Good evening everybody. Sometime back, I wrote an article on how to set up a virtual penetration testing lab using Vmware Workstation. But Vmware Workstation is a commercial product.
Today I am going to show you how to create a pentest lab in VirtualBox absolutely free of cost. I hope this tutorial will be helpful for many beginners into cyber security domain.
What do we need?
1. Oracle VirtualBox. (Download)
2. Kali Linux. (Download)
3. Metasploitable 2. (Download)
Oracle VirtualBox is the virtualization software we will be using to create our lab. We will be using Kali Linux as the attacker machine and Metasploitable 2 as the victim machine. Install Kali Linux and Metasploitable 2 in VirtualBox.
Select Kali Linux, Go to settings > network. Enable “network adapter 1″. Set the “Attached to” option to “internal network”. Set the name of the network adapter to “intnet”. Click on “OK” to save the settings.
Do the same for Metasploitable virtual machine.
Power on the metasploitable VM. Log into the system. Default username and password are “msfadmin”.
Type the command “ifconfig” to see the IP addresses of interfaces.
The ‘lo’ interface is the loopback. Now we are going to set the IP address on the interface “eth0”. Type the command “sudo ifconfig eth0 10.10.10.2 netmask 255.0.0.0 up”. The sudo password is “msfadmin. Verify that the IP address is set by typing command “ifconfig”.
Power on Kali Linux. In the terminal, type command “ifconfig eth0 10.10.10.1 netmask 255.0.0.0 up”. Verify if the IP address is set by typing command “ifconfig”.
Test whether this system can communicate with victim system by pinging the victim machine as shown below.
The connection is successful. Our penetration testing lab is ready. Happy practising.