Metasploitable2 on KVM QEMU

Mar 21, 2023 · 3 min read · virtual linux qemu cyber security metasploitable  ·
Share on:

Metsploitable

Metasploitable 2 is an intentionally vulnerable Ubuntu Linux virtual machine that is designed for testing common vulnerabilities. This virtual machine (VM) is compatible with VMWare, VirtualBox, and other common virtualization platforms.

From https://docs.rapid7.com/metasploit/metasploitable-2/

Download is available in vmdk format (designed for VMware ESXi or VMware Player). I do not run either of these tools and instead use KVM/QEMU. Thankfully KVM/QEMU can read vmdk files and so there is no need to convert this to something like qcow2 format, though you can if you wish and I have a guide for doing that here. It should be noted that there is an advantage to running virtual machines from qcow2 in KVM/QEMU which is that the snapshot feature only appears to work with qcow2. If you're not concerned with snapshots, then follow on!

To set this up, please follow this guide. I will assume that you already have the necessary files installed to run KVM/QEMU and at least have some basic understanding of the tool(s).

Getting this running on KVM/QEMU

  1. Download from either https://information.rapid7.com/metasploitable-download.html or https://sourceforge.net/projects/metasploitable/
  2. Extract the zip file
    unzip metaploitable-linux-2.0.0.zip
  3. Change to the newly created directory
    cd Metasploitable-Linux
  4. Move the .vmdk file to where your KVM/QEMU image repository is. By Default this is "/var/lib/libvirt/images"
    mv Metasploitable.vmdk /var/lib/libvirt/images/
  5. Next we need to convert the VMware properties file to a format which KVM/QEMU can interpt. Fortunately there's a Python script for this. Let's download it...
    wget 'https://raw.githubusercontent.com/FreedomBen/vmware-to-kvm/main/vmware2libvirt.py'
  6. Run the file through the Python script
    python vmware2libvirt.py -f Metasploitable.vmx > Metasploitable.xml
  7. Next step is to go though the newly created XML file and correct a few settings such as disk location and network configurations.
    • Change line 21 to match the location of the qcow2 disk which we created earlier
      <source file='/var/lib/libvirt/images/Metasploitable.qcow2'/>
    • Change lines 26 and 30 to match your KVM/QEMU network configuration
      <source network='yourNetworkNameHere'>
  8. This now requires that you have a binary called 'kvm'. You can check if you have this by running
    which kvm
    If present, then this will echo back to you something like /usr/bin/kvm. If you do not have this file, then you can check for the presence of 'qemu-kvm'. If this is present, then create a symbolic link:
    ln -s /path/to/qemu-kvm /usr/bin/kvm
    If qemu-kvm is not present either (it wasn't on my machine) then it seems that the 'kvm' file really only contains a short shell script, so you can create a file '/usr/bin/kvm' containing the following lines:
1#!/bin/sh
2exec qemu-system-x86_64 -enable-kvm "$@"
  1. Next step is to deploy the the vm using the XML file we created earlier. To do this, enter the following command
    sudo virsh -c qemu:///session define Metasploitable.xml
    and you you should see the message
    Domain 'Metasploitable2-Linux' defined from Metasploitable.xml
  2. Another guide which I had read suggested that you should now be able to boot the VM. However I was unable to do so. I received an error message stating:
    qemu-system-x86_64: The -accel and "-machine accel=" options are incompatible
    When I investigated using virt-manager (GUI tool) I noticed that under the "Overview" section the "Emulator" was set to '/usr/bin/kvm'. I had to edit the XML data to change line 34 to
    <emulator>/usr/bin/qemu-system-x86_64>
    and save the changes. I can now boot Metasploitable under KVM/QEMU


That should get you up and running and ready to start playing around learning how to exploit systems.