Metasploitable 2 Installing on Kali Linux

Metasploitable is a virtual machine image that is intentionally vulnerable and created for cybersecurity students to learn ethical hacking on own environment.

Metasploitable2 is a second version of Metasploitable and it is very good and safe to use and learn penetration testing. Attacking others system with out proper permission will be illegal, and they won't give permission to hack their system to new learners.

Install Metasploitable 2 in Kali Linux
So, we need to set up own vulnerable system in our penetration testing lab and learn thing by own. Previously we talked about setting up some easy penetration testing lab setup. Now we learn how we can install Metasploitable2 in our Kali Linux system. We can find a lots of tutorial on the internet but they all install it on Windows Virtualbox/VMware.

Metasploitable2 is a OS disk image file that can be run from VMware/VirtualBox. So first we need to have a virtualization software like VMware or VirtualBox. Lets install KVM (Kernel Virtual Machine) in our Kali Linux system by using following command:

sudo apt-get install qemu-kvm libvirt0 virt-manager libguestfs-tools

Now this will take some time so, we are going for a coffee 🍵.  This also requires a reboot to finish the installation. If this installation process got any error for dependencies then we need to install dependencies manually or our comment box is opened for solutions.

After installing this we can run KVM by using following command:

virt-manager

After running this command our virtual machine manager box will opened as the following screenshot:

KVM in Kali Linux
KVM main menu
Now we can add ISO images here. But we need to download the Metasploitable2 ISO image. We can download it from sourceforge.

It is a quite big image file with 865MB in size. Downloading this depends on internet speed. After download we can extract the zip file as we did it in the following screenshot:

Metasploitable2 unzipped files
Our required file is highlited
After downloading this we can can add this on our KVM. On the KVM main menu we need to click on the ➕ icon to create a new virtual machine, and choose "import existing disk image" as we did in the following screenshot:
import exiting disk image on KVM

Now we click on forward option, and we got a window like following:

KVM adding disk images
Here we need to click on Browse>Browse Local ,then we select our Metasploitable2 disk image. Shown in the next screenshot:

choosing metasploitable2 disk image in KVM
Then we click on Open. Then our image file will selected and in the operating system we search for Generic(default) to set it. Shows in the following screenshot:

Disk image and operating system selection

Now we move forward and KVM will ask us for RAM and CPU. The Default will be 1024 MB(1GB) RAM and 1 CPU. We will go with the default. Metasploitable2 can be run easily on 512 MB RAM.

CPU and RAM allocating for metasploitable2
Then we again go forward.
Last step this configuration
Here we can give any name to our machine and click on "Finish".

YOO, our Metasploitable2 system will start on KVM and run all the services inside it. As we can see in the following screenshot:

Metasploitable2 in KVM

After finishing the set up in some seconds it will ask for login. The default username and password will be msfadmin . After a sucessful login we can see the command line interface of metasploitable as following screenshot:

Metasploitable2 in Kali Linux

Now we check the IP address of the Metasploitable2 machine by using following command:

ip addr

The output on the metasploitable machine is following:

Finding IP address in Metasploitabe2 Machine

Now in the above screenshot we can see that our Metasploitable2 machine's Ip address is 192.168.122.118. This may be diffrent for everyone becase our local network assign this IP address.

We can open this IP address on our browser.

Metasploitable2 in browser

Now we can practice our penetration testing skills on this machine. We can find vulnerabilities on this machine and exploit it.

For an example we just did a nmap scan to find open ports, and we found a lots of vulnerable ports.

metasploitable2 port scan

We just need to find the way to exploit these vulnerabilities. We can use msfconsole or Google to find and exploit them.

This was about how we can install Metasploitable2 in our Kali Linux system and how we can practice it. This will improve our skills on cybersecurity.

Liked our tutorial then don't forgot to follow us on Twitter. For any problem and inquiry please leave a comment on the comment section. We always reply.

No comments:

Please do not spam here. It is comment box not a spambox. Promotional links are not allowed.

Powered by Blogger.