AttainIT Technologies Blog

Technology and Security

Month: February 2022

installing metasploitable on hyper-v

Installing Metasploitable on Hyper-V

By

On February 27, 2022

In Cybersecurity, Virtual Machines

Metasploitable is an intentionally vulnerable Linux virtual machine that can be used to conduct security training, test security tools, and practice penetration testing. This article will look at the steps required for installing Metasploitable on Hyper-V.

Downloading Metasploitable

There are a number of versions available for download. We will be using the download available directly from Rapid7 found here. Note that you will need to register an email address before receiving the free download link.

Converting the Image

Metasploitable is packaged in a VMware format. We must first convert it to be Hyper-V compatible. As of 2022, there are a lot of online links to documentation using Microsoft Virtual Machine Converter for this task. Unfortunately, Microsoft abandoned that utility and it is no longer available. We will instead use the free StarWind Converter found here. First unzip the Metasploitable download; Then use the following options for the wizard and finally press “Convert”:

  • Local File
  • Provide Source Image
  • Local File
  • Microsoft Virtual Hard Disk (VHD/VHDX)
  • VHD Growable Image
  • Destination File
StarWind Converter
StarWind Converter

This conversion will generate an image which can be directly imported into Hyper-V in the next step.

Installing Metasploitable on Hyper-V

Following the previous section should result in an image ready to be installed.

Converted VHD Image
Converted VHD Image

In the Hyper-V application, right click and choose “Import Virtual Machines”. Use the following settings in the wizard:

  • Specify Name and Location
  • Specify Generation 1
  • Assign Memory 2048MB
  • Configure Networking: Default Switch
  • Connect Virtual Hard Disk: Choose Existing
Choose Existing VHD
Choose Existing VHD

For the last step in the wizard, select the VHD that you previously converted. Finally press “Finish” on the summary page to create the virtual machine.

Changing the VM Network Adapter

The virtual machine will start but will not connect to a network as configured by default. The setup process creates a network adapter which is not compatible with Metasploitable. To resolve this problem, open the virtual machine settings. First remove the default network adapter and then create a “Legacy Network Adapter” as seen in the images below.

Remove VM Network Adapter
Remove VM Network Adapter
Create Legacy Network Adapter
Create Legacy Network Adapter

Verifying the Metasploitable Hyper-V VM

Now that your VM is fully configured, start it from Hyper-V. Once the Linux instance has launched, the username and password are both msfadmin.

Starting MetaSploitable
Starting MetaSploitable

After login you can issue a ping to google to ensure that networking is working correctly.

Ping Google from MetaSploitable
Ping Google from MetaSploitable

Your VM is now complete and ready to hack. Rapid7 maintains an exploitation guide found here. Finally, read our guide on installing Kali Linux to build a VM for attacking Metasploitable.

updating kali linux vm 2022.1

How to Upgrade Kali Linux to 2022.1

By

On February 21, 2022

In Cybersecurity, Virtual Machines

In this brief article we will upgrade Kali Linux to release 2022.1. This upgrade demonstration is on a Hyper-V virtual machine. The steps, however, are not specific to Hyper-V VMs and will work on other platforms. Kali 2022.1 was released on Feburary 14th 2022 with the full release notes located here. If you would like to create a Kali VM on Hyper-V please follow the process documented here.

Verifying the Virtual Machine

Start by opening a terminal window. Then issue the following command:

grep VERSION /etc/os-release

As you can see below, we are running the previous release from 2021 and need to upgrade.

kali linux old version
kali linux old version

Upgrading Kali Linux to 2022.1

Start by opening a terminal window. Then issue the following commands:

$ echo "deb http://http.kali.org/kali kali-rolling main non-free contrib" | sudo tee /etc/apt/sources.list
$ sudo apt update && sudo apt -y full-upgrade
$ cp -rbi /etc/skel/. ~
$ [ -f /var/run/reboot-required ] && sudo reboot -f

If prompted, accept and details and make sure the vm reboots at the end.

Verifying the Upgrade

Start by opening a terminal window. Then issue the following command:

grep VERSION /etc/os-release

The virtual machine’s version is now up-to-date.

kali linux upgraded version
kali linux upgraded version
Customizing Boostrap Icons

Using Bootstrap Icons

By

On February 20, 2022

In WWW

Bootstrap 5 Icons is a “free, high quality, open source icon library with over 1,600 icons.” It is provided by the same Twitter team who built Bootstrap. Since the icons are SVGs you can include them into your HTML in several different ways. This allows for flexibility to support how your project is setup. Using this library we will create a bootstrap button with icon.

Installing Icons

The icon set can be downloaded here. However, there is no need to pull in the whole package. Just copy in the icons you need for your project.

Embedding Icons as SVG

On our projects, we like to import the icons directly as SVG. The following example shows the phone-fill icon being added in a hidden block.

bootstrap 5 embedded svg
bootstrap 5 embedded svg

At this point, the icon is embedded in the page but not visible.

Creating a Bootstrap Button with Icon

Once the icon is embedded it is ready to use. Below is an example of using the embedded icon as part of a button.

<button type="submit" class="btn"><svg style="margin-right: 5px;" class="bi" width="1.5em" height="1.5em"><use xlink:href="#phone-fill"/></svg> Contact Us</button>

This will result in a very plain looking rendered button. Next we will customize the coloring for dark backgrounds.

contact us button
contact us button

Customizing the Bootstrap 5 Icon Color

The are a number of ways to customize the icon color, some are documented on the Bootstrap Usage page. A more direct route which offers more flexibility is to directly update the SVG path. This direct manipulation allows each path to be colored differently. Below the SVG is being updated to a white fill so it will stand out on a dark background.

<symbol id="az-sort" viewBox="0 0 16 16">
    <path fill="#ffffff" d=. . .
</symbol>

When paired with a dark button this will result in a modern and stylish button.

sort button with white icon
sort button with white icon

Powered by WordPress & Theme by Anders Norén