Metasploitable is an intentionally vulnerable VM that can be used to conduct security training, practice ethical hacking, and much more. It’s a test environment that provides a secure place to perform penetration testing and security research.

Step 1: Create a VM with no Media

Step 2: Create a folder in /var/lib/vz/ images

  • Command: mkdir 112
  • Make sure the folder number is the same as VM (It helps keeps things organize)

Step 3: Download the Metasploitable folder using wget

  • Command: wget https://newcontinuum.dl.sourceforge.net/project/metasploitable/Metasploitable2/metasploitable-linux-2.0.0.zip 

Step 4: Unzip the folder you just downloaded

  • Command: unzip metasploitable-Linux-2.0.0.zip

Step 5: Convert the .vmdk file to a qcow2 file

  • Command: qemu-img convert -f vmdk Metasploitable.vmdk -O qcow2 Metasploitable.qcow2 

Step 6: Move the .qcow2 file to the root folder (112).

  • Command: mv Metasploitable.vmdk ../

Step 7: Edit the VM config file

  • Command: Nano /etc/pve/qemu-server/112.conf
  • Point the VM to the qcow2 file (See image below)

Things to Keep in mind

  • As I said earlier, Metersploitable is an intentionally vulnerable VM, so make sure you treat it as such. Turn it off when it’s not being used, segregated on your network if needed.
  • Metasploitabe 3 is out. I’m still trying to figure out how to get that set up on Proxmox. Once I do, I will create a video about it.

About the author

Paul Koroma

My name is Paul Koroma. I'm willing to learn what I don't know, and what I learn, I try my best to get good at. Koroma Tech is my little corner on the internet. I'm a solution-oriented and highly analytical Systems Administrator with years of cross-platform experience.

>
Don`t copy text!