Metasploitable is an intentionally vulnerable VM that can be used to conduct security training, practice ethical hacking, and much more. It’s a test environment that provides a secure place to perform penetration testing and security research.

Step 1: Create a VM with no Media

Step 2: Create a folder in /var/lib/vz/ images

  • Command: mkdir 112
  • Make sure the folder number is the same as VM (It helps keeps things organize)

Step 3: Download the Metasploitable folder using wget

  • Command: wget 

Step 4: Unzip the folder you just downloaded

  • Command: unzip

Step 5: Convert the .vmdk file to a qcow2 file

  • Command: qemu-img convert -f vmdk Metasploitable.vmdk -O qcow2 Metasploitable.qcow2 

Step 6: Move the .qcow2 file to the root folder (112).

  • Command: mv Metasploitable.vmdk ../

Step 7: Edit the VM config file

  • Command: Nano /etc/pve/qemu-server/112.conf
  • Point the VM to the qcow2 file (See image below)

Things to Keep in mind

  • As I said earlier, Metersploitable is an intentionally vulnerable VM, so make sure you treat it as such. Turn it off when it’s not being used, segregated on your network if needed.
  • Metasploitabe 3 is out. I’m still trying to figure out how to get that set up on Proxmox. Once I do, I will create a video about it.

Emails Suck! Ours Don't!

Join the family. Subscribe and we will update you every time we post something Awesome.

About the author

Paul Koroma

My name is Paul Koroma. I'm willing to learn what I don't know, and what I learn, I try my best to get good at. Koroma Tech is my little corner on the internet. I'm a solution-oriented and highly analytical Systems Engineer with years of cross-platform experience.

Don`t copy text!