Select Page

This is discussing getting VulnHub ISOs and converting them into AMIs to be used within AWS. This is something that I have found helpful and to me at least helps to provide a very simple way to spin up machines to work on compromising.

  1. Create an AWS bucket. Nothing really much more here, but you will need somewhere to upload the ISO to so it is available within AWS.
  2. Ensure that your AWS CLI is setup with keys for the account you want to work in. Be sure to set your region properly.
  3. You will then need to create a JSON file with the following contents
         "Description": "<<DESCRIPTION YOU WANT TO USE",
         "Format": "ova",
         "Url": "s3://<<BUCKET NAME>>/<<REST OF PATH TO OVA FILE>>"
  4. You can then make a call from the AWS CLI to begin the conversion process
    aws ec2 import-image –description “<<DESCRIPTION YOU WANT TO USE FOR THE TASK>>” –disk-containers “file://<<FILE NAME>>”
  5. You will then get some output that will include task ID (similar to import-ami-xxxxxxxxxx)
  6. You can watch the progress by calling the describe endpoint with the ID from above
    aws ec2 describe-import-image-tasks –import-task-ids import-ami-xxxxxxxxxxxxxxx
  7. From the describe you can also get the specific AMI so that you can start to use it.

Remember AMIs are region specific so you can’t launch an AMI from us-east-2 in us-west-2. Otherwise I hope this helps working with any of the VulnHub OVAs that you want to work with and not have to worry about VirtualBox.