• Home
  • About Us
  • General
  • Wireless
  • Web
  • Scanning
  • Metasploit
  • Hacking Courses
    • OSCP
    • The Virtual Hacking Labs
    • Certified Ethical Hacker (CEH)
    • Hacking Books
  • More
    • Exploit tutorials
    • Pentesting Exchange
    • Networking
    • Malware Analysis
    • Hacking Metasploitable 2/3
    • Digital Forensics
  • Contact
Facebook Twitter Instagram
Trending
  • CVE-2022-3602 and CVE-2022-3786: OpenSSL 3.0.7 patches Critical Vulnerability
  • Installing Rogue-jndi on Kali Linux
  • Log4Shell VMware vCenter Server (CVE-2021-44228)
  • The Great Leak: Microsoft Exchange AutoDiscover Design Flaw
  • CVE-2019-19781: Citrix ADC RCE vulnerability
  • Vulnerability Scanning with OpenVAS 9 part 4: Custom scan configurations
  • Vulnerability Scanning with OpenVAS 9 part 3: Scanning the Network
  • Vulnerability Scanning with OpenVAS 9 part 2: Vulnerability Scanning
Facebook Twitter YouTube Tumblr Instagram Pinterest
Hacking Tutorials
  • Home
  • About Us
  • General
  • Wireless
  • Web
  • Scanning
  • Metasploit
  • Hacking Courses
    • OSCP
    • The Virtual Hacking Labs
    • Certified Ethical Hacker (CEH)
    • Hacking Books
  • More
    • Exploit tutorials
    • Pentesting Exchange
    • Networking
    • Malware Analysis
    • Hacking Metasploitable 2/3
    • Digital Forensics
  • Contact
Hacking Tutorials
You are at:Home » Metasploit Tutorials » How to setup Metasploitable 3 on Windows 10
How to setup Metasploitable 3 on Windows 10 ft

How to setup Metasploitable 3 on Windows 10

28
By Hacking Tutorials on June 14, 2017 Metasploit Tutorials

In this tutorial we will demonstrate how to install Metasploitable 3 in a Windows 10 environment using Vagrant, Packer and Virtualbox. So far we did a number of tutorials on hacking the Metasploitable 2 Linux machine on Hacking Tutorials. We’ve demonstrated how to install Metasploitable 2, how to enumerate it and perform a vulnerability assessment, and finally how to exploit it. As like many vulnerable machines that are for download Metasploitable 2 is a Linux machine. Because of strict licensing policies it a challenge to provide vulnerable Windows machines without breaking any licensing rules. Unfortunately you cannot just download the VM but you have to configure it yourself using a few tools and a Windows 2008 evaluation copy which is downloaded from the Microsoft website.

The installation process is pretty straightforward and should not cause too much trouble when the right dependencies are installed. The biggest part of the installation process is handled automatically by the install scripts. The full installation procedure might take a couple hours in total, be prepared to spend time on the installation of Metasploitable 3.

Before we can continue with the installation procedure we need to install a few dependencies:

  • Packer v1.0.0: https://www.packer.io/downloads.html
  • Vagrant 1.9.1: https://releases.hashicorp.com/vagrant/1.9.1/
  • Vagrant Reload Plugin v0.0.1: https://github.com/aidanns/vagrant-reload
  • Virtualbox 5.1.14: https://www.virtualbox.org/wiki/Downloads

In order to avoid (a lot of) trouble it is recommended to download the exact version as mentioned above. The success rate of the installation script depends greatly on the build environment. For your reference, we’re building the Metasploitable 3 machine on Windows 10 Enterprise x64 Build 15063.

Are you installing Metasploitable 3 on a VM that is running on VMware ESXi like us? Don’t forget to enable ‘Hardware virtualization’ for the VM CPU.

Before we can build the VM we have to install Vagrant and Virtualbox using the downloaded installation files. We will not demonstrate the installation procedure for this software as it’s very straightforward and only involves clicking ‘next’ a couple times. Next we need to install the Vagrant reload plugin and we need to download Packer.

Install Vagrant reload plugin

Change the directory on the command line to the directory where you have downloaded and unpacked the Vagrant Reload plugin. Then run the following command to install the plugin:

vagrant plugin install vagrant-reload

1 Install vagrant-reload
Vagrant plugin vagrant-reload successfully installed.

Now that we have installed the Vagrant reload plugin we can continue with downloading Packer.

Download Packer

The next step is to download Packer from the following download page:

https://www.packer.io/downloads.html

Download the latest version of Packer and unpack it the Metasploitable 3 master directory. Storing the Packer binary in the Metasploitable 3 directory allows us to easily execute it to setup the VM without setting up system variables or using full paths to the binary. After copying the Packer file to the Metasploitable 3 directory we can start setting up the virtual machine.

Creating the Metasploitable 3 VM

Now that we have all pre-requisites installed we can use Packer to setup the Virtual Machine in Virtualbox. Move the command line to the Metasploitable 3 location and run the following command from an elevated command line:

packer build windows_2008_r2.json

Build Metasploitable 3 with Packer
Building the Metasploitable 3 VM will take a while.

This command will take a while to complete because first it will download a Windows 2008 evaluation copy from the Microsoft website. When the download is finished, the script will continue to setup the virtual machine in Virtualbox and install Windows 2008 on the virtual machine. The entire process will take anywhere from 30-60 minutes. This depends on the configuration of your host machine and the speed of your internet connection. When the script is finished the output looks as following:

Build Metasploitable 3 with Packer finished
Metasploitable 3 build process finished without errors.

When the script is finished run the following command:

vagrant box add windows_2008_r2_virtualbox.box –name=metasploitable3

Note: Use 2 dashes for the name parameter here.

vagrant box add windows_2008_r2_virtualbox
Metasploitable 3 added to the Vagrant environment.

Finally we have to run the one more command to have Vagrant execute the scripts that install the vulnerable software on the Windows server 2008 virtual machine. Run the following command and expect to wait another 15-30 minutes until completion:

vagrant up

This will conclude the installation of Metasploitable 3 and you should be able to start the VM within Virtualbox.

Metasploitable 3 installation errors with Vagrant

The Metasploitable 3 setup process is a bit tricky and prone to errors related to specific versions of the prerequisites. Most errors I faced while writing this tutorial were avoided by using the versions of Vagrant, Packer & Virtualbox mentioned earlier in this tutorial. Especially the latest version of Virtualbox resulted in many errors after issuing the vagrant up command.

During the installation of the vulnerable software you might get an error related to the virtual machine state: “The guest machine entered an invalid state while waiting for it to boot.”. When this happens reboot the virtual machine and run the vagrant up command again.

Another error that may occur during the installation of vulnerable software is the following: “chocolatey is not recognized as an internal or external command”. The error didn’t only apply to Chocolatey but also some other scripts. To get rid of this error I’ve added the following directory to the Path variable:

C:\Users\admin\Desktop\metasploitable-3-master\metasploitable-3-master\scripts\installs\

This will make all the scripts in this directory accessible without using a full path. Eventually I had to run the ‘Vagrant up’ command several times before it finished without errors.

Running Kali Linux VM on the same host

If you’re running your Kali Linux virtual machine in Virtualbox on the same host you have to make sure that you set the correct network settings. Otherwise you won’t be able to connect to the Metasploitable 3 machine from your Kali Linux attack box. You’re not required to alter the network settings for the Metasploitable 3 machine, only for the Kali Linux VM:

Metasploitable 3 Kali Linux network settings host only
Choose: Host-only adapter.

Booting Metasploitable 3

Now that we’ve completed the installation procedure for Metasploitable 2 we are ready to boot in in Virtualbox. The default username for the virtual machine is “vagrant” with password “vagrant”. Even though the installation process produced quiet some errors there were none that we couldn’t fix quickly (Google is your friend!). I must say that the developers of Metasploitable 3 did a great job on the installation procedure and providing a vulnerable Windows machine to the public.

In the next tutorials we will be enumerating and exploiting Metasploitable 3 and create a full walkthrough.

Do you prefer immediate access to a full virtual penetration testing environment with 30 vulnerable machines, courseware and a Certificate for less than $99,- USD? Check out: The Virtual Hacking Labs.

Virtual Hacking Labs - Penetration testing lab
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
Previous ArticleCourse: The Virtual Hacking Labs
Next Article Book Review: Advanced Penetration Testing

Related Posts

Vulnerability Scanning with OpenVAS 9 part 3: Scanning the Network

Metasploitable 3: Meterpreter Port forwarding

Metasploitable 3: Exploiting HTTP PUT

28 Comments

  1. Rob Hughes on July 14, 2017 2:26 pm

    Hey Man, you have a typo in your syntax above – which is also reflected in your screen shot.

    vagrant box add windows_2008_r2_virtualbox.box –name=metasploitable3

    should be

    vagrant box add windows_2008_r2_virtualbox.box –-name metasploitable3

    Otherwise you don’t get a metasploit3.box and the vagrant up command fails.

    Other than that, tidy like.

    Reply
    • Hacking Tutorials on July 14, 2017 4:06 pm

      Hi Rob!

      Thanks for your comment! You are right, the command in the screenshot is wrong and this probably caused those errors, thanks for pointing that out!

      The command in the tutorial should now display 2 hyphens instead of an em-dash.

      Best regards,
      Hacking Tutorials

      Reply
  2. Keith on October 21, 2017 4:15 pm

    All i get is that vagrant is not a recognized as an internal or external command.
    I am in the same directory i cannot even see a vagrant file…

    What am i missing?

    Reply
    • Hacking Tutorials on October 23, 2017 9:16 am

      Use double dash before the name option as following:

      vagrant box add windows_2008_r2_virtualbox.box (Use double dash here ->)–name=metasploitable3

      Reply
  3. Sachin on March 23, 2018 12:45 am

    I am setting it up on VMWare Workstation Pro (Uni got free license for students). The kali box and the Metasploitable 3 run on same host. But Kali can’t find the metasploitable 3 machine using nmap. What network settings I need to do?

    Reply
  4. Madan Mallikarjun on April 12, 2018 1:31 am

    Build ‘vmware-iso’ errored: Failed creating VMware driver: Unable to initialize any driver for this platform. The errors
    from each driver are shown below. Please fix at least one driver
    to continue:
    * VMware application not found:
    * VMware application not found:
    * VMware application not found:
    * VMware application not found:

    Reply
  5. Midi on April 30, 2018 7:38 pm

    Hey,

    i installed all and packer is running too, but the command:

    packer build windows_2008_r2.json

    isn’t running. (Failed to parse template: open windows_2008_r2.json)

    What am i doing wrong?

    Reply
    • Hacking Tutorials on May 1, 2018 10:30 am

      Hi,

      Can you post the full error? Does it say that it cannot find the json file?

      Reply
      • gth1995 on August 8, 2018 1:14 am

        how do you resolve this issue ? the full error says “Failed to parse template: open windows_2008_r2.json: The system cannot find the file specified.”

        Reply
        • mark on August 30, 2018 3:56 am

          Yes, I’m getting this error, too. It appears as though as we need to acquire this .json file from somewhere, but the instructions don’t mention anything about it. How do we proceed without it?

          Reply
          • Hacking Tutorials on August 30, 2018 7:59 am

            Can you verify if the the windows_2008_r2.json file is in the directory where you execute the packer command?

    • Nkk on May 21, 2018 7:25 am

      I’m also getting this and was looking for the windows_2008_r2.json but haven’t found it yet. Will let you know if i get this to work.

      Reply
  6. michelle on May 7, 2018 3:12 pm

    Hi i went through all the steps on creating a Metasploitable 3 and no success.. the vm fails.. I have tried this process at least 4 times and no luck. Virtualbox fails to load

    Reply
    • Hacking Tutorials on May 7, 2018 4:18 pm

      Hi, What errors are you getting? Maybe we can help…

      Reply
  7. michelle on May 7, 2018 6:58 pm

    Hi

    thank you for reaching back out –

    All steps seemed to go without problem until I go to start the virtual machine. I get two VirtualBox Errors that say: Failed to open a session for the virtual machine metasploitable3_default_1481161588202_8101. The VM session was aborted. Result Code: E_FAIL (0x80004005) Component: SessionMachine Interface: ISession {7844aa05-b02e-4cdd-a04f-ade4a762e6b7} AND Failed to open a session for the virtual machine metasploitable3_default_1481161588202_8101. Callee RC: E_FAIL (0x80004005) Any idea what could have went wrong? All steps seemed to go well I had no errors until this point.

    Reply
  8. michelle on May 8, 2018 1:43 pm

    PS C:\Users\MickeyM\Downloads\metasploitable3-master\metasploitable3-master> vagrant up win2k8
    Bringing machine ‘win2k8’ up with ‘virtualbox’ provider…
    ==> win2k8: Clearing any previously set forwarded ports…
    ==> win2k8: Clearing any previously set network interfaces…
    ==> win2k8: Preparing network interfaces based on configuration…
    win2k8: Adapter 1: nat
    win2k8: Adapter 2: hostonly
    ==> win2k8: Forwarding ports…
    win2k8: 3389 (guest) => 3389 (host) (adapter 1)
    win2k8: 22 (guest) => 2222 (host) (adapter 1)
    win2k8: 5985 (guest) => 55985 (host) (adapter 1)
    win2k8: 5986 (guest) => 55986 (host) (adapter 1)
    ==> win2k8: Running ‘pre-boot’ VM customizations…
    ==> win2k8: Booting VM…
    There was an error while executing `VBoxManage`, a CLI used by Vagrant
    for controlling VirtualBox. The command and stderr is shown below.

    Command: [“startvm”, “cd8317d0-4538-4e52-81bf-53a5504f69a5”, “–type”, “headless”]

    Stderr: VBoxManage.exe: error: VT-x is not available (VERR_VMX_NO_VMX)
    VBoxManage.exe: error: Details: code E_FAIL (0x80004005), component ConsoleWrap, interface IConsole
    PS C:\Users\MickeyM\Downloads\metasploitable3-master\metasploitable3-master>

    Reply
    • Hacking Tutorials on May 8, 2018 2:21 pm

      This is where it goes wrong:
      Stderr: VBoxManage.exe: error: VT-x is not available (VERR_VMX_NO_VMX)

      Do you maybe have Hyper-V running? This may cause errors when running VirtualBox:

      https://blogs.technet.microsoft.com/gmarchetti/2008/12/07/turning-hyper-v-on-and-off/

      Also make sure that Intel VT virtualization is turned on in BIOS settings and restart the machine.

      Reply
  9. michelle on May 8, 2018 4:35 pm

    I did not have the hyper-v turned on in windows features – i just verified again and it is not on. also the VT virtualization is turned on in the BIOS settings and still getting having the same issue

    Reply
    • Hacking Tutorials on May 9, 2018 6:43 am

      If you go to the VM settings for Metasploitable 3 in Virtualbox -> System -> Acceleration -> Enable VT-x/AMD-V, is this option enabled?

      Reply
  10. raggamix on July 26, 2018 4:23 pm

    Hey, i got this ERROR while the installation process, and all the dependencies are installed as you recommended to download the exact version as mentioned above.

    packer build windows_2008_r2.json
    …
    virtualbox-iso: Executing custom VBoxManage commands…
    virtualbox-iso: Executing: modifyvm metasploitable3-win2k8 –memory 4096
    virtualbox-iso: Executing: modifyvm metasploitable3-win2k8 –cpus 2
    ==> virtualbox-iso: Starting the virtual machine…
    ==> virtualbox-iso: Error starting VM: VBoxManage error: VBoxManage.exe: error: The virtual machine ‘metasploitable3-win2k8’ has terminated unexpectedly during startup with exit code 1 (0x1). More details may be available in ‘C:\Users\sec-pen\VirtualBox VMs\metasploitable3-win2k8\Logs\VBoxHardening.log’
    ==> virtualbox-iso: VBoxManage.exe: error: Details: code E_FAIL (0x80004005), component MachineWrap, interface IMachine
    ==> virtualbox-iso: Unregistering and deleting virtual machine…
    ==> virtualbox-iso: Deleting output directory…
    Build ‘virtualbox-iso’ errored: Error starting VM: VBoxManage error: VBoxManage.exe: error: The virtual machine ‘metasploitable3-win2k8’ has terminated unexpectedly during startup with exit code 1 (0x1). More details may be available in ‘C:\Users\sec-pen\VirtualBox VMs\metasploitable3-win2k8\Logs\VBoxHardening.log’
    VBoxManage.exe: error: Details: code E_FAIL (0x80004005), component MachineWrap, interface IMachine

    ==> Some builds didn’t complete successfully and had errors:
    –> vmware-iso: Error creating disk: VMware error: Failed to initialize logging, can’t open C:\Users\sec-pen\AppData\Local\Temp\vmware-sec-pen\vdiskmanager.log for writing.
    –> virtualbox-iso: Error starting VM: VBoxManage error: VBoxManage.exe: error: The virtual machine ‘metasploitable3-win2k8’ has terminated unexpectedly during startup with exit code 1 (0x1). More details may be available in ‘C:\Users\sec-pen\VirtualBox VMs\metasploitable3-win2k8\Logs\VBoxHardening.log’
    VBoxManage.exe: error: Details: code E_FAIL (0x80004005), component MachineWrap, interface IMachine

    ==> Builds finished but no artifacts were created.

    THANKS FOR YOUR BESTS

    Reply
    • Hacking Tutorials on July 28, 2018 1:47 pm

      Hi, Have you checked the log files the error is referring to?

      Reply
  11. Hasin Hafiz on December 5, 2018 1:27 pm

    I get an error when i start the vm after the last ‘vagrant up win2k8’ command.

    Result Code:
    E_FAIL (0x80004005)
    Component:
    SessionMachine
    Interface:
    ISession {7844aa05-b02e-4cdd-a04f-ade4a762e6b7}

    Reply
  12. Marcin on December 7, 2018 8:04 pm

    Hi guys,
    Can someone explain me why my windows defender detects a Trojan? the package has been downloaded from the git hub

    Reply
  13. Faisal Chawdhary on May 1, 2019 12:43 pm

    Hi,

    Thanks for you step by step instruction of setting up Metasploitable 3.

    I have been onto it since the last 10 hours. All steps completed ok. However, since last few hours, I am now at :

    Progress: Downloading boxstrater.bootstrapper 2.12.0… 100%

    It does not seem to go beyond it.

    Please can you let me know if that’s ok or not.

    Thanks & Regards,
    Faisal

    Reply
  14. kataka on June 4, 2019 9:35 am

    how do i install the application and services with their respective ports in my metasploitable 3 since it lacks them as stated in their wiki github page

    Reply
  15. Florian on January 29, 2020 9:44 pm

    Elasticsearch Install Error
    Script uses file metasploitable3-master\scripts\installs/install_elasticsearch.bat
    –>
    powershell -Command “(New-Object System.Net.WebClient).DownloadFile(‘http://repo1.maven.org/maven2/org/elasticsearch/elasticsearch/1.1.1/elasticsearch-1.1.1.zip’, ‘C:\Windows\Temp\elasticsearch-1.1.1.zip’)” <NUL
    […]
    <–

    URL results in 501 http not allowed (or similar)

    replace with https:// to fix this

    Reply
  16. Florian on January 30, 2020 12:40 am

    Downloading Elasticsearch needs an upgrade:
    http download throws 501-Error.

    metasploitable3-master\scripts\installs\install_elasticsearch.bat
    first line has to be changed using HTTPS/TLS1.2:
    powershell -Command “[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; (New-Object System.Net.WebClient).DownloadFile(‘https://repo1.maven.org/maven2/org/elasticsearch/elasticsearch/1.1.1/elasticsearch-1.1.1.zip’, ‘C:\Windows\Temp\elasticsearch-1.1.1.zip’)” 0<NUL

    Reply
  17. Elisa on June 2, 2020 4:07 pm

    Hello,
    at the step “Install Vagrant reload plugin”, Windows tells me that the word “vagrant” is not recognized. Do I need to install something ?
    Thank you for your help

    Reply

Leave A Reply Cancel Reply

Top Tutorials
By Hacking TutorialsOctober 29, 20220

CVE-2022-3602 and CVE-2022-3786: OpenSSL 3.0.7 patches Critical Vulnerability

By Hacking TutorialsJanuary 10, 20220

Installing Rogue-jndi on Kali Linux

By Hacking TutorialsDecember 17, 20210

Log4Shell VMware vCenter Server (CVE-2021-44228)

By Hacking TutorialsSeptember 27, 20210

The Great Leak: Microsoft Exchange AutoDiscover Design Flaw

By Hacking TutorialsFebruary 4, 20200

CVE-2019-19781: Citrix ADC RCE vulnerability

By Hacking TutorialsNovember 1, 20188

Vulnerability Scanning with OpenVAS 9 part 4: Custom scan configurations

Subscribe

Enter your email address to subscribe to Hacking Tutorials and receive notifications of new tutorials by email.

Join 828 other subscribers
Recent Tutorials
  • CVE-2022-3602 and CVE-2022-3786: OpenSSL 3.0.7 patches Critical Vulnerability
  • Installing Rogue-jndi on Kali Linux
  • Log4Shell VMware vCenter Server (CVE-2021-44228)
  • The Great Leak: Microsoft Exchange AutoDiscover Design Flaw
  • CVE-2019-19781: Citrix ADC RCE vulnerability
Virtual Hacking Labs
Penetration Testin Course and Hacking Labs
Categories
  • Digital Forensics
  • Exploit tutorials
  • General Tutorials
  • Hacking Books
  • Hacking Courses
  • Malware Analysis Tutorials
  • Metasploit Tutorials
  • Networking
  • Pentesting Exchange
  • Scanning Tutorials
  • Web Applications
  • Wifi Hacking Tutorials
Downloads
  • directory_scanner.py (120572 downloads)
  • PEiD-0.95-20081103.zip (111425 downloads)
  • wifi_jammer.py (138169 downloads)
Recent Tutorials
  • CVE-2022-3602 and CVE-2022-3786: OpenSSL 3.0.7 patches Critical Vulnerability
  • Installing Rogue-jndi on Kali Linux
  • Log4Shell VMware vCenter Server (CVE-2021-44228)
  • The Great Leak: Microsoft Exchange AutoDiscover Design Flaw
  • CVE-2019-19781: Citrix ADC RCE vulnerability
  • Vulnerability Scanning with OpenVAS 9 part 4: Custom scan configurations
Popular Tutorials
By Hacking TutorialsSeptember 1, 2016115

Review: Offensive Security Certified Professional (OSCP)

By Hacking TutorialsApril 18, 201738

Exploiting Eternalblue for shell with Empire & Msfconsole

By Hacking TutorialsMarch 17, 201637

Installing VPN on Kali Linux 2016 Rolling

Featured Downloads
  • directory_scanner.py (120572 downloads)
  • PEiD-0.95-20081103.zip (111425 downloads)
  • wifi_jammer.py (138169 downloads)
© Hacking Tutorials 2022

Type above and press Enter to search. Press Esc to cancel.

Go to mobile version