- Metasploitable2 Hacking LAB Setup 7 696x391 - Metasploitable2 : Hacking Real Machine in your LAB

Metasploitable2 : Hacking / Pen-testing on Real Machine in your LAB: Your Hacking LAB Setup. If you also wonder what it is like to hack a machine in real time, but confused in all the legalities of hacking or pen-testing, here is the solution for you. I will keep this tutorial short precise and explore more on real time hacking with vulnerabilities. So if any doubts please post comments where required.

Prerequisites

The list can vary based on setup you want based on few variables, like if you are already running some box or Kali or want to go in Windows based environments, least matters, you can take whatever you like, little risk and allot of learning . So all basics are listed below along with link for each.

Machine Configuration

Windows Host: you will have only one option to use two machines connected by NAT Network mode and 2 Virtual Machines running 1- Kali Linux Image that you downloaded above 2- Metasploitable 2 machine , use NAT network mode unless you are using your Host OS as attacking machine with tools like nmap metasploit and other installed. Or you can use Bridged mode if you are sure that you are exposing machine to internet to get a IP just like your real machine, bridged is only when you are sure you wont be harmed or non-production environment.

Kali Linux Host : Here you can have only one metasploitable machine running as you can use Host OS that is kali linux as your attacking OS, so accordingly you can choose Host only mode or Bridged according to needs, I advise Host only mode. If still you plan to run two VMs that is another Kali VM, go for NAT mode.

A Peek into Setup in Kali Linux

I am using VMWare, steps are very similar to Virtual Box and Windows too. Follow below steps to setup.

Assuming the above prerequisites are downloaded

I am running these on Kali Linux to run one less VM

- Kali Linux as Host OS - Metasploitable2 : Hacking Real Machine in your LAB

Vmware File Menu –> Open –> Locate the Metasploitable2 OVF File (Extracted), and Open and select location where you want to save the Virtual Machine

Metasploitable 2 OVF FIle, Open this in VMWare / VirtualBox  - Metasploitable 1 Downlaoded OVF File - Metasploitable2 : Hacking Real Machine in your LAB
Metasploitable 2 OVF FIle, Open this in VMWare / VirtualBox

File is now Imported in VMWare, We have a Metasploitable2 machine in VMWare.

Metasploitable2 Machine in VMware in Kali Linux Host  - Metasploitable2 Imported in Vmware - Metasploitable2 : Hacking Real Machine in your LAB
Metasploitable2 Machine in VMware in Kali Linux Host

Next we Setup the Network Mode and ready to hack the machine .

Choosing between Host only ,NAT  or Bridged Mode in Network Settings of Machine  - Metasploitable2 Setting the Network Mode for communication - Metasploitable2 : Hacking Real Machine in your LAB
Choosing between Host only ,NAT or Bridged Mode in Network Settings of Machine

So we start the machine pressing Green Button in Vmware bar.

Metasploitable2 Start the Metasploitable2 VMware Machine  - Metasploitable2 Start the Metasploitable2 VMware Machine - Metasploitable2 : Hacking Real Machine in your LAB
Metasploitable2 Start the Metasploitable2 VMware Machine

So now the machine is up and running with a screen like below.

Metasploitable2 - First screen, username and password is msfadmin:msfadmin  - Metasploitable2 Hacking LAB Setup 7 - Metasploitable2 : Hacking Real Machine in your LAB
Metasploitable2 – First screen, username and password is msfadmin:msfadmin

We now check the IP Assigned to machine after Login in with username and password both msfadmin:msfadmin

Metsasploitable2 : Check IP by ifconfig and check the eth0 inet addr  - Metasploitable2 Hacking LAB Setup 8 - Metasploitable2 : Hacking Real Machine in your LAB
Metsasploitable2 : Check IP by ifconfig and check the eth0 inet addr

and further we check if the machine is reachable from our Host OS ( Kali Linux ) by a simple ping command in Terminal

a simple ping from Host OS to check if Virtual Machine is reachable by ping <IP Address> -c 3  - Metasploitable2 Hacking LAB Setup 9 - Metasploitable2 : Hacking Real Machine in your LAB
a simple ping from Host OS to check if Virtual Machine is reachable by ping -c 3

Further we run a basic nmap, very basic to check ports open on Metasploitable2 Machine

We also need to know the ports services and more about machine, so a simple nmap command to get open ports  - Metasploitable2 Hacking LAB Setup 10 - Metasploitable2 : Hacking Real Machine in your LAB
We also need to know the ports services and more about machine, so a simple nmap command to get open ports
nmap <IP Address>

We also check the IP in our browser as Metsaploitable2 also comes with few Web Pen-testing LAB . So you can browse these and learn web pen-testing as well.

Metasploitable2 machine IP Address in Host OS Browser to find we also have few Web Application hosted for Hacking / Pentesting  - Metasploitable2 Hacking LAB Setup 11 - Metasploitable2 : Hacking Real Machine in your LAB
Metasploitable2 machine IP Address in Host OS Browser to find we also have few Web Application hosted for Hacking / Pen-testing

In the coming post we start a series of finding the Vulnerabilities and Exploiting the one by one. I will try to post in more details how to find and exploit on live machines so that it could be as close to real world as possible.
Stay Tuned for More Hacking, will be posting more.



Source link

No tags for this post.

LEAVE A REPLY

Please enter your comment!
Please enter your name here