In this howto, you will installing metasploitable in VirtualBox. What is Metasploitable? Learning penetration testing or ethical hacking requires practical knowledge and good practice needs a vulnerable target. That is where Metasploitable comes into picture. It is an intentionally vulnerable operating system made by the makers of Metasploit themselves so that aspiring ethical hackers can practice and hone their hacking skills. As its name conveys Metasploitable is loaded with vulnerabilities that can be exploited with Metasploit modules.
This virtual machine can be used to conduct security training, test security tools, and practice common penetration testing techniques. For this i am going to use Metasploitable 2 which can be downloaded from here. After downloading the zip archive, extract the files into a folder. The file contents look like below.
Open VirtualBox and click on “New Virtual machine wizard”. Type the name of your choice. I am using ‘Metasploitable-2‘. Choose ‘Type’ as Linux and ‘version’ as Ubuntu. Click on “Next”.
Choose the memory size appropriate to the availability of RAM on your host machine although 512MB is more than enough. Click on “Next”.
In the hard drive creation window, select option “Use an existing virtual hard drive”, browse to the folder where we have extracted our zip files and select the ‘vmdk’ file available. Click on “Create”.
Then you are automatically booted into the metasploitable OS. The default username and password are “msfadmin”.
With this we successfully finished installing Metasploitable in Virtualbox. See how to create a penetration testing lab.
Windows provides a property to hide folders. We can set the view property of folder we want to hide to ‘hidden’, then go to “Folder and search” options, go to “view” tab and select Don’t show hidden files,folders and drives option.
The disadvantage with this method is that once we select “Show hidden files,folders and drives” from the “Folder and Search” options all our hidden files are visible. What if we want to hide our folder completely, completely in the sense that it is not visible even if we set our settings to show all hidden files. Let’s see how to hide a folder completely in Windows.
Here, I want to hide a folder named “Secret”.
Go to command line. Navigate to the directory where the folder we want to hide is located. Type the command “attrib +s +h secret” (batch programming is not case sensitive ) and hit Enter.
Now we can see that the file we hid is not visible even if we set our properties to show hidden files.
If you want to unhide your hidden file, go to command line and type the command “attrib -s -h secret.”
Windows Server 2012 introduced a new configuration option called Minimal Server Interface. Minimal Server Interface is in simple words compromise between Server GUI Full Installation and Server Core installation. Minimal Server Interface installation reduces footprint of the server to some extent thus decreasing security hazards. In the same time it increases deployment scenarios. Let’s see how to convert Server GUI to Minimal Server Interface in Windows server 2012. If you want to convert Server GUI full installation to Server Core installation, read here.
Following tools are installed in Minimal Server Interface.
Some Control Panel Applets
The items which are not installed during Minimal Server Interface are
Login as Administrator. Open “Powershell”. Type the command
“Uninstall-WindowsFeature Server-Gui-Shell -remove” and Press “Enter”.
After collecting some data, the system will start removing the Server-Gui-Shell.
After the removal of Server-gui-shell is finished, the system will ask us to restart the system.
Restart the system by typing “shutdown -r -t 0″. The system will reboot to Minimal server Interface which will look like below.