2

I am running VirtualBox on Windows 10, and have 2 VMs set up; Metasploitable (target obviously) and Kali (lab host).

I am attempting to fping, followed by nmap from Kali, and for some reason my Metasploitable is not being seen by Kali. Both machines are running when the ping sweep and nmap is done.

When I use ifconfig, I get the following for Metasploitable eth0:

inet: 192.168.0.3 Bcast: 192.168.0.255 Mask: 255.255.255.0

and for Kali eth0:

inet: 192.168.0.4 Bcast: 192.168.0.255 Mask: 255.255.255.0

When I run fping, ip's in the range of 192.168.0.0/10 I am told all ICMP host Unreachable, even 192.168.0.3 (Metasploitable). When I run nmap, it says all ports are closed on 192.168.0.3 as well.

I am quite new, and following along with a textbook, the results of the text are different than my own, with nmap reporting several ports on the metasploitable vm being open (obviously, as it was designed to be vulnerable). Is there something in my networking setup that is incorrectly done? I used the ifconfig eth0 up to set up the network configuration for each machine.

NOTE: kali is vdi format, and metasploitable is vmdk. I'm not sure if that would cause issues, so I figured it was worth mentioning.

schroeder
  • 123,438
  • 55
  • 284
  • 319
NBacon
  • 21
  • 1
  • 3
  • 3
    Take a look at the dox on setting up a an internal virtual network here: https://www.virtualbox.org/manual/ch06.html#network_internal – John Deters Dec 27 '16 at 20:21
  • Ya, so that was definitely a step in the right direction. Now both machines are connected with a multicast, and theoretically they should be able to communicate with each other. However, VirtualBox has now assigned each machine an inet6 address in the eth0, rather than a normal inet ip. – NBacon Dec 27 '16 at 21:27
  • And fping does not discover metasploitable :-( – NBacon Dec 27 '16 at 21:27
  • Unfortunately, this isn't a security question, this is a virtualbox networking question. Put aside the tools from your tutorial for a minute and run the basic diagnostics. Can you run a normal ping? Can you run packet captures and see what is being sent? Metasploitable has a web server, can you browse to that IP? – schroeder Dec 27 '16 at 21:48
  • Sorry about that, I didn't mean to be irrelevant to the format of the site. The problem is solved now, after having manually set the inet ips back to the old standard. Now ping and fping are functioning, packets are being captured between systems with wireshark, and I can now see the open ports on metasploitable. Thanks John, and sorry again for not asking a security question! – NBacon Dec 27 '16 at 22:26

0 Answers0