Tuesday, 14 February 2017

Metasploit Tutorials - 4 (Set up DVWA/Metasploitable)

Metasploitable is an awesome feature which lets you hack without any LAB or Network


Steps and Instructions -

In this tutorial we are going to set up both METASPLOITABLE and DVWA (Damn Vulnerable Web Application).

What is -

Metasploitable - It is a VMware OS that can be installed in VMware as a server to practice your hacking skills.

DVWA - is a web interface which acts like a dummy website to hack.

In order to set these two we only need to download Metasploitable.

Here is the link - here

The download file will be Zipped. So unzip it mate....




Assuming you have installed your VMware in your computer, open the downloaded file and open the file named Metasploitable.vmx.

Yes it is a VM version. It will redirect you to Vmware workstation. It will ask weather you have moved or copied the machine. Say you copied it.

Then it will go through a lot of set up process. It may take some time.

Then it will ask you for user name and password. Both are "msfadmin"

Its set up. Here you can run "ifconfig" to see its IP address.


When we have this up and running, we will just run a basic nmap scan on this by typing
 "nmap -F (IP)"



As you can see we have many open ports. This is a very clear indication of the vulnerability inside this server.




Now you can conduct your pen test on this server without any risk.

This was for a server hacking dummy. Now comes the DVWA setup.

Nothing much to setup really.

Open any browser and enter the Metasploitable IP address and select DVWA. For ex- my Metasploitable IP was 192.168.254.12. I opened a browser and entered the same IP.

You will get a login page. Enter the default user name as - "admin" and password as "password"



And thats it.

You will have a website running to conduct hacks.

Note - Metasploitable should be running while you work on DVWA.




Thank you guys for reading the tutorial.





I have made a set of tutorials on METASPLOIT from the beginning


















No comments:

Post a Comment