IMPORTANT NOTE: At the time of writing, Metasploitable 2 has no synthetic drivers for Hyper-V and so cannot communicate with the server via a virtual switch, even using the drives from the Linux Integration Services (https://www.microsoft.com/en-us/download/details.aspx?id=55106)
In preparation for some ethical hacking sessions I’m running soon, I wanted a hypervisor I could easily spin up virtual servers on (or run multiple targets on) and was easy to manage. As I had a decommissioned server and a Microsoft Server 2012 R2 license for it, I decided to use that with Hyper-V for the virtualisation.
Get the MetaSploitable VM
You can download the MetaSploitable 2 VM either via the Rapid7 website here or via SourceForge here. I recommend downloading it directly to the Hyper-V host you plan to deploy it on.
Once downloaded, unzip the file and you’ll see the following files in it:
Metasploitable.vmdk
Metasploitable.vmsd
Metasploitable.vmx
Metasploitable.vmxf
Metasploitable.nvram
The key file there – as you can probably tell from the file size of around 1.7GB – is Metasploitable.vmdk. Unfortnately for us, this is a type of virtual machine file format used by VMWare (and also VirtualBox) but not supported by Hyper-V.
Converting the VM
Fortunately Microsoft realised this could impact take up of Hyper-V and so have provided a free conversion tool, the Microsoft Virtual Machine Converter which you can download from here:
https://www.microsoft.com/en-us/download/details.aspx?id=42497
Once you have downloaded and installed the program, you need to use Powershell to do a simple conversion:
Open a Powershell windows with administrative privilrges
Exectute the following Powershell command:
Import-Module 'C:\Program Files\Microsoft Virtual Machine Converter\MvmcCmdlet.psd1'
You’ll need to consider the format of the disk you want (either VHD or VHDX) and the type of disk (FixedHarddisk or DynamicHarddisk) and list in this format:
ConvertTo-MvmcVirtualHardDisk -SourceLiteralPath c:\downloads\VM-disk1.vmdk -VhdType DynamicHardDisk -VhdFormat vhdx -destination d:\vm-disk1
Once it starts running, you should see a progress bar similar to this:
Creating the MetaSploitable Hyper-V VM
- Open the Hyper-V Manager
- In the left pane, right click and select New > Virtual Machine
- In the New Virtual Machine Wizard click Next
- Give your VM a suitable name, for example “MetaSploitable 2”
- Check the option for Store the virtual machine in a different location, click Next
- Select Generation 1, click Next
- Change the Startup memory to 2048MB, click Next
- Select the appropriate Connection in the drop-down, click Next
- Check the option for Use an existing virtual hard disk
- Click Browse and locate the converted hard disk file, click Next
- Click Finish
When you start the VM, you should see something like this:
Configure Networking
How you configure the network options for Metasploitable really depends on how you plan to use it. For me, I am generally run it on a server and I map it to a specific physical port on the server because I am using it for training on a non-business network.
Accessing Metasploitable 2
Once you have started the machine in Hyper-V, you can login via following credentials:
Username: msfadmin
Password: msfadmin
such a great topic,
thanks for the help. well done
I’m trying to get metaeploitable 2 to connect to the internet in hapyer V setting but I had no luck yet,
probably I have to try every single setting & try again,
May or may not still be relevant, but delete the NIC that gets created during setup, click apply, then click Add Hardware and select “Legacy Network Adapter” and click Add. Select the appropriate network/vSwitch and you should be good to go. VM must be off to remove/add.
I was able to get the a nic up and running, after removing the nic created during setup – and replace it with an ‘legacy’ adapter. As described by diuqil. Thank you very much.
This worked perfectly for me.
Thanks for the information.
Hey Michael,
Glad it helped!
Bob
It does not matter if I use Hyper-V or Virtual box… I cannot get kali to ssh into metasploitable due to port 22. I have tried everything I can think of to get this to work but it always fails. What is worst is no one online has posted a resolve for this issue and I am sure I am not the only one having this issue.