Metasploitable 3 is an intentionally vulnerable Linux virtual machine (VM). This VM can be used to conduct security training, test security tools, and practice common penetration testing techniques. The default login and password is “msfadmin:msfadmin” sans the quotes.
**Note: for this version, the default u:p is: vagrant:vagrant
Why is Metasploitable 3 different?
There is a lot of manual labor that is required of the current version to make it work. From compiling the source code to downloading and installing packages of various forms, it can be a tedious 8-12 hours of work (depending on your internet speeds) of praying and hoping that you got it all correct. Currently, to get your distro going, you need:
- Vagrant Reload Plugin
Build notes from the Rapid 7 Git hub page:
How this is different?
With the Red Lion Edition, you don’t need to do any of that mess. Just download and go. It is just that easy. We have spent a lot of time preparing this so that you can download then upload to virtualbox and run. No wasted time of waiting for it to compile and HOPING that you got all the dependencies in place. But hey, if you want to roll your own, go right ahead.
Of course, you can still use metasploit with this distro, and for a great tutorial on that head over to Offensive Security’s site.
Of course the normal vulnerabilities that can be found in any Metasploitable distro are already included. You can find those here. However, there are other NEW vulnerabilities built in. What are they you might ask, well download and find out.
Easter eggs? What are those?
Along with all the fin easter eggs, and flags put in place by Rapid7 there are a few Red Lion exclusive easter eggs. This includes a few ASCII hidden lions, Red Lion account and password. With many more to come.
How do I get a copy?
We, at Red Lion, encourage you to sign up with your email here. This is to receive notices about updates and new features.
Take me to the download.