Embedded Files
FOUNDATION & ENVIRONMENT BUILDING
Overview
I built a safe, isolated lab to practice reconnaissance, scanning, and exploitation. The environment uses VirtualBox, Kali Linux as the attacker VM, and Metasploitable 2 as a deliberately vulnerable target.
(How to Set Up a Pentesting Lab)
Objectives
Stand up Kali Linux and Metasploitable 2 on an isolated network.
Run baseline scans and exploit at least one known vulnerability.
Produce a short findings write up with steps and results.
Prerequisites
Hardware: 8 GB or more memory, sufficient disk space.
Host operating system with VirtualBox installed.
Downloads: Kali Linux Open Virtual Appliance image, Metasploitable 2 virtual disk.
Tools and technologies
VirtualBox, Kali Linux, Metasploitable 2, Network Mapper, Metasploit Framework
Implementation
Hypervisor setup
Installed VirtualBox and the Extension Pack for device features.
Attacker VM Kali Linux
Imported the Kali OVA, started the VM, ran updates with sudo apt update and sudo apt upgrade.
Verified Network Mapper and Metasploit Framework were available. Installed if missing.
Target VM Metasploitable 2
Created a new VM, type Linux, Ubuntu 64 bit, 512 MB memory.
Attached the Metasploitable VMDK as an existing disk.
Network isolation
Created Host Only network vboxnet0.
Set both VMs to use Host Only.
Verified IPs in the 192.168.56.0 24 range and confirmed two way pings.
Reconnaissance and exploitation
Baseline scan: nmap target ip
Full scan: nmap A target ip and saved to metasploitable scan.txt
Launched msfconsole, searched for vsftpd 2.3.4 backdoor, used the exploit, set RHOST, and executed.
Captured session details and console outputs.
Outcomes
A repeatable offensive lab that supports safe practice.
Documented scans, exploits, and network diagrams I can reference later.
Skills demonstrated
Virtualization and network isolation.
Reconnaissance, service enumeration, exploitation.
Note taking and evidence collection that supports reporting.
Google Sites
Report abuse