The simple way to learn about hacking is hands on and try by ourselves in our own machine, that's why today we will have a simple tips and trick about how to install Metasploitable on Virtual Box.
Metasploitable is a Linux distribution built for testing security tools and learning penetration testing. The Metasploitable virtual machine is purposely configured with many vulnerable services which can be exploited to gain access to the system. You can use tools such as Nmap, Nikto, and Metasploit to discover services and identify vulnerabilities within those services and learn how to exploit them.
Many people don't realize the importance of practicing, most of them just asking the fastest and instant way to learn about hacking and rushing to try pentesting in a real world because the intention is to hack someone or to hack a system or to vengeance, etc. If you do learn hacking with your passion, what you do is only hands on in your own lab and learn about how things work(e.g:in network, program, web, etc), without you realize you already know many things, knowledge, new skills, and even covered something during your hands on, so don't underestimate practicing 🙂
As we already read about the Metasploitable description above, the disc image included with vulnerable service that can be exploited.
1. Virtual Box
1. Download and install the Virtual Box on your machine (on this example was on windows machine).
2. When installation finished, open your Virtual Box and click New.
3. You can give a name, we give the name Metasploitable just to make sure the name was understandable and easy to recognize.
4. For the memory, you can just leave to 256MB, but if you have more RAM, you can increase this amount.
5. In this create virtual machine window, you can choose the Metasploitable image location that we've already download before (after extract the ZIP file). Click the folder logo on bottom right and locate the Metasploitable image location.
When finished, click Create.
6. The next step is we need to start the machine we just installed. Choose the Metasploitable OS and click Start.
7. The Metasploitable machine now booting and there is log in window.
By default the username: msfadmin and password: msfadmin. You can change the username and password after log in and become root.
1. If we see the message warning "Never expose this VM to an untrusted network". If you're in a public wi-fi or public network where everyone connected to the same network, it's good and better if we keep this network inside a NAT since this OS was vulnerable. Otherwise you can make it accessible so it can accessed by your attacker machine.
Hope you found it useful 🙂