Getting Started with Metasploitable2 and Kali Linux

In this article, by Michael Hixon, the author of the book, Kali Linux Network Scanning Cookbook - Second Edition, we will be covering:

  1. Installing Metasploitable2
  2. Installing Kali Linux
  3. Managing Kali services

(For more resources related to this topic, see here.)

We need to first configure a security lab environment using VMware Player (Windows) or VMware Fusion (macOS), and then install Ubuntu server and Windows server on the VMware Player.

Installing Metasploitable2

Metasploitable2 is an intentionally vulnerable Linux distribution and is also a highly effective security training tool. It comes fully loaded with a large number of vulnerable network services and also includes several vulnerable web applications.

Getting ready

Prior to installing Metasploitable2 in your virtual security lab, you will first need to download it from the Web. There are many mirrors and torrents available for this. One relatively easy method to acquire Metasploitable is to download it from SourceForge at the following URL: http://sourceforge.net/projects/metasploitable/files/Metasploitable2/.

How to do it…

Installing Metasploitable2 is likely to be one of the easiest installations that you will perform in your security lab. This is because it is already prepared as a VMware virtual machine when it is downloaded from SourceForge.

  1. Once the ZIP file has been downloaded, you can easily extract the contents of this file in Windows or macOS by double-clicking on it in Explorer or Finder respectively. Have a look at the following screenshot:

     Kali Linux Network Scanning Cookbook

  2. Once extracted, the ZIP file will return a directory with five additional files inside. Included among these files is the VMware VMX file. To use Metasploitable in VMware, just click on the File drop-down menu and click on Open. Then, browse to the directory created from the ZIP extraction process and open Metasploitable.vmx as shown in the following screenshot:

     Kali Linux Network Scanning Cookbook

  3. Once the VMX file has been opened, it should be included in your virtual machine library. Select it from the library and click on Run to start the VM and get the following screen:

    Kali Linux Network Scanning Cookbook

  4. After the VM loads, the splash screen will appear and request login credentials. The default credential to log in is msfadmin for both the username and password. This machine can also be accessed via SSH.

How it works…

Metasploitable was built with the idea of security testing education in mind. This is a highly effective tool, but it must be handled with care. The Metasploitable system should never be exposed to any untrusted networks. It should never be assigned a publicly routable IP address, and port forwarding should not be used to make services accessible over the Network Address Translation (NAT) interface.

Installing Kali Linux

Kali Linux is known as one of the best hacking distributions providing an entire arsenal of penetration testing tools. The developers recently released Kali Linux 2016.2 which solidified their efforts in making it a rolling distribution. Different desktop environments have been released along side GNOME in this release, such as e17, LXDE, Xfce, MATE and KDE. Kali Linux will be kept updated with latest improvements and tools by weekly updated ISOs.  We will be using Kali Linux 2016.2 with GNOME as our development environment for many of the scanning scripts.

Getting ready

Prior to installing Kali Linux in your virtual security testing lab, you will need to acquire the ISO file (image file) from a trusted source. The Kali Linux ISO can be downloaded at http://www.kali.org/downloads/.

How to do it…

  1. After selecting the Kali Linux .iso file you will be asked what operating system you are installing.  Currently Kali Linux is built on Debian 8.x, choose this and click Continue.

    Kali Linux Network Scanning Cookbook

  2. You will see a finish screen but lets customize the settings first.  Kali Linux requires at least 15 GB of hard disk space and a minimum for 512 MB RAM.

    Kali Linux Network Scanning Cookbook

  3. After booting from the Kali Linux image file, you will be presented with the initial boot menu. Here, scroll down to the sixth option, Install, and pressEnter to start the installation process:

    Kali Linux Network Scanning Cookbook

  4. Once started, you will be guided through a series of questions to complete the installation process. Initially, you will be asked to provide your location (country) and language. You will then be provided with an option to manually select your keyboard configuration or use a guided detection process.
  5. The next step will request that you provide a hostname for the system. If the system will be joined to a domain, ensure that the hostname is unique, as shown in the following screenshot:

    Kali Linux Network Scanning Cookbook

  6. Next, you will need to set the password for the root account. It is recommended that this be a fairly complex password that will not be easily compromised. Have a look at the following screenshot:

     Kali Linux Network Scanning Cookbook

  7. Next, you will be asked to provide the time zone you are located in. The system will use IP geolocation to provide its best guess of your location. If this is not correct, manually select the correct time zone:

    Kali Linux Network Scanning Cookbook

  8. To set up your disk partition, using the default method and partitioning scheme should be sufficient for lab purposes:

     Kali Linux Network Scanning Cookbook

  9. It is recommended that you use a mirror to ensure that your software in Kali Linux is kept up to date:

    Kali Linux Network Scanning Cookbook

  10. Next, you will be asked to provide an HTTP proxy address. An external HTTP proxy is not required for any of the exercises, so this can be left blank:

     Kali Linux Network Scanning Cookbook

  11. Finally, choose Yes to install the GRUB boot loader and then press Enter to complete the installation process. When the system loads, you can log in with the root account and the password provided during the installation:

    Kali Linux Network Scanning Cookbook

How it works…

Kali Linux is a Debian Linux distribution that has a large number of preinstalled, third-party penetration tools. While all of these tools could be acquired and installed independently, the organization and implementation that Kali Linux provides makes it a useful tool for any serious penetration tester. 

Managing Kali services

Having certain services start automatically can be useful in Kali Linux.  For example lets say I want to be able to SSH to my Kali Linux distribution.  By default the SSH server does not start on Kali, so I would need to log into the virtual machine, open a terminal and run the command to start the service.

Getting ready

Prior to modifying the Kali Linux configuration, you will need to have installed the operating system on a virtual machine.

How to do it…

  1. We begin by logging into our Kali Linux distribution and opening a terminal window.  Type in the following command:

    Kali Linux Network Scanning Cookbook

  2. More than likely it is already installed and you will see a message as follows:

    Kali Linux Network Scanning Cookbook

  3. So now that we know it is installed, let us see if the service is running.  From the terminal type:

      Kali Linux Network Scanning Cookbook

  4. If the SSH server is not running you will see something like this:

     Kali Linux Network Scanning Cookbook

  5. TypeCtrl +C to get back to the prompt.  Now lets start the service and check the status again by typing the following command:

     Kali Linux Network Scanning Cookbook

  6. You should now see something like the following:

     /sites/default/files/Article-Images/

  7. So now the service is running, great, but if we reboot we will see that the service does not start automatically.  To get the service to start every time we boot we need to make a few configuration changes.  Kali Linux puts in extra measures to make sure you do not have services starting automatically.  Specifically, it has a service whitelist and blacklist file.  So to get SSH to start at boot we will need to remove the SSH service from the blacklist.  To do this open a terminal and type the following command:

  8. Navigate down to the section labeled List of blacklisted init scripts and find ssh.  Now we will just add a # symbol to the beginning of that line, save the file and exit.  The file should look similar to the following screenshot:

  9. Now that we have removed the blacklist policy, all we need to do is enable ssh at boot.  To do this run the following commands from your terminal:

That’s it!  Now when you reboot the service will begin automatically. You can use this same procedure to start other services automatically at boot time.

How it works…

The rc.local file is executed after all the normal Linux services have started.  It can be used to start services you want available after you boot your machine.

Summary

In this article, we learnt about Metasploitable2 and it's installation. We also covered what is Kali Linux, how it is installed, and the services it provides. Kali Linux is a useful tool for any serious penetration tester by the organization and implementation provided by it.  

Resources for Article:


Further resources on this subject:

  1. Getting Started with Metasploitable2 and Kali Linux [article]
  2. Wireless Attacks in Kali Linux [article]
  3. Introduction to Penetration Testing and Kali Linux [article]

You've been reading an excerpt of:

Kali Linux Network Scanning Cookbook - Second Edition

Explore Title
comments powered by Disqus