Setup Hacking Lab with Metasploitable [7 Easy Steps]

Setup hacking lab - Introduction

With the rise of cyber crime there has come a need for more cyber security experts which is bound to increase in the coming days. In this tutorial I will help you setup hacking lab. A hacking lab is where you can carry out your penetration experiments without the fear of having to go against the laid cyber security laws and policies. We will install Kali Linux (a penetration testing operating system) and Metasploitable (a vulnerable Linux image to practice penetration testing on).

A penetration hacking lab consists of an attack orchestrating Operating System which in our case we will use the Kali Linux operating system and a vulnerable operating system which in our case is the Metasploitable 2. Kali Linux will be used to perform attacks against the vulnerable Metasploitable. These attacks are simulations of real life attacks which are known by the penetration tester but are done in a safe and controlled environment

Advertisement

 

Overview on Penetration testing

Penetration testing also known as pentesting, is the art of attempting to evaluate security of an IT system by simulation of attacks on known vulnerabilities of a system. A pentester is a hacker authorised by the system owner to carry out attacks on the system in order to help the IT team harden their systems before they are put to use in order to avoid attacks which may cost a fortune.

 

Overview on Mesploitable 2

Metasploitable is a Linux operating system which has the commonly known vulnerabilities. It was developed by Rapid 7 organization for the purpose of training aspiring penetration testers in a safe environment. In the below tutorial, we will be downloading and installing it on our Virtual Box to complete building our hacking lab.

 

System requirements

  • A PC running windows operating system 7/8/10.
  • OS capable of running all of the required applications.
  • VT-x/AMD-V Supported Processor recommended.
  • A minimum of 30GB hard disk space.
  • A minimum of 4GB RAM.

 

Pre-requisites

 

Steps to setup hacking lab for penetration testing

Step-1: Download Metasploitable Image

In this tutorial we are going to use oracle VirtualBox to deploy Metasploitable. But you can use the same image to install it via VMware Workstation Player as well.

Download metasploitable using the official sourceforge.net.

After download is complete, extract it to the folder of your own liking as shown below.

Setup Hacking Lab with Metasploitable [5 Easy Steps]

 

Step 2: Create new VM

We can now run our oracle virtual box to install metasploitable 2. Open Oracle Virtual BoxMachine New to create a New VM.

Advertisement

We are going to create VM in Expert Mode so that we can be able to adjust the disk space to be used and other settings as required. Hence on this screen we choose to install in expert mode.

Setup Hacking Lab with Metasploitable [5 Easy Steps]

 

Step-3: Configure VM (Disk, RAM)

We first need to create a virtual hard disk drive so that we can later add metasploitable virtual machine disk as shown below and click create.

We also need to enter the amount of RAM to be used by our metasploitable machine. Metasploitable has no GUI, we can only access it via the terminal hence it does not require that a large amount of RAM. In our case we will use 2 GB of RAM. This will be enough for carrying out our penetration testing.

Setup Hacking Lab with Metasploitable [5 Easy Steps]

The main purpose of metasploitable is just to carry penetration tests on it hence the virtual disk does not require large amounts of space so we will just one additional disk of 8GB. To add another disk, select the VM -> Click on Settings icon -> Select Storage -> Click + icon in the corner to Controller:IDE to add Hard Drive -> Click on Create to create a new disk -> Select VDI -> Select Dynamically allocated -> Provide the path of the disk and size (We choose default 8GB) and click on create to create a new virtual disk.

Next select your disk and Attach to the VM. Click OK to save.

Setup Hacking Lab with Metasploitable [5 Easy Steps]

 

Step-4: Configure Network

It is recommended to use the default network settings for the VM. But I have some use case to use it across my private network so I will choose Bridged Network.

Setup Hacking Lab with Metasploitable [5 Easy Steps]

 

Step-5: Power on the VM

Next we fire up the virtual machine.

Setup Hacking Lab with Metasploitable [5 Easy Steps]

Once the VM boots up, we can see that our metasploitable VM is ready for penetration testing.

Advertisement
NOTE:
Default username and password for Metasploitable is msfadmin

Setup Hacking Lab with Metasploitable [5 Easy Steps]

We are now through with setting up a hacking lab and ready to start penetration testing.

 

Step-6: Get Network details of Metasploitable VM

Next check the IP details of your Metasploitable VM. We will use this IP to access the metasploitable dashboard on the browser. Here as you can see, my IP address is 192.168.0.160

Setup Hacking Lab with Metasploitable [8 Easy Steps]

 

Step-7: Access Metasploitable dashboard

Now we can use the same IP to access our metasploutable dashboard using any browser:

Setup Hacking Lab with Metasploitable [8 Easy Steps]

Now we can click on any of the options to access the respective tool as shown above.

 

Summary

In the above guide, we have setup hacking lab on which we can perform our penetration testing without the fear of going against the law. We have full control of the lab as we can adjust space required by the Operating System on virtual box and other important factors such as the RAM and the network configuration. We can now be able to perform penetration testing of the commonly know vulnerabilities for machines running on Linux operating system. No damage or loss can be incurred while using the lab for penetration testing.

 

Didn't find what you were looking for? Perform a quick search across GoLinuxCloud

If my articles on GoLinuxCloud has helped you, kindly consider buying me a coffee as a token of appreciation.

Buy GoLinuxCloud a Coffee

For any other feedbacks or questions you can either use the comments section or contact me form.

Thank You for your support!!

Leave a Comment