📦Metasploitable 3 for VirtualBox

Similar to Getting Metasploitable 3 for VMware Workstation but with fewer steps and minor differences.

Installations

• Packer

• Vagrant

• Vagrant plugins

• Metasploitable 3's vulnerable Linux box, ub1404

• Metasploitable 3's vulnerable Windows Server 2008 box, win2k8

Prerequisite

Before proceeding to the below installation steps, disable Windows Defender's Real-time protection and Cloud-delivered protection. Turn these back on after installing the metasploitable boxes.

1. Installing Packer

Download Packer AMD64 (64-bit) version at https://www.packer.io/downloads

Go to C:\Program Files\ and create a new folder named Packer

Extract the packer.exe to the newly created folder

Launch the Run app, by pressing the Windows key ⊞ + R, then type SystemPropertiesAdvanced

Click Environment Variables...

Look at the System Variables portion then double click on Path

Then click New and paste the directory path C:\Program Files\Packer then press OK

Check if Packer is configured correctly, type and run packer in PowerShell. The result should look like this

2. Installing Vagrant

Download and install Vagrant from https://www.vagrantup.com/downloads

After rebooting when Vagrant's installation is done, check if Vagrant is installed correctly by typing vagrant in PowerShell. The result should look like this

3. Installing Vagrant plugins

Launch PowerShell

Install vagrant-reload plugin, type and run

vagrant plugin install vagrant-reload

Check if the plugins are installed by typing vagrant plugin list. The result should look like this

4. Installing the metasploitable boxes

Go to the directory C:\ and make a new folder named metasploitable3-workspace

Open up PowerShell and traverse to the newly created folder C:\metasploitable3-workspace

Type and run

Invoke-WebRequest -Uri "https://raw.githubusercontent.com/rapid7/metasploitable3/master/Vagrantfile" -OutFile "Vagrantfile"

There should now exist a file named Vagrantfile in the directory

At the same directory location, type and run the below code on PowerShell

vagrant box add rapid7/metasploitable3-ub1404 --provider virtualbox

This will download the prebuilt metasploitable Linux box for VirtualBox. The result should look like this

Back on PowerShell, type and run the below code

vagrant box add rapid7/metasploitable3-win2k8 --provider virtualbox

This will download the prebuilt metasploitable Windows Server 2008 box for VirtualBox. The result should look like this *Note: The win2k8 box size is huge (~6.5 GB) so the download will take a while*

To check if the two boxes are downloaded successfully, type and run vagrant box list on PowerShell. The result should look like this

To deploy these two boxes, type and run

vagrant up --provider=virtualbox

The boxes deployment process should look similar to below

Once vagrant finished the deployment, launch VirtualBox and the metasploitable 3 boxes are automically added and ready. If not, open the boxes up in VirtualBox's default machine folders (I have mine at C:\Users\longp\VirtualBox VMs)

Renewing Windows Server 2008 license

On the metasploitable Windows Server 2008 box, launch PowerShell, type and run

slmgr /rearm

The result should look like this