{"id":510,"date":"2024-05-11T04:40:33","date_gmt":"2024-05-11T04:40:33","guid":{"rendered":"https:\/\/hackmybox.com\/?p=510"},"modified":"2024-08-15T07:00:55","modified_gmt":"2024-08-15T07:00:55","slug":"building-your-own-pentest-box-part-1-setting-up-metasploitable-3","status":"publish","type":"post","link":"https:\/\/hackmybox.com\/index.php\/2024\/05\/11\/building-your-own-pentest-box-part-1-setting-up-metasploitable-3\/","title":{"rendered":"Building Your Own Pentest Box: Part 1 &#8211; Setting Up Metasploitable 3"},"content":{"rendered":"\n<p>Background: Metasploitable3 is a virtual machine (VM) purposefully designed with numerous security vulnerabilities. It serves as a target for testing exploits using Metasploit.<\/p>\n\n\n\n<p>My hardware details: I&#8217;m using a Dell T320 with 48GB of memory, running an Intel(R) Xeon(R) CPU E5-2403 v2 processor, and Windows 10 Pro Version 10.0.19045 Build 19045. However, this setup can be installed on any laptop or desktop with a VT-x\/AMD-V supported processor and preferably at least 8 to 16GB of memory.<\/p>\n\n\n\n<p>Software requirements:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Packer<\/li>\n\n\n\n<li>Vagrant<\/li>\n\n\n\n<li>Vagrant Reload Plugin<\/li>\n\n\n\n<li>VirtualBox<\/li>\n<\/ul>\n\n\n\n<p>1. Download and install VirtualBox (version 7.0.18) from the link below. Proceed with the default settings until the installation completes.<\/p>\n\n\n\n<p><a href=\"https:\/\/www.virtualbox.org\/wiki\/Downloads\">https:\/\/www.virtualbox.org\/wiki\/Downloads<\/a><\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"490\" height=\"384\" src=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-10.png\" alt=\"\" class=\"wp-image-521\" srcset=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-10.png 490w, https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-10-300x235.png 300w\" sizes=\"auto, (max-width: 490px) 100vw, 490px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p>2.Clone this repository and navigate to the main directory, or alternatively, download the ZIP file and save it to your desktop.<\/p>\n\n\n\n<p><a href=\"https:\/\/github.com\/rapid7\/metasploitable3\">https:\/\/github.com\/rapid7\/metasploitable3<\/a><\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"723\" height=\"473\" src=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image.png\" alt=\"\" class=\"wp-image-511\" srcset=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image.png 723w, https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-300x196.png 300w\" sizes=\"auto, (max-width: 723px) 100vw, 723px\" \/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"779\" height=\"536\" src=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-1.png\" alt=\"\" class=\"wp-image-512\" style=\"width:712px;height:auto\" srcset=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-1.png 779w, https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-1-300x206.png 300w, https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-1-768x528.png 768w\" sizes=\"auto, (max-width: 779px) 100vw, 779px\" \/><\/figure>\n\n\n\n<p>3. Download Packer (version 1.9.4) from the link provided below. Create a folder named &#8216;Packer&#8217; under Program Files and paste the downloaded files into it.<\/p>\n\n\n\n<p><a href=\"https:\/\/developer.hashicorp.com\/packer\/install\">https:\/\/developer.hashicorp.com\/packer\/install<\/a><\/p>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"571\" height=\"213\" src=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-3.png\" alt=\"\" class=\"wp-image-514\" srcset=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-3.png 571w, https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-3-300x112.png 300w\" sizes=\"auto, (max-width: 571px) 100vw, 571px\" \/><\/figure>\n\n\n\n<p>4. Configure environment variables: Go to Control Panel &gt; System &gt; Advanced System Settings &gt; Environment Variables. Edit the &#8216;Path&#8217; variable, then add the entry &#8216;C:\\Program Files\\Packer&#8217;.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"407\" height=\"463\" src=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-4.png\" alt=\"\" class=\"wp-image-515\" srcset=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-4.png 407w, https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-4-264x300.png 264w\" sizes=\"auto, (max-width: 407px) 100vw, 407px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"535\" src=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-5-1024x535.png\" alt=\"\" class=\"wp-image-516\" srcset=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-5-1024x535.png 1024w, https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-5-300x157.png 300w, https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-5-768x401.png 768w, https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-5.png 1116w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p>5. Download and install Vagrant 2.4.1 from the link provided below. Proceed with the straightforward installation process by accepting the defaults until it finishes.<\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><a href=\"https:\/\/developer.hashicorp.com\/vagrant\/install\">Install | Vagrant | HashiCorp Developer<\/a><\/p>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"492\" height=\"383\" src=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-2.png\" alt=\"\" class=\"wp-image-513\" style=\"width:493px;height:auto\" srcset=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-2.png 492w, https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-2-300x234.png 300w\" sizes=\"auto, (max-width: 492px) 100vw, 492px\" \/><\/figure>\n\n\n\n<p>7. Open the command prompt (cmd) and install the Vagrant plugins. Test by checking the installed version.<\/p>\n\n\n\n<p>vagrant plugin install vagrant-vbguest&nbsp;<\/p>\n\n\n\n<p>vagrant plugin install vagrant-reload<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"585\" height=\"124\" src=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-18.png\" alt=\"\" class=\"wp-image-544\" srcset=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-18.png 585w, https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-18-300x64.png 300w\" sizes=\"auto, (max-width: 585px) 100vw, 585px\" \/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"445\" height=\"90\" src=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-7.png\" alt=\"\" class=\"wp-image-518\" srcset=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-7.png 445w, https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-7-300x61.png 300w\" sizes=\"auto, (max-width: 445px) 100vw, 445px\" \/><\/figure>\n\n\n\n<p>8. In PowerShell, execute the following Packer command to build the base VM image. Once the process is complete, you will see logs displayed as shown below:<\/p>\n\n\n\n<p>Set-ExecutionPolicy Bypass<\/p>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"835\" height=\"104\" src=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-11.png\" alt=\"\" class=\"wp-image-522\" srcset=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-11.png 835w, https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-11-300x37.png 300w, https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-11-768x96.png 768w, https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-11-825x104.png 825w\" sizes=\"auto, (max-width: 835px) 100vw, 835px\" \/><\/figure>\n\n\n\n<p>packer build &#8211;only=virtualbox-iso .\/packer\/templates\/windows_2008_r2.json<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"871\" height=\"215\" src=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-16.png\" alt=\"\" class=\"wp-image-538\" srcset=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-16.png 871w, https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-16-300x74.png 300w, https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-16-768x190.png 768w\" sizes=\"auto, (max-width: 871px) 100vw, 871px\" \/><\/figure>\n\n\n\n<p>9. After creating the base Vagrant box, you need to add it to your Vagrant environment. This can be accomplished with the following command:<\/p>\n\n\n\n<p> vagrant box add packer\/builds\/windows_2008_r2_*_0.1.0.box &#8211;name=rapid7\/metasploitable3-win2k8.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"859\" height=\"69\" src=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-8.png\" alt=\"\" class=\"wp-image-519\" srcset=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-8.png 859w, https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-8-300x24.png 300w, https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-8-768x62.png 768w\" sizes=\"auto, (max-width: 859px) 100vw, 859px\" \/><\/figure>\n\n\n\n<p>10. To start the VM, run the command vagrant up win2k8<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"667\" height=\"157\" src=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-17.png\" alt=\"\" class=\"wp-image-541\" srcset=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-17.png 667w, https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-17-300x71.png 300w\" sizes=\"auto, (max-width: 667px) 100vw, 667px\" \/><\/figure>\n\n\n\n<p>11. Once this process is complete, you can open the VM in VirtualBox and log in. The default credentials are:<br>Username: vagrant<br>Password: vagrant<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"984\" height=\"677\" src=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-12.png\" alt=\"\" class=\"wp-image-523\" srcset=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-12.png 984w, https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-12-300x206.png 300w, https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-12-768x528.png 768w\" sizes=\"auto, (max-width: 984px) 100vw, 984px\" \/><\/figure>\n\n\n\n<p>12. Lastly, check the VirtualBox VM settings. The recommended network setting for security purposes is NAT Network.<\/p>\n\n\n\n<p>Go to File -> Tools -> Network Manager -> Create<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"675\" height=\"532\" src=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-21.png\" alt=\"\" class=\"wp-image-551\" srcset=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-21.png 675w, https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-21-300x236.png 300w\" sizes=\"auto, (max-width: 675px) 100vw, 675px\" \/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"675\" height=\"532\" src=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-22.png\" alt=\"\" class=\"wp-image-553\" srcset=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-22.png 675w, https:\/\/hackmybox.com\/wp-content\/uploads\/2024\/05\/image-22-300x236.png 300w\" sizes=\"auto, (max-width: 675px) 100vw, 675px\" \/><\/figure>\n\n\n\n<p>Reference : <a href=\"https:\/\/github.com\/rapid7\/metasploitable3\">GitHub &#8211; rapid7\/metasploitable3: Metasploitable3 is a VM that is built from the ground up with a large amount of security vulnerabilities<\/a><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p>Next time, we&#8217;ll be setting up Kali Linux on a VirtualBox and exploring how to utilize tools for penetration testing.<\/p>\n\n\n\n<p>Thank you, everyone, and God bless!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Background: Metasploitable3 is a virtual machine (VM) purposefully designed with numerous security vulnerabilities. It serves as a target for testing exploits using Metasploit. My hardware details: I&#8217;m using a Dell T320 with 48GB of memory, running an Intel(R) Xeon(R) CPU E5-2403 v2 processor, and Windows 10 Pro Version 10.0.19045 Build 19045. However, this setup can [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":787,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"site-container-style":"default","site-container-layout":"default","site-sidebar-layout":"default","site-transparent-header":"default","prose-style":"enable","disable-article-header":"default","disable-site-header":"default","disable-site-footer":"default","disable-content-area-spacing":"default","footnotes":""},"categories":[12],"tags":[],"class_list":["post-510","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-labs"],"_links":{"self":[{"href":"https:\/\/hackmybox.com\/index.php\/wp-json\/wp\/v2\/posts\/510","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hackmybox.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hackmybox.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hackmybox.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/hackmybox.com\/index.php\/wp-json\/wp\/v2\/comments?post=510"}],"version-history":[{"count":12,"href":"https:\/\/hackmybox.com\/index.php\/wp-json\/wp\/v2\/posts\/510\/revisions"}],"predecessor-version":[{"id":788,"href":"https:\/\/hackmybox.com\/index.php\/wp-json\/wp\/v2\/posts\/510\/revisions\/788"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/hackmybox.com\/index.php\/wp-json\/wp\/v2\/media\/787"}],"wp:attachment":[{"href":"https:\/\/hackmybox.com\/index.php\/wp-json\/wp\/v2\/media?parent=510"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hackmybox.com\/index.php\/wp-json\/wp\/v2\/categories?post=510"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hackmybox.com\/index.php\/wp-json\/wp\/v2\/tags?post=510"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}