Virtual machine

All posts tagged Virtual machine

Good evening everybody. Sometime back, I wrote an article on how to set up a virtual penetration testing lab using Vmware Workstation. But Vmware Workstation is a commercial product.

Today I am going to show you how to create a pentest lab in VirtualBox absolutely free of cost. I hope this tutorial will be helpful for many beginners into cyber security domain.

What do we need?

1. Oracle VirtualBox. (Download)

2. Kali Linux. (Download)

3. Metasploitable 2. (Download)

Oracle VirtualBox is the virtualization software we will be using to create our lab. We will be using Kali Linux as the attacker machine and Metasploitable 2 as the victim machine. Install Kali Linux and Metasploitable 2 in VirtualBox.

See how to install Kali Linux in VirtualBox.

See how to install Metasploitable in VirtualBox.

pentestlab1

 

Select Kali Linux, Go to settings > network. Enable “network adapter 1″. Set the “Attached to” option to “internal network”. Set the name of the network adapter to “intnet”. Click on “OK” to save the settings.

pentestlab2

 

Do the same for Metasploitable virtual machine.

pentestlab3

 

Power on the metasploitable VM. Log into the system. Default username and password are “msfadmin”.

pentestlab4

 

Type the command “ifconfig” to see the IP addresses of interfaces.

pentestlab5

 

The ‘lo’ interface is the loopback. Now we are going to set the IP address on the interface “eth0”. Type the command “sudo ifconfig eth0 10.10.10.2 netmask 255.0.0.0 up”. The sudo password is “msfadmin. Verify that the IP address is set by typing command “ifconfig”.

pentestlab6

 

Power on Kali Linux. In the terminal, type command “ifconfig eth0 10.10.10.1 netmask 255.0.0.0 up”. Verify if the IP address is set by typing command “ifconfig”.

pentestlab7

 

Test whether this system can communicate with victim system by pinging the victim machine as shown below.

pentestlab8

 

The connection is successful. Our penetration testing lab is ready. Happy practising.


Today I’m gonna show you how to install metasploitable in VirtualBox. Metasploitable is a Linux virtual machine made vulnerable intentionally for testing purposes. This virtual machine can be used to conduct security training, test security tools, and practice common penetration testing techniques.  For this i am going to use Metasploitable 2 which can be downloaded from here. After downloading the zip archive, extract the files into a folder. The file contents look like below.

metasploitable1

Open VirtualBox and click on “New Virtual machine wizard”. Type the name of your choice. I am using ‘Metasploitable-2‘. Choose ‘Type’ as Linux and ‘version’ as Ubuntu. Click on “Next”.

metasploitable2

Choose the memory size appropriate to the availability of RAM on your host machine although 512MB is more than enough. Click on “Next”.

metasploitable3

In the hard drive creation window, select option “Use an existing virtual hard drive”, browse to the folder where we have extracted our zip files and select the ‘vmdk’ file available. Click on “Create”.

metasploitable4

Then you are automatically booted into the metasploitable OS. The default username and password are “msfadmin”.

metasploitable5

NOTE : Kali Linux version 2017.1 has been released and I decided to update this howto. Ofcourse,  this guide also works with previous releases of Kali Linux. 

Hi Friends. as you already know, the latest version of Kali, Kali rolling edition 2017.1 has been released. The rolling edition of Kali Linux gives users the best of all worlds – the stability of Debian, together with the latest versions of the many outstanding penetration testing tools created and shared by the information security community. The best feature I like in this version is constantly updated tools. Now let us see how to install this latest version of Kali linux in virtualbox and I assure you, this will be the easiest guide.

For this howto, I am using the latest version of Oracle Virtualbox, i.e version 5.1.22. Ever since Sana has been released, the makers of Kali Linux have also released Pre-built virtual images for virtualbox and Vmware. We will use that virtualbox image in this howto. Go here and download the Pre-built virtualbox image. They are as shown below (Download the latest version).

sanarvb0

This howto is using the Kali Linux 32bit VBox PAE . Your downloaded contents should look like below. As you can see, we have an ova file.

 

Now open Virtualbox and click on File>Import Appliance as shown below.

sanarvb3

A window like below will open.

sanarvb4

Now browse to the location of the ova file we just downloaded as shown below and  click on Next.

 

The system will present you a summary of settings used for  thsi VM. If you want to make any changes, change and click on Import.

The importing process will start as shown below. It will take some time, but it will be worth the wait.

 

After import is completed, a new virtual machine is automatically created as shown below.

 

Power on the machine. As the virtual machine powers up, it will prompt for username and password. The default username is “root” and password is “toor”.

Given below is our Kali Linux rolling 2017.1 successfully installed in Virtualbox. No need of installing guest additions. If you face any problems during installation, please comment. I will be happy to help you.

sanarvb12