/ blog

Creating the Metasploitable 3 VM

Intentionally vulnerable machines

The Metasploitable virtual machines are intentionally vulnerable machines, designed by Rapid 7 - the company behind Metasploit Pro - for training offensive security skills and testing exploits.

Another good source of for such vulnerable virtual machine's are available on VulnHub as well. Some VM's on Vulnhub are special crafted CTF machines, which contains 'flags' to find. These flags represent the crown jewels of your target and are the ultimate goal to obtain. The downside of the these machines is that due to licensing reasons, these are almost exclusively linux machines. That's why I was very stoked that Metasploitable 3 is a Windows VM!

How to install Metasploitable 3 on Windows

Unfortunately, you can't just download en boot Metasploitable 3 in Virtualbox. You need to craft the virtual image yourself. The Metasploitable virtual machines are created with Vagrant and Packer, software products to create virtual development environments.

1. Install prerequisite software
  • First you need to download and install Vagrant. Pick your flavor (x86 or x64) here and install. Reboot afterwards.

  • Additionally, you need to install the Vagrant Reload Plugin. Simply run the following command in the Windows Command Line:

vagrant plugin install vagrant-reload

My example:

  • Next, download the ZIP-file of the Metasploit 3 GitHub. Extract on any location. My location was my Downloads folder.

  • Last, download Packer and extract in the same location as the contents of the Metasploit 3-zip file.

2. Tweaking config file

At my first try, I kept receiving the error "waiting for ssh..". After some research, I found the solution in increasing the _boot___wait time in the windows_2008_r2.json file - in the unzipped Metasploit 3 directory - from 2m to 10m. This gives the VM enough time to boot before SSH starts listening.

2. Run the install script

To run the install script, start Powershell as administrator, change directory to the unzipped Metasploit 3 directory and run the build_win2008.ps1 script. This will take approx 15-20 minutes.


Note: I forgot to move Packer to my working directory first, causing the red error in the screenshot above. You should not see this error.)

2. Vagrant Up

After the script is complete, simply type the following command:

vagrant up

This will cause Vagrant to kick in and run all scripts to make the machine vulnerable and fully configure the VM. When this process is complete your Metasploitable 3 machine is ready to exploit! This process could take up to 30 min.

Login details: vagrant
Password: vagrant

If you use a non-Querty keyboard, keep in mind that during the first boot, you will need the above password as it would be a Querty keyboard