Body
Issues Resolved by this Article
-
Unable to create a Metasploitable 2 virtual machine in Proxmox
-
Confusion about importing a VMDK disk instead of using an ISO
-
VM does not boot after creation
-
Network or IP address issues after first boot
Background
Metasploitable 2 is an intentionally vulnerable Linux virtual machine used for cybersecurity training and penetration testing. In Proxmox, Metasploitable 2 is deployed by importing an existing VMDK disk image rather than installing from an ISO.
Because this process is different from a standard VM installation, users may encounter issues related to disk import, boot order, or network configuration. Following these steps in order ensures a successful deployment.
Prerequisites
-
A running Proxmox VE server
-
Sufficient disk space to store the VM image
-
Network connectivity on the Proxmox server
Downloads
Solution
Step 1: Download and Extract the Metasploitable 2 Image
-
Open a shell on your Proxmox server (via the web console or SSH).
2. Download the Metasploitable 2 ZIP archive:
wget https://download.vulnhub.com/metasploitable/metasploitable-linux-2.0.0.zip
-
Install the unzip utility (if it's not already installed):
apt-get -y install unzip
-
Extract the VMDK image from the archive:
unzip metasploitable-linux-2.0.0.zip
5. Move the VMDK file to a convenient location:
mv Metasploitable2-Linux/Metasploitable.vmdk .
-
Remove the ZIP archive and the now-empty directory:
rm -rf metasploitable-linux-2.0.0.zip
Step 2: Create a New Virtual Machine in Proxmox
-
Open the Proxmox web interface.
-
Click Create VM in the top-right corner.
-
General:
-
OS:
-
System:
-
Keep default settings.
-
Click Next.
-
Disks:
-
CPU:
-
Memory:
-
Set memory to 4096 MB.
-
Click Next.
-
Network:
-
Keep default settings.
-
Click Next.
-
Confirm:
-
Review settings.
-
Click Finish.
-
Do NOT start the VM yet.
Step 3: Import the VMDK Disk Image
-
Open a shell on the Proxmox server (if closed).
-
Import the disk using the following command:
qm importdisk <VMID> Metasploitable.vmdk <storage_name> --format raw
Example:
qm importdisk 100 Metasploitable.vmdk local-lvm --format raw
Step 4: Configure the VM and Start
-
Go back to the ProxMox web interface.
-
Select the VM you created (e.g., Metasploitable2).
-
Hardware:
Step 4: Configure Hardware and Boot Order
1. Select the VM in Proxmox.
2. Go to Hardware.
3. Locate the Unused Disk, double-click it.
-
Set Bus/Device to SATA and click Add.
Go to Options → Boot Order.
Step 5: Start the Virtual Machine
-
Click Start on the VM.
-
Open Console to view the boot process.
[Image: Metasploitable 2 booting in console]
Default credentials:
-
Username: msfadmin
-
Password: msfadmin
Step 6: (Optional) Set a Static IP Address
-
Check the current IP address:
ip a
-
Edit the network configuration file:
nano /etc/network/interfaces
-
Example static IP configuration:
auto eth0
iface eth0 inet static
address 192.168.232.13 netmask 255.255.248.0
gateway 192.168.232.5
dns-nameservers 192.168.232.5
-
Save and restart networking:
service networking restart
-
Verify the IP address:
ip a
Troubleshooting
-
VM does not boot: Ensure no ISO is attached, the disk was imported correctly, and SATA is first in boot order.
-
No network access: Confirm Proxmox provides DHCP or configure a static IP.
-
No console output: Restart the VM and check Proxmox logs.
Conclusion
By importing the Metasploitable 2 disk image and carefully configuring storage and boot order, you can deploy a fully functional vulnerable testing VM in Proxmox. This setup is ideal for hands-on security labs and penetration testing practice.