【Kali】Kali Linux搭建Metasploitable3靶机详细过程

Normalizer 2020-06-16

目录

概述

??Metasploitable3是Metasploitable2的升级版本,它是一个虚拟靶机系统,里面含有大量未被修复的安全漏洞,它主要是用于metasploit-framework测试的漏洞目标。众所周知Metasploitable2由于年久失修,被更好的Metasploitable3给取代了。但是rapid7(官方)这次却没有提供VM镜像,而是仅仅提供动态构建VM镜像的方法。之前的Metasploitable2提供的是VM快照文件,这使得维护和更新变得非常麻烦,因此Metasploitable3利用动态构建的方法来让用户自行创建VM镜像。这种新的构建方法有很多好处:我们可以轻松地在多个操作系统上应用相同的漏洞利用,为多个虚拟化平台构建,最重要的是,可以接受社区的贡献。
??本文介将介绍如何在Kali Linux中下载官方脚本,并创建启动Metasploitable3虚拟机镜像。

准备安装文件

??官方提供的安装脚本文件托管在Github上,其地址为:https://github.com/rapid7/Metasploitable3

Building

??首先我们在特定的目录中创建一个名为:metasploitable3-workspace的目录,然后在该目录中curl Vagrantfile然后通过vagrant up进行构建VM镜像。

  • 官方推荐构建步骤如下:
mkdir metasploitable3-workspace
cd metasploitable3-workspace
curl -O https://raw.githubusercontent.com/rapid7/metasploitable3/master/Vagrantfile && vagrant up

Trouble-shuing

  • 1. 安装vagrant

??如果你以为按照官方推荐的方法去构建就OK了,那么只能说 U A 2 young 2 simple?????? Kali Linux中默认是没有安装vagrant的,在正式构建前首先需要安装vagrant。通过命令apt-get install vagrant即可安装,安装大致过程如下:

?   ~  apt-get install vagrant
eading package lists... Done
Building dependency tree       
Reading state information... Done
The following additional packages will be installed:
  vagrant-libvirt
The following NEW packages will be installed:
  vagrant vagrant-libvirt
 #.......安装过程省略
  • 2. 使用vagrant进行构建

??按照官方推荐方法,进行构建过程如下:

?   /media/root/软件1/VMware/metasploitable3-workspace  curl -O https://raw.githubusercontent.com/rapid7/metasploitable3/master/Vagrantfile && vagrant up

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  1550  100  1550    0     0   1681      0 --:--:-- --:--:-- --:--:--  1679
Traceback (most recent call last):
	25: from /usr/bin/vagrant:23:in `<main>‘
	24: from /usr/bin/vagrant:23:in `load‘
	23: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.9/bin/vagrant:200:in `<top (required)>‘
	22: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.9/lib/vagrant/environment.rb:290:in `cli‘
	21: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.9/lib/vagrant/cli.rb:67:in `execute‘
	20: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.9/plugins/commands/up/command.rb:87:in `execute‘
	19: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.9/lib/vagrant/plugin/v2/command.rb:186:in `with_target_vms‘
	18: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.9/lib/vagrant/plugin/v2/command.rb:186:in `each‘
	17: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.9/lib/vagrant/plugin/v2/command.rb:204:in `block in with_target_vms‘
	16: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.9/lib/vagrant/plugin/v2/command.rb:180:in `block in with_target_vms‘
	15: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.9/lib/vagrant/environment.rb:715:in `machine‘
	14: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.9/lib/vagrant/vagrantfile.rb:81:in `machine‘
	13: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.9/lib/vagrant/vagrantfile.rb:81:in `new‘
	12: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.9/lib/vagrant/machine.rb:146:in `initialize‘
	11: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.9/lib/vagrant/machine.rb:261:in `communicate‘
	10: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.9/lib/vagrant/registry.rb:27:in `get‘
	 9: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.9/plugins/communicators/winrm/plugin.rb:15:in `block in <class:Plugin>‘
	 8: from /usr/lib/ruby/2.7.0/rubygems/core_ext/kernel_require.rb:92:in `require‘
	 7: from /usr/lib/ruby/2.7.0/rubygems/core_ext/kernel_require.rb:92:in `require‘
	 6: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.9/plugins/communicators/winrm/communicator.rb:6:in `<top (required)>‘
	 5: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.9/plugins/communicators/winrm/communicator.rb:6:in `require_relative‘
	 4: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.9/plugins/communicators/winrm/shell.rb:8:in `<top (required)>‘
	 3: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.9/lib/vagrant/util/silence_warnings.rb:8:in `silence!‘
	 2: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.9/plugins/communicators/winrm/shell.rb:9:in `block in <top (required)>‘
	 1: from /usr/lib/ruby/2.7.0/rubygems/core_ext/kernel_require.rb:92:in `require‘
/usr/lib/ruby/2.7.0/rubygems/core_ext/kernel_require.rb:92:in `require‘: cannot load such file -- winrm (LoadError)

??构建过程出现报错,报错信息大致是说缺少winrm插件。那么接下来就是安装缺少的必要插件。

  • 3. 安装vagrant插件

??根据实际安装过程发现,如果要成功构建Metasploitable3需要安装winrm、winrm-fs、vagrant-vbguest、winrm-elevated、vagrant-reload这几个插件。安装过程如下:

?   ~  vagrant plugin install winrm winrm-fs vagrant-vbguest
Installing the ‘winrm‘ plugin. This can take a few minutes...
Fetching vagrant-libvirt-0.1.2.gem
Fetching erubi-1.9.0.gem
Fetching gssapi-1.3.0.gem
Fetching gyoku-1.3.1.gem
Fetching little-plugger-1.1.4.gem
Fetching logging-2.2.2.gem
Fetching nori-2.6.0.gem
Fetching rubyntlm-0.6.2.gem
Fetching winrm-2.3.4.gem
Installed the plugin ‘winrm (2.3.4)‘!
Installing the ‘winrm-fs‘ plugin. This can take a few minutes...
Fetching winrm-fs-1.3.4.gem
Installed the plugin ‘winrm-fs (1.3.4)‘!
Installing the ‘vagrant-vbguest‘ plugin. This can take a few minutes...
Fetching micromachine-3.0.0.gem
Fetching vagrant-vbguest-0.24.0.gem
Installed the plugin ‘vagrant-vbguest (0.24.0)‘!
Installing the ‘winrm-elevated‘ plugin. This can take a few minutes...
Fetching winrm-elevated-1.2.1.gem
Installed the plugin ‘winrm-elevated (1.2.1)‘!
Installing the ‘vagrant-reload‘ plugin. This can take a few minutes...
Fetching vagrant-reload-0.0.1.gem
Installed the plugin ‘vagrant-reload (0.0.1)‘!
  • 4. 继续使用vagrant构建

??这个构建的速度只要是取决与你的网速,下图是当时构建是我的截图,100Mbps的下载速度我大概用了5分钟。
【Kali】Kali Linux搭建Metasploitable3靶机详细过程

下面是构建详细过程:

? ?   /media/root/软件1/VMware/metasploitable3-workspace  curl -O https://raw.githubusercontent.com/rapid7/metasploitable3/master/Vagrantfile && vagrant up

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  1550  100  1550    0     0   1823      0 --:--:-- --:--:-- --:--:--  1821
Bringing machine ‘ub1404‘ up with ‘virtualbox‘ provider...
Bringing machine ‘win2k8‘ up with ‘virtualbox‘ provider...
==> ub1404: Box ‘rapid7/metasploitable3-ub1404‘ could not be found. Attempting to find and install...
    ub1404: Box Provider: virtualbox
    ub1404: Box Version: >= 0
==> ub1404: Loading metadata for box ‘rapid7/metasploitable3-ub1404‘
    ub1404: URL: https://vagrantcloud.com/rapid7/metasploitable3-ub1404
==> ub1404: Adding box ‘rapid7/metasploitable3-ub1404‘ (v0.1.12-weekly) for provider: virtualbox
    ub1404: Downloading: https://vagrantcloud.com/rapid7/boxes/metasploitable3-ub1404/versions/0.1.12-weekly/providers/virtualbox.box
Download redirected to host: vagrantcloud-files-production.s3.amazonaws.com
==> ub1404: Successfully added box ‘rapid7/metasploitable3-ub1404‘ (v0.1.12-weekly) for ‘virtualbox‘!
==> ub1404: Importing base box ‘rapid7/metasploitable3-ub1404‘...
==> ub1404: Matching MAC address for NAT networking...
==> ub1404: Checking if box ‘rapid7/metasploitable3-ub1404‘ version ‘0.1.12-weekly‘ is up to date...
==> ub1404: Setting the name of the VM: Metasploitable3-ub1404
==> ub1404: Clearing any previously set network interfaces...
==> ub1404: Preparing network interfaces based on configuration...
    ub1404: Adapter 1: nat
    ub1404: Adapter 2: hostonly
==> ub1404: Forwarding ports...
    ub1404: 22 (guest) => 2222 (host) (adapter 1)
==> ub1404: Running ‘pre-boot‘ VM customizations...
==> ub1404: Booting VM...
==> ub1404: Waiting for machine to boot. This may take a few minutes...
    ub1404: SSH address: 127.0.0.1:2222
    ub1404: SSH username: vagrant
    ub1404: SSH auth method: password
    ub1404: Warning: Connection reset. Retrying...
    ub1404: Warning: Remote connection disconnect. Retrying...
    ub1404: 
    ub1404: Inserting generated public key within guest...
    ub1404: Removing insecure key from the guest if it‘s present...
    ub1404: Key inserted! Disconnecting and reconnecting using new SSH key...
The private key to connect to this box via SSH has invalid permissions
set on it. The permissions of the private key should be set to 0600, otherwise SSH will
ignore the key. Vagrant tried to do this automatically for you but failed. Please set the
permissions on the following file to 0600 and then try running this command again:

/media/root/软件1/VMware/metasploitable3-workspace/.vagrant/machines/ub1404/virtualbox/private_key

Note that this error occurs after Vagrant automatically tries to
do this for you. The likely cause of this error is a lack of filesystem
permissions or even filesystem functionality. For example, if your
Vagrant data is on a USB stick, a common case is that chmod is
not supported. The key will need to be moved to a filesystem that
supports chmod.

启动virtualbox

??再上一个步骤,如果成功构建了Metasploitable3.那么会在/root/VirtualBox VMs目录中生成一个名为:Metasploitable3-ub1404的目录。该目录则是Metasploitable3的虚拟机文件目录。

?   ~/VirtualBox VMs/Metasploitable3-ub1404  ls -l
total 5693204
drwx------ 2 root root       4096 Jun 16 11:21 Logs
-rw------- 1 root root 5833752576 Jun 16 11:32 metasploitable3-ub1404-disk001.vmdk
-rw------- 1 root root       2933 Jun 16 11:21 Metasploitable3-ub1404.vbox
-rw------- 1 root root       2933 Jun 16 11:21 Metasploitable3-ub1404.vbox-prev

??启动virtualbox,然后选择Machine-->add。然后点击上面的目录,virtualbox会自动加载我们构建好的虚拟机如下图所示:
【Kali】Kali Linux搭建Metasploitable3靶机详细过程

??接下来就可以点击start开始享用吧,其中系统初始的用户名密码都是vagrant

相关推荐