Create a training environment for Metasploitable 2

29/12/2020
Chưa phân loại
LinuxHint previously published an article on Metasploit installation and basic commands. This new tutorial is part of a series of tutorials to get started with Metasploit, an offensive security framework with vulnerabilities and exploits database which makes hacking easy or possible for users without high knowledge on security or programming.

Basically Metasploit allows us to choose exploits according to vulnerabilities of the target and execute them, but it also has auxiliary modules which allow us to scan in order to find  or confirm such vulnerabilities, to improvise brute force attacks among more. Metasploit supports integration of reports made by different scanners such as Openvas, Nessus and of course Nexpose.

The first step to get started with metasploit is to create a vulnerable environment we can exploit using Metasploit tools. In this tutorial we will install that environment shared by Rapid7 (Metasploit and Nexpose publisher) which consists of a virtual machine full of vulnerabilities we can detect and exploit for training purposes, Metasploit. Rapid 7 published Metasploitable 3  but due a lot of bug reports to build the VM in Debian based systems we are using Metasploitable 2 for this series of tutorials so you can follow the steps without getting stuck with Virtualbox, Vagrant and Packer issues related to Metasploitable 3..

Note: This tutorial assumes you already have VirtualBox installed, if you don’t and your aren’t familiarized with VBox and are Ubuntu user read this article on VBox before continuing, or this one if you are Arch Linux user. You can also use Metasploitable with other virtualization software like VMware. To install VirtualBox Debian users should run:

echo "deb http://download.virtualbox.org/virtualbox/debian stretch contrib"
| sudo tee /etc/apt/sources.list.d/virtualbox.list

Then run:

apt update
apt upgrade
apt install virtualbox

Getting Metasploitable:

To download Metasploitable 2 access https://information.rapid7.com/download-metasploitable-2017.html and scroll down to the form, fill it and press on “SUBMIT”.

Then press on the download button “Download Metasploitable now

Once downloaded, unzip Metasploitable by running:

unzip -x metasploitable-linux-2.0.0.zip

The command will extract some images from which you’ll use Metasploitable.vmdk.

To continue launch Virtualbox and click on the blue icon NEW.

Set your VM name, select Other Linux 32 and press on Next

Metasploitable won’t need too much memory, here you assign the memory for your virtual device and press Next.

Now select “Use an existing virtual hard drive” and select the Metasploit vmdk image you unzipped before and press “Create

In my case it gave an error preventing me from booting as shown in the image below:

To fix it,  on Virtualbox main screen  go to Settings> System> Processor and enable PAE/NX, then press OK and boot again.

Then start your Metasploit 2 VM, it should boot now.

Metasploitable is installed, msfadmin is user and password. In the next tutorial we’ll use metasploit to scan and detect vulnerabilities on this metasploitable VM.

I hope this tutorial helped to install metasploitable 2 in an easy way.

ONET IDC thành lập vào năm 2012, là công ty chuyên nghiệp tại Việt Nam trong lĩnh vực cung cấp dịch vụ Hosting, VPS, máy chủ vật lý, dịch vụ Firewall Anti DDoS, SSL… Với 10 năm xây dựng và phát triển, ứng dụng nhiều công nghệ hiện đại, ONET IDC đã giúp hàng ngàn khách hàng tin tưởng lựa chọn, mang lại sự ổn định tuyệt đối cho website của khách hàng để thúc đẩy việc kinh doanh đạt được hiệu quả và thành công.
Bài viết liên quan

Introduction to Linux Server Security Hardening

Securing your Linux server(s) is a difficult and time consuming task for System Administrators but its necessary to harden...
29/12/2020

How to Update Zorin OS

Zorin OS is an Ubuntu based Linux distribution specially made for people new to Linux, people moving from Windows and macOS...
29/12/2020

[Cobbler] Tổng quan về PXE – Preboot eXecution Environment

Theo các truyền thống khi bạn muốn cài đặt hệ điều hành cho một thiết bị PC, server nào...
30/12/2020
Bài Viết

Bài Viết Mới Cập Nhật

Reliable IPv4 and IPv6 Subnet Rental Services: The Perfect Solution for Global Businesses
23/12/2024

Tìm Hiểu Về Thuê Proxy US – Lợi Ích và Cách Sử Dụng Hiệu Quả
11/12/2024

Mua Proxy V6 Nuôi Facebook Spam Hiệu Quả Tại Onetcomvn
03/06/2024

Hướng dẫn cách sử dụng ProxyDroid để duyệt web ẩn danh
03/06/2024

Mua proxy Onet uy tín tại Onet.com.vn
03/06/2024