Activity 1.1: Set Up Your Virtual Environment

This activity guides you through setting up a virtualized environment using VirtualBox, Kali Linux, and Metasploitable. These tools are essential for practicing cybersecurity concepts in a safe and controlled setting. By the end of this activity, you will have a functional virtual environment ready for hands-on exercises.

You will begin by downloading and installing VirtualBox, followed by obtaining and setting up the required VMs. Finally, you will verify that your setup is complete by testing the functionality of each VM.

Part 1: Download VirtualBox

Before you can start working with VMs, you need a virtualization platform. VirtualBox is a free and reliable tool that enables you to create and manage VMs on your system. Follow these steps to download and install it.

To download and install VirtualBox, follow these steps:

1. Navigate to https://www.virtualbox.org/wiki/Downloads.
2. Download the latest VirtualBox for your system OS.
3. Install VirtualBox and accept all the defaults. If you are presented with a message about missing dependencies Python Core / win32api, you can click Yes to proceed forward, as this book will not utilize these. If you plan to use the Python bindings for Oracle VM VirtualBox for external Python applications using the Oracle VM VirtualBox API, you will need to revisit this later.

Part 2: Download VMs

You will be using VMs for Kali Linux and Metasploitable. To perform the exercises in this book, you will need to download specific VMs, including Kali Linux and Metasploitable. These downloads can be quite large and may take a long time depending on your connection speed. These will provide the environments required for hands-on learning. You can follow these steps to download the VM files:

1. Navigate to https://www.kali.org/get-kali/#kali-virtual-machines and select the VirtualBox 64 download.
2. Navigate to https://sourceforge.net/projects/metasploitable/files/Metasploitable2/ and select download the latest version.

Part 3: Set Up Your Downloaded VMs

Both of your downloads will need to be unzipped. You can use your preferred ZIP program, such as 7zip found at https://www.7-zip.org/download.html. Windows has a ZIP program built in as well. Unzip the images and place them in a folder to store your VirtualBox images. They will both be used in the next steps.

Set Up Your Kali Linux VM

Kali Linux is penetration testing and ethical hacking distribution. Follow these steps to configure it in VirtualBox and ensure it is ready for exercises in this book:

1. Figure 1.3 shows the main initial VirtualBox screen. Here, you will click the Add button, the green plus sign on the right side of the buttons at the top of the screen.

Figure 1.3: VirtualBox Add button

2. Figure 1.4 shows the popup that will appear, allowing you to choose a .vbox file. Navigate to where you unzipped your Kali Linux files and choose the .vbox file. It will be the only one that shows as available as the prompt restricts showing VM files only. Then, select Open.

Figure 1.4: VirtualBox .vbox file choice

3. This will automatically configure all elements of the VM and you will see it available in your list of VMs. Figure 1.5 shows how the VirtualBox home screen will appear when your new Kali Linux VM is selected post setup.

Figure 1.5: VirtualBox Kali Linux post setup

As you will see, this creates a VM that will use 2 GB of memory and 2 CPUs.

Set Up Metasploitable

Metasploitable is a purposefully vulnerable VM designed for testing and learning. This section provides the necessary steps to configure it in VirtualBox.

1. Figure 1.6 shows the home screen where the New button will be used to create a new VM. Click on the New button to create a new VM that will be used to load Metasploitable files.

Figure 1.6: VirtualBox new VM button

2. Figure 1.7 shows the screen that will appear giving you options to configure elements for the new VM. You will interact with the following elements (the rest can be left at their defaults):
   • Name – Fill in a name of your choice for this VM; the suggested name is Metasploitable 2
   • Type – Choose Linux from the drop-down list
   • Version – Choose Other Linux (64-bit) from the drop-down list; it will probably be the last option in the list.

Figure 1.7: VirtualBox new VM name and OS

3. Then, click Next to proceed.
4. Figure 1.8 shows the hardware configuration screen for a new VM. On this screen, it is recommended to set at least 512 MB of memory and 1 CPU. You can set these higher if you desire and have the resources available, keeping in mind that you will need to run the Kali Linux and Metasploitable VMs at the same time for future exercises and have resources available for your computer to function as well. When you have finished adjusting these settings, click Next to proceed.

Figure 1.8: VirtualBox new VM hardware settings

5. Figure 1.9 shows the VirtualBox virtual hard disk selection screen, providing three options for you to choose from for configuring the new VM. On this screen, select the Use an Existing Virtual Hard Disk File option.
6. After selecting the radio button, click on the folder icon with the green up arrow on the right-hand side; this will open a new window to choose a hard disk file.

Figure 1.9: VirtualBox virtual hard disk selection

7. The next screen, which is the Hard Disk Selector, is shown in Figure 1.10. It also shows the Add button, which is used to define new hard disk files. On this screen, click on Add at the top left.

Figure 1.10: VirtualBox Hard Disk Selector Add button

8. Figure 1.11 shows the pop-up that will load, allowing you to choose a .vmdk file for defining the virtual hard disk file. Navigate to the folder where you unzipped Metasploitable 2 and choose the .vmdk file. The prompt will by default restrict the options to only VM files, so you should only see the one .vmdk file. After selecting it, choose Open to continue.

Figure 1.11: VirtualBox hard disk .vmdk file

9. You should now see the .vmdk file as an option in your list of hard disks. Figure 1.12 shows the hard disk selector screen now having two options that can be used to setup up new VMs, including the kali-linux and Metasploitable disks. Click to highlight the Metasploitable.vmdk file and click the Choose button to continue.

Figure 1.12: VirtualBox hard disk selector Choose button

10. You should now be back to the Virtual Hard Disk screen, as shown in Figure 1.13, and it should have the Metasploitable.vmdk file listed; click Next to continue.

Figure 1.13: VirtualBox Metasploitable.vmdk input for the virtual hard disk file

11. Figure 1.14 shows the final screen for the new VM setup, which is a summary screen listing all the options selected. Double-check that you see your desired machine name, Guest OS Type is set to Other Linux (64-bit), Base Memory is set to at least 512, and Attached Disk should be your Metasploitable.vmdk file. If all checks out, you can click Finish to proceed.

Figure 1.14: VirtualBox new VM creation summary screen

12. Figure 1.15 shows the VirtualBox home screen, now containing two configured VMs, as shown in the list on the left side. You now should see the two VMs in your list of VMs set up for VirtualBox.

Figure 1.15: VirtualBox configured VM list

Test Your VMs

After configuring your VMs, it is essential to verify that they are functioning properly. These steps will help you test, log in, and prepare your VMs for future activities:

1. Figure 1.16 shows the menu that appears after right-clicking on a VM, and the options under the Start option. You should right-click on one of your VMs and choose Start and then Normal Start.

Figure 1.16: VirtualBox starting VMs

2. Figure 1.17 shows a small prompt window that will appear, telling you a VM is powering up and providing a progress bar.

Figure 1.17: VirtualBox powering VM up prompt

Some VMs may start quickly, and this popup will not appear. If you get any errors, delete your machines and repeat the setup steps. If you still get errors, delete the files that you unzipped, delete the download ZIP file and re-download it, unzip it, and recreate the VMs again by following the steps. These actions will ensure that files have not been corrupted during any steps.

3. Figure 1.18 shows the console window that appears after a VM is powered up. It also shows a pop-up window on the right side of the screen that lists integration options.

Figure 1.18: VirtualBox initial VM start and enhanced options

You can dismiss the tooltip using the top-right box with an X in it. When you interact with a VirtualBox VM, it may take control of your mouse when you click within it. If this happens, use the bottom-right information as a guide. In this example, it says Right Ctrl; this means that to get the mouse back to your host machine, you must hit the right Ctrl key.

4. Test that you can log in to each of the VMs. As of this writing, the login for Metasplotiable 2 is msfadmin: msfadmin. The login for Kali is kali:kali.
5. Figure 1.19 shows how to close a VM that has been started. Once you have verified that you can start and log in to each VM, you are ready for future activities. When you are done with your VMs, you can stop them by clicking on File in the top left and then Close….

Figure 1.19: Closing a VM

6. This will open another window with three choices. For the purposes of this book, I suggest choosing Power off the machine. Figure 1.20 shows the list of VirtualBox VM options for closing a running VM.

Figure 1.20: VirtualBox Close Virtual Machine options

If you make changes to your VM or wish to come back to the same point, you can use Save the machine state; this will start it back at the same point you left it at. You can also take regular snapshots, or copies, of the machine that can be used to restore or start from. These are more advanced features that will not be used for this book.