In this brief tutorial, we will be installing a vulnerable version of the Java runtime environment and manually linking the corresponding Firefox plugin. As with any lab environment, it is good practice to begin with a clean, up-to-date OS and be wary of its network connections!
Finding Your Target JRE
Odds are, your package manager only keeps relatively new JRE's on file. So to go back in time, we need to visit Oracle's Java archives. In order to download past versions of Java you need to have a registered Oracle account and navigate to http://www.oracle.com/technetwork/java/javase/archive-139210.html.
From there you should be able to download your desired JRE in tar.gz form for your lab's architecture.
Install the JRE
Once we have a Java archive, we need to extract it to an installation directory (ie /usr/java).
cd /usr/java tar zxvf /path/to/your/jre-version-linux-arch.tar.gz
If your project would benefit from quick access to the java binaries, you can add them to the path.
export PATH="/usr/java/jre/bin:$PATH" source .bashrc
Install the Firefox Plugin
If your testing involves drive-by attacks, then we need to configure our new vulnerable JRE to be the environment for a web browser plugin. So to link the plugin to Firefox, symlink the libnpjp2.so file to your plugins directory.
cd ~/.mozilla/plugins
For a 32 bit plugin:
ln -s /path/to/jre/lib/i386/libnpjp2.so .
For a 64 bit plugin:
ln -s /path/to/jre/lib/amd64/libnpjp2.so .
Finally, double check your plugin by launching Firefox and navigating to about:plugins.
You should see your version with a (STATE_VULNERABLE_UPDATE_AVAILABLE). Success!