From the past series of computer archeology I wanted to try this in a long time. So what I did was first to get simh VAX NetBSD simulation running on a decent machine (not Ci20)
All the information on how to get NetBSD 8_BETA running on SimH-VAX can be found here -> https://astr0baby.wordpress.com/2018/03/11/running-vax-netbsd-on-mipsel-ci20-creator-board-via-simh/
I have managed to build some binary pkgsrc packages for NetBSD VAX (Including ruby24) with help from @kittenpies3 and keep a repo available here http://45.76.81.249/pkgsrc/vax-simh/
Unfortunately I cannot yet get postgresql-xx-client to build correctly on the VAX NetBSD via pkgsrc so metasploit-current bundler install fails on the pg-0.20.0 gem fails to build due to missing postgresql packages. Hopefully this will get sorted out in the future.
Now Im not expecting metasploit-framework-current (5.0-dev) to run on 256 MB RAM Vax NetBSD system, but at least a test on msfvenom file generation could be done. However what works quite well is the last pre-ruby metasploit-framework 2.8-dev which we gonna try here just now.
Among other tools git is compiled for NetBSD VAX and you can actually use it and pull the metasploit framework2 to you VAX
[user@vaxnetbsd root]# git clone https://github.com/metasploit/framework2.git
Once we get a local copy, I have quickly prepared 2 VirtualBox VMs to test against
- Windows 2000
- Windows XP SP2
In order for these simulated/virtualized systems to speak to each other over TCP/IP I have used the following trick to connect bot the SimH and Virtual Box VMs
For my VAX simh environment I use the following script to prepare network
#Setup tap and bridge tunctl -t tap0 -u user ifconfig tap0 up brctl addbr br0 brctl addif br0 eth0 vboxnet0 brctl setfd br0 0 ifconfig eth0 10.0.2.1 up ifconfig br0 10.0.2.2 netmask 255.255.255.0 broadcast 10.0.2.255 up brctl addif br0 tap0 vboxnet0 ifconfig tap0 0.0.0.0 sysctl net.ipv4.ip_forward=1 iptables -A FORWARD --in-interface eth0 -j ACCEPT iptables --table nat -A POSTROUTING --out-interface wlan0 -j MASQUERADE
On my Virtual Box machine I only use host-only-adapter and set IP manually on Windows
Once all systems are up, they should be able to speak to each other and we can try to exploit the Windows 2000 and Windows XP from the VAX NetBSD simulation.
Attacking Windows 2000
Attacking Windows XP SP2