Introduction
Welcome! I am your instructor Mr. Dev. In this blog, we are going to set up Metasploitable 2 on my virtual box.
In this section, I am using Parrot Security Operating System (From where we are going to target the Vulnerable Machine). You can use Kali Linux also.
If you don't know what is ParrotSec, and also don't know about Kali Linux OS then click the below links:
- Parrot Security
- Kali Linux
- Kali Live USB persistence
- Parrot vs Kali
- Best Operating System for Ethical Hacking and Penetration testing
Setting Up Metasploitable 2 on Virtual Machine
The easiest way to get a target machine is to use Metasploitable 2, which is an intentionally vulnerable Ubuntu Linux virtual machine that is designed for testing common vulnerabilities. This virtual machine (VM) is compatible with VMWare, VirtualBox, and other common virtualization platforms.
In this section, we are going to use VirtualBox, which is a free and open-source software for virtualizing the x86 computing architecture.
Follow the below steps to get Metasploitable2 VMs on your VirtualBox:
Step 1: Download and install VirtualBox
Condition 1: If you are a Windows User?
Visit VirtualBox.org and click on the "Download button" to download the latest VirtualBox. Once downloaded, install it and then run.
If You are using Kali or ParrotSec?
It is easy to install any tool when you are a Linux user. You just have to input the appropriate command:
Step 2: Add Extension Pack
Once You install VirtualBox you have to add the extension pack. You can download the extension pack from VirtualBox.org.
- Launch VirtualBox > Preferences > Extention. Now add Extention by clicking the Plus sign and Accept The Licence.
Step 3: Download Metasploitable 2
Download the Metasploitable2 virtual machine from Sourceforge:
Metasploitable - Vulnerable VM for Security Practice
Metasploitable is a vulnerable virtual machine intentionally designed for practicing security testing, penetration testing, and exploit development. It provides a safe environment to learn about various vulnerabilities and practice using tools like Metasploit.
Although there are new versions of Metasploitable available, we will be using this version because it is easier to set up.
Step 4: Extract the Downloaded File
Once the Download is complete click on Extract here to unzip the file ( You can do similar with Linux).
Step 5: Create a VM
- Go to VirtualBox → Click on "New".
- Change name: Metasploit
- Type: Linux
- Version: Other Linux 64 bit
- Allocate Memory size
- Use an exciting Disk Machine size
- Import from the "Metasploitable.vmdx" file.
- Click on Start.
Congratulations! You have successfully managed to install Metasploitable 2 on VirtualBox.
Step 6: Configure the Metasploitable machine network settings
It is most important for you to get a proper connection from the server without any errors.
Remember: the Metasploit server network and the Parrot security must be in the same network.
Click on File > Host Network Manager (ctrl + H):
If you have no Host-only adapter listed click on Create and enable DHCP (It will automatically allocate you a stable IP address):
If you are a Windows user then you might have installed any instance (Kali or ParrotSec) on your VirtualBox.
Change the Network Adapter setting to Host-only Adapter on both instances (Settings > Network):
Metasploitable Settings |
Kali Settings |
If you are using Kali or ParrotSec as the host machine then modify network settings on Metasploit 2:
Step 7: Log in to Metasploitable Virtual Machine
Once you Launch your VM, you have to wait for the terminal to finish loading. Your virtual machine should display the Metasploitable logo. ( IMPORTANT: Your mouse pointer may disappear, this is because the VM has captured it. Press the Ctrl+Alt keys together to get your mouse back).
Log in using the username: msfadmin and password: msfadmin
Great you have now successfully set up your environment. Let’s execute your first hack. Each hack in this manual will start with a goal.