Today I’m gonna show you how to install metasploitable in VirtualBox. Metasploitable is a Linux virtual machine made vulnerable intentionally for testing purposes. This virtual machine can be used to conduct security training, test security tools, and practice common penetration testing techniques. For this i am going to use Metasploitable 2 which can be downloaded from here. After downloading the zip archive, extract the files into a folder. The file contents look like below.
Open VirtualBox and click on “New Virtual machine wizard”. Type the name of your choice. I am using ‘Metasploitable-2‘. Choose ‘Type’ as Linux and ‘version’ as Ubuntu. Click on “Next”.
Choose the memory size appropriate to the availability of RAM on your host machine although 512MB is more than enough. Click on “Next”.
In the hard drive creation window, select option “Use an existing virtual hard drive”, browse to the folder where we have extracted our zip files and select the ‘vmdk’ file available. Click on “Create”.
Then you are automatically booted into the metasploitable OS. The default username and password are “msfadmin”.
Ubuntu server comes default with a Command line interface. Of course we can install GUI in Ubuntu Server if we find command line troublesome. Here are the steps.
First navigate to the “etc/apt” directory and open a file named “sources.list.d” using the command “vi sources.list.d”.
Then check whether software from “universe” ad “multiverse” repositories are allowed.
Then type the command “sudo apt-get update” to update all repositories.
After updating is finished, type the command “sudo apt-get upgrade”.
Then type the command “sudo apt-get install ubuntu-desktop”. It will take some time to finish all the processes.
After the installation is finished, restart the server to see your GUI interface.
Windows provides a property to hide folders. We can set the view property of folder we want to hide to ‘hidden’, then go to “Folder and search” options, go to “view” tab and select Don’t show hidden files,folders and drives option.
The disadvantage with this method is that once we select “Show hidden files,folders and drives” from the “Folder and Search” options all our hidden files are visible. What if we want to hide our folder completely, completely in the sense that it is not visible even if we set our settings to show all hidden files. Let’s see how to hide a folder completely in Windows.
Here, I want to hide a folder named “Secret”.
Go to command line. Navigate to the directory where the folder we want to hide is located. Type the command “attrib +s +h secret” (batch programming is not case sensitive ) and hit Enter.
Now we can see that the file we hid is not visible even if we set our properties to show hidden files.
If you want to unhide your hidden file, go to command line and type the command “attrib -s -h secret.”
Windows Server 2012 introduced a new configuration option called Minimal Server Interface. Minimal Server Interface is in simple words compromise between Server GUI Full Installation and Server Core installation. Minimal Server Interface installation reduces footprint of the server to some extent thus decreasing security hazards. In the same time it increases deployment scenarios. Let’s see how to convert Server GUI to Minimal Server Interface in Windows server 2012. If you want to convert Server GUI full installation to Server Core installation, read here.
Following tools are installed in Minimal Server Interface.
- Server Manager
- Some Control Panel Applets
The items which are not installed during Minimal Server Interface are
- Start Screen
- Windows Explorer
- Internet Explorer
Login as Administrator. Open “Powershell”. Type the command
“Uninstall-WindowsFeature Server-Gui-Shell -remove” and Press “Enter”.
After collecting some data, the system will start removing the Server-Gui-Shell.
After the removal of Server-gui-shell is finished, the system will ask us to restart the system.
Restart the system by typing “shutdown -r -t 0″. The system will reboot to Minimal server Interface which will look like below.