeaZip for Linux

The code bundle for the book is also hosted on GitHub at https://github.com/PacktPublishing/Kali-Linux-Network-Scanning-Cookbook-Second-Edition. We also have other code bundles from our rich catalog of books and videos available at https://github.com/PacktPublishing/. Check them out!

Downloading the color images of this book

We also provide you with a PDF file that has color images of the screenshots/diagrams used in this book. The color images will help you better understand the changes in the output. You can download this file from https://www.packtpub.com/sites/default/files/downloads/KaliLinuxNetworkScanningCookbookSecondEdition_ColorImages.pdf.

Errata

Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you find a mistake in one of our books-maybe a mistake in the text or the code-we would be grateful if you could report this to us. By doing so, you can save other readers from frustration and help us improve subsequent versions of this book. If you find any errata, please report them by visiting http://www.packtpub.com/submit-errata, selecting your book, clicking on the Errata Submission Form link, and entering the details of your errata. Once your errata are verified, your submission will be accepted and the errata will be uploaded to our website or added to any list of existing errata under the Errata section of that title.

To view the previously submitted errata, go to https://www.packtpub.com/books/content/support  and enter the name of the book in the search field. The required information will appear under the Errata section.

Piracy

Piracy of copyrighted material on the Internet is an ongoing problem across all media. At Packt, we take the protection of our copyright and licenses very seriously. If you come across any illegal copies of our works in any form on the Internet, please provide us with the location address or website name immediately so that we can pursue a remedy.

Please contact us at copyright@packtpub.com with a link to the suspected pirated material.

We appreciate your help in protecting our authors and our ability to bring you valuable content.

Questions

If you have a problem with any aspect of this book, you can contact us at questions@packtpub.com, and we will do our best to address the problem.

Getting Started

The following recipes will be covered in this chapter:

Configuring a security lab with VMware Player (Windows)

Configuring a security lab with VMware Fusion (macOS)

Installing Ubuntu Server

Installing Metasploitable2

Installing Windows Server

Increasing the Windows attack surface

Installing Kali Linux

Using text editors (Vim and GNU nano)

Keeping Kali updated

Managing Kali services

Configuring and using SSH

Installing Nessus on Kali Linux

Introduction

This first chapter covers the basics of setting up and configuring a virtual security lab, which can be used to practice most of the scenarios and exercises addressed throughout this book. Topics addressed in this chapter include the installation of the virtualization software, the installation of various systems in the virtual environment, and the configuration of some of the tools that will be used in the exercises.

Configuring a security lab with VMware Player (Windows)

You can run a virtual security lab on a Windows PC with relatively few available resources by installing VMware Player on your Windows workstation. You can get VMware Player for free or get the more functional alternative, VMware Player Plus, for a low cost.

Getting ready

To download and install VMware Player on the Windows system, follow these steps:

To install VMware Player on your Windows workstation, you will first need to download the software. The download for the free version of VMware Workstation Player can be found at https://my.vmware.com/web/vmware/free.

On this page, scroll down to the VMware Workstation Player link and click on Download.

On page that opens up, select the Windows 64-bit installation package and then click on Download.

There are installation packages available for Linux 64-bit systems as well.

How to do it...

Follow these steps to setup the virtual environment:

Once the software package has been downloaded, you should find it in your default download directory. Double-click on the executable file in this directory to start the installation process. Once started, it is as easy as following the on-screen instructions to complete the installation.

After the installation is complete, you should be able to start VMware Player using the desktop icon, the quick launch icon, or from All Programs. Once it's loaded, you will see the virtual machine library. This library will not yet contain any virtual machines, but they will be populated as you create them in the left-hand side of the screen, as shown in the following screenshot:

Once you have opened VMware Workstation Player, you can select Create a New Virtual Machine to get started. This will initialize a very easy-to-use virtual machine installation wizard:

The first task you need to perform in the installation wizard is to define the installation media. You can choose to install it directly from your host machine's optical drive, or you can use an ISO image file. ISOs will be used for most of the installations discussed in this section, and the place you can get them from will be mentioned in each specific recipe.

For now, we will assume that we browsed to an existing ISO file and clicked on Next. VMware Workstation Player will attempt to determine the operating system of the ISO file you selected. In some cases, it cannot and will ask you what operating system you are installing. In this example, we will choose Debian 8.x and click on Next:

You then need to assign a name for the virtual machine. The virtual machine name is merely an arbitrary value that serves as a label to identify and distinguish it from other VMs in your library. Since a security lab is often classified by a diversity of operating systems, it can be useful to indicate the operating system as part of the virtual machine's name:

The next screen requests a value for the maximum size of the installation. The virtual machine will only consume hard drive space as required, but it will not exceed the value specified here.You should be aware of the minimum required disk space for your operating system and budget appropriately. Additionally, you can also define whether the virtual machine will be contained within a single file or spread across multiple files, as seen in the following screenshot: