# Metasploitable 3 for VirtualBox

<figure><img src="/files/sb1PDUhOuV4dnthvDn2V" alt=""><figcaption></figcaption></figure>

Similar to [Getting Metasploitable 3 for VMware Workstation](/longs-cybersecurity/homelabs/metasploitable-3-for-vmware-workstation.md) but with fewer steps and minor differences.

## Installations

* [Packer](#1.-installing-packer)
* [Vagrant](#2.-installing-vagrant)
* [Vagrant plugins](#4.-installing-vagrant-plugins)
* [Metasploitable 3's vulnerable Linux box, ub1404](https://app.vagrantup.com/rapid7/boxes/metasploitable3-ub1404)
* [Metasploitable 3's vulnerable Windows Server 2008 box, win2k8](https://app.vagrantup.com/rapid7/boxes/metasploitable3-win2k8)

## Prerequisite

Before proceeding to the below installation steps, disable **Windows Defender**'s **Real-time protection** and **Cloud-delivered protection**. Turn these back on after installing the metasploitable boxes.&#x20;

<figure><img src="/files/jsCJsNOLXYWj73mQtN0D" alt=""><figcaption></figcaption></figure>

## 1. Installing Packer

Download Packer AMD64 (64-bit) version at <https://www.packer.io/downloads>

Go to **C:\Program Files\\** and create a new folder named **Packer**

Extract the **packer.exe** to the newly created folder

Launch the **Run** app, by pressing the **Windows key ⊞ + R**, then type **SystemPropertiesAdvanced**\ <img src="/files/FUReS3ctfkrJjpF20HdT" alt="" data-size="original">

Click **Environment Variables...**\
![](/files/lXqRQw1EyShLcIIke1yK)

Look at the **System Variables** portion then double click on **Path**

![](/files/vIxeskYnoHAJNYCQj1lR)

Then click **New** and paste the directory path **C:\Program Files\Packer** then press **OK**\
![](/files/ydu9VGY6TGodXqrZyTps)

Check if Packer is configured correctly, type and run  `packer` in PowerShell. The result should look like this

<figure><img src="/files/rlWTnXb4OQPDsOBHqF19" alt=""><figcaption></figcaption></figure>

## 2. Installing Vagrant

Download and install Vagrant from <https://www.vagrantup.com/downloads>

After rebooting when Vagrant's installation is done, check if Vagrant is installed correctly by typing `vagrant` in PowerShel&#x6C;*.* The result should look like this

<figure><img src="/files/owhgdgs8w54hbAo5swhN" alt=""><figcaption></figcaption></figure>

## 3. Installing Vagrant plugins

Launch **PowerShell**

Install **vagrant-reload** plugin, type and run

```
vagrant plugin install vagrant-reload
```

Check if the plugins are installed by typing `vagrant plugin list`. The result should look like this<br>

<figure><img src="/files/BOWF1TKZo7VgL4M0KAa7" alt=""><figcaption></figcaption></figure>

## 4. Installing the metasploitable boxes

Go to the directory **C:\\** and make a new folder named **metasploitable3-workspace**&#x20;

Open up **PowerShell** and traverse to the newly created folder **C:\metasploitable3-workspace**

Type and run&#x20;

```
Invoke-WebRequest -Uri "https://raw.githubusercontent.com/rapid7/metasploitable3/master/Vagrantfile" -OutFile "Vagrantfile"
```

There should now exist a file named [**Vagrantfile**](https://www.vagrantup.com/docs/vagrantfile) in the directory

<figure><img src="/files/pTQY7ti2Epy8oqVKJsZa" alt=""><figcaption></figcaption></figure>

At the same directory location, type and run the below code on PowerShell

```
vagrant box add rapid7/metasploitable3-ub1404 --provider virtualbox
```

This will download the prebuilt metasploitable Linux box for VirtualBox. The result should look like this

<figure><img src="/files/MQhJH2dzcZTDDu9i974p" alt=""><figcaption></figcaption></figure>

Back on PowerShel&#x6C;**,** type and run the below code

```
vagrant box add rapid7/metasploitable3-win2k8 --provider virtualbox
```

This will download the prebuilt metasploitable Windows Server 2008 box for VirtualBox. The result should look like this \
\
\*Note: The win2k8 box size is huge (\~6.5 GB) so the download will take a while\*

<figure><img src="/files/RTKkOb51bOPQlLuf7Ev6" alt=""><figcaption></figcaption></figure>

To check if the two boxes are downloaded successfully, type and run `vagrant box list` on PowerShel&#x6C;**.** The result should look like this

<figure><img src="/files/G6RsAqOET8WOGsJdf8Jd" alt=""><figcaption></figcaption></figure>

To deploy these two boxes, type and run&#x20;

```
vagrant up --provider=virtualbox
```

The boxes deployment process should look similar to below<br>

<figure><img src="/files/9A1VbbP2io287VFnKish" alt=""><figcaption></figcaption></figure>

Once vagrant finished the deployment, launch VirtualBox and the metasploitable 3 boxes are automically added and ready. If not, open the boxes up in VirtualBox's default machine folders (I have mine at **C:\Users\longp\VirtualBox VMs**)<br>

<figure><img src="/files/5HYcvIPsQl4VpCY4MQUw" alt=""><figcaption></figcaption></figure>

<figure><img src="/files/dgmHu7H9rOXfyL7xYrBC" alt=""><figcaption></figcaption></figure>

<figure><img src="/files/sTSro3HyPCvRAaKvwl37" alt=""><figcaption></figcaption></figure>

## Renewing Windows Server 2008 license&#x20;

On the metasploitable Windows Server 2008 box, launch PowerShell, type and run

```
slmgr /rearm
```

The result should look like this

<figure><img src="/files/VwC4s1G7mXarP6pBcp3z" alt=""><figcaption></figcaption></figure>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://longholdpham.gitbook.io/longs-cybersecurity/homelabs/metasploitable-3-for-virtualbox.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.