Metasploitable 2 をDocker Desktopにインストールする

Metasploitによるペネトレーションの練習やテストに使用するための、わざと脆弱性を持たせた「やられサーバ」の仮想マシン。debian → Ubuntu の系譜。

DockerDesktopの検索バーでイメージを検索してダウンロード

PS C:\> docker run --network=kali_badtodo -h metasp2 -it --name metasploitable2 tleemcjr/metasploitable2

起動後。キーマップを日本語に変更

$ sudo loadkeys jp

バージョン、IPを確認

$ cat /proc/version 
Linux version 5.15.90.1-microsoft-standard-WSL2 (oe-user@oe-host) (x86_64-msft-linux-gcc (GCC) 9.3.0, GNU ld (GNU Binutils) 2.34.0.20200220) #1 SMP Fri Jan 27 02:56:13 UTC 2023

$ cat /etc/debian_version 
lenny/sid

$ ifconfig
eth0      Link encap:Ethernet  HWaddr 02:42:ac:13:00:02  
          inet addr:172.19.0.2  Bcast:172.19.255.255  Mask:255.255.0.0

Kaliからmetasploitable2へPing

$ ping -c 3 172.19.0.2                                                          
PING 172.19.0.2 (172.19.0.2) 56(84) bytes of data.
64 bytes from 172.19.0.2: icmp_seq=1 ttl=64 time=0.066 ms
64 bytes from 172.19.0.2: icmp_seq=2 ttl=64 time=0.163 ms
64 bytes from 172.19.0.2: icmp_seq=3 ttl=64 time=0.062 ms
 
--- 172.19.0.2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2047ms
rtt min/avg/max/mdev = 0.062/0.097/0.163/0.046 ms

Kaliからmetasploitable2へNmap

$ nmap 172.19.0.2
Starting Nmap 7.94 ( https://nmap.org ) at 2023-10-19 15:22 JST
Nmap scan report for metasploitable2.kali_badtodo (172.19.0.2)
Host is up (0.00022s latency).
Not shown: 981 closed tcp ports (conn-refused)
PORT     STATE SERVICE
21/tcp   open  ftp
22/tcp   open  ssh
23/tcp   open  telnet
25/tcp   open  smtp
80/tcp   open  http
111/tcp  open  rpcbind
139/tcp  open  netbios-ssn
445/tcp  open  microsoft-ds
512/tcp  open  exec
513/tcp  open  login
514/tcp  open  shell
1099/tcp open  rmiregistry
1524/tcp open  ingreslock
2121/tcp open  ccproxy-ftp
3306/tcp open  mysql
5432/tcp open  postgresql
6667/tcp open  irc
8009/tcp open  ajp13
8180/tcp open  unknown

Nmap done: 1 IP address (1 host up) scanned in 0.12 seconds

こちらも参考に：Metasploit - demandosigno