First off, I know my question sounds confusing.
Brief background information: I am an instructor for a network security penetration test course. I help create scenarios with complex networks via virtual machines. Which my students must attempt to gain access to, all while minimizing their presence within a network.
The intent is for a student to see that there is an Administrator currently logged on which should prompt them to immediately get off before they are caught.
To do this, my goal here is to automate Administrative activity on a machine without a process showing up in the system process list that indicates this is occurring. I want it to "appear" legit.
The only way I've really been able to find out how to hide a process from a system process list would be using very sketchy rootkits that I'd rather not deal with. Unless someone has a solution they would recommend, I'd love to hear your suggestions.
However, I have come up with another potential solution.
My plan is to run the VM that they will access within another VM. I will then use a Autohotkey script on the first VM that will control the mouse and keyboard and simulate these Administrative activities that will kick off shortly after a student gets onto the system.
However, I am having trouble figuring out how to configure the network adapters so that the second VM is accessible from another machine on the physical network. I want to make the first VM "transparent" to them. I'm not too concerned from hiding the first VM's presence from the network, so I don't care if it shows up in a nmap scan or something.
I just want to be able to access a VM within a VM from another box on the same physical network. Is this possible?