In this assignment, you'll need 2 virtual machines ("VMs") installed, configured, and communicating on your computer: An Attack VM (Kali Linux) and a Target VM (Metasploitable2). This assignmentis the basis for, anda prerequisiteto, Assignment 9.0.
NOTE: We are a team, so make sure you post questions and comments to the "Questions" forum, "Assignments8 and 9"thread. I encourage you to help each other as much as possible: just don't provide any specific commands, answers, or codein your posts. If you are still having issues, email medirectly.
Oh yes, DO NOT TARGET ANY HOSTS OTHER THAN YOUR TARGET VM. It would probably be illegal, and we like to keep ITS on friendly terms.
Setting up your virtual environment
Kali Attack install
1. Download and install your virtualization software (VMware)
Windows and Linux:https://my.vmware.com/en/web/vmware/free#desktop_end_user_computing/vmware_workstation_player/12_0
Apple:https://my.vmware.com/en/web/vmware/info/slug/desktop_end_user_computing/vmware_fusion/8_0
2. Download the Kali Linux 64 bit VM (not ISO)
https://www.offensive-security.com/kali-linux-vmware-virtualbox-image-download/
3. Extract image to folder
- Requires a decompression utility for 7zip files
4. Run VMware and open a new virtual machine, point to the Kali .vmdk for it's hard drive file
5. Boot Kali, logon,and verify network and internet connectivity.
- Username: root
- Password: toor
Metasploitable2 Target install
6. DownloadMetasploitable2
http://sourceforge.net/projects/metasploitable/files/Metasploitable2/
7.Extract the virtual drive to a folder
8. Load up your Kali Linux VM and add yourMetasploitable2 image in VMware player
- Run your existing Kali Linux VM
- Create a new VM pointing to theMetasploitable 2 .vmdkfile as the virtual arddrive.Here is aYouTubevideo on how to install the image inVWware(https://www.youtube.com/watch?v=cr4hVz45gP8)
9. Logon and verify network connectivity and demonstrate that bothVMshave a VALID IP address.
- Username: msfadmin
- Password: msfadmin
10. Reconnaissance:Use 'nmap'from the Attack VM to scan the TargetVM foropen ports, services reported, version numbers, operating system detected
- Recall the commands in the previous assignment as they are valid for this assignment as well.
Results to submit
-Please submitscreenshotswith descriptions of the following to Blackboard as a single .pdffile.
- 'ifconfig'on Attack
- 'ifconfig'on Target
- Successful 'ping' to Google.com from Attack
- Successful 'ping 'to Google.com from Target
- Successful 'ping'from Attack to Target
- NMAP results from Attack to Target -open ports, services reported, version numbers, operating system detected
Tips: Check to make sureVMWarePlayer has the NIC enabled for theVMs, allowing network connectivity