Thursday, May 1, 2014

Metasploitable 2 Linux - Most Vulnerable OS in the town : Introduction and Installation

What is Metasploitable 2

The Metasploitable virtual machine is an intentionally vulnerable version of Ubuntu Linux designed for testing security tools and demonstrating common vulnerabilities. Version 2 of this virtual machine is available for download and ships with even more vulnerabilities than the original image. This virtual machine is compatible with VMWare, VirtualBox, and other common virtualization platforms. By default, Metasploitable's network interfaces are bound to the NAT and Host-only network adapters, and the image should never be exposed to a hostile network.   [Quoted from Rapid7]

Download and install metasploitable linux

Firstly, I'd list some requirements- 10 to 30 GB disk space for metasploitable (Kali would need a similar amount of disk space), 1GB ram for metasploitable (a total of 4GB would be great, 1gb for kali, 1gb for metasploit, and 2gb will keep your host OS running). If you have all this, which you probably should, then go ahead and download Metasploitable from sourceforge. -
The last time I checked, the download was a zip file.

 After extracting it, no installation is needed. What IS needed is a virtual machine software like Vmware or virtualbox. You can use Virtual Box, which is free, or VmWare workstation, which you'll have to buy, Vmware player is free, and will serve most of your purposes. I am using Vmware Workstation, and will give the instructions for it. Detailed guides are available for all of these on the internet, and I won't waste much time with it. Assuming you have downloaded and extracted the Metasploitable file, and installed Vmware Workstation, follow these instruction-

Open Vmware workstation. Click on file -> Open. Something like this will pop out. After that browse to the location where you extracted the Metasploitable file. It must look somewhat like this. Click on open. You will see something with Vmware icon. Open that one.

Your Virtual machine will be up and running within a few minutes. Depending on the situation, a few more
next and enter stuff would be required, but the instructions provided by the program would be simple and clear and you can help yourself.

Once you've started Metasploitable

You'll have a login prompt, and the login username and password would be given right there. It would be msfadmin, if you can't seem to find it. Nothing else needs to be done here. Now your target is ready, but you are far from done. If this is not your visit to this blog, then you have probably already installed Kali Linux and know how to use it. If you have been following this blog for a long time, then you also know how to use Metasploit to hack Windows machine, and are ready to jump to the next post. So if you have to OS, and the basic hacking skills, then you can stop here and move to the next post, else read on.

Next Post : Vulnerability assessment and exploiting metasploitable 2

Kali Linux and metasploit

While its not necessary to use Kali Linux, and Backtrack, Backbox Linux and other Linux distributions will work well too, there is no reason why NOT to use Kali Linux. It simplifies everything for you, providing you with 100s of tools pre-installed, and is specifically designed for pentesting. It has some advantages over Backtrack, most importantly, it has been written from scratch in Debian and has resolved most of the backtrack issues. It comes preinstalled with Metasploit, so it takes down one step. I have written enough posts on installing Kali Linux to write another one here, so I'm just gonna provide links to posts on my blog which you should read and then come back here. If you expected to read just one post and become 'that cool kid who can hack anything', then you are up for a disappointment. Here is what you should do-

Kali Linux must read post (its must read for a reason, do read it)   Kali Linux Installation post 
The metaploit tutorials (you only have to read the first few to reach the point from where you can come back here, but reading them all would be great. And you don't just 'read', you follow the instructions and do the necessary)-


  1. lolz thats hacking? youre a noob just copy and paste other peoples stuff. shame on u

    1. hi... no shaming please... this site is a tutorial for noobs and newbies like me :D - fyi...

    2. what are you talking about? this article never claimed to be about hacking weirdo. It's setting up metasploitable 2. Wow....some pple have a lot of nerve when they're clearly the new ones!

    3. what are you talking about? this article never claimed to be about hacking weirdo. It's setting up metasploitable 2. Wow....some pple have a lot of nerve when they're clearly the new ones!

  2. I simply must tell you that you have written an excellent and unique article that I really enjoyed reading. I’m fascinated by how well you laid out your material and presented your views. It is just what I was looking for and quite thorough as well. Thanks for posting this, I saw a couple other similar posts but yours was the best so far. The ideas are strongly pointed out and clearly emphasized. Thank you.

    Veronica Segura
    Contact me @ Custom essay writing service

  3. Guys! If some of you look for excellent service for essay or homework, you can ask this people for help! They rally know how to do it, and you'll be so pleased about it! So do not be shy and text to them annotated bibliography website maker and be prepared for help! Excellent luck and have fun!

  4. Research Proposal Pakistan is the go-to choice for conducting in-depth studies and analyses, offering a wide range of research topics to explore and investigate. Get ready to delve into a world of knowledge and discovery with its comprehensive proposal development process.

  5. In my opinion, this is a piece full of useful information that demonstrates a high level of knowledge.

  6. Tutorials are instructional guides or sessions that offer detailed step-by-step explanations to assist individuals in learning a specific skill or understanding a particular subject. These educational resources can take various formats, including written instructions, video demonstrations, or interactive online sessions. Tutorials are widely used in academic settings, online learning platforms, and industries to provide accessible and practical learning experiences.
    uncontested divorce in virginia
    virginia statute of limitations personal injury
    abogado de accidentes de semi camiones
    northern virginia personal injury attorney

  7. This is such an amazing post! I really appreciate how much research and effort you put into creating this detailed and thoughtful content. Keep up the fantastic work! I always look forward to reading your posts because they're so well-researched and engaging.
    virginia personal injury statute of limitations
    motorcycle accident injury attorney


© Kali Tutorials, 2016. Unauthorized use and/or duplication of this material without express and written permission from this site’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to Shashwat Chaudhary and Kali Tutorials with appropriate and specific direction to the original content.