How to setup Metasploitable 2 with VirtualBox

What is Metasploitable 2

Metasploitable 2 was created by the team at Rapid 7 to be an intentionally vulnerable Ubuntu Linux virtual machine that is designed for easily testing different types of common vulnerabilities. While still being several years old, it is often used in courses like the CEH and Pentest+ as an easy way to find multiple different vulnerabilities using different technologies.

Where can it be downloaded

The easiest place to download it is from it’s project place on Sourceforce. The SourceForce address is and the direct download link is


Create a folder named Metasploitable2 or something similar where you keep your other Virtual Machines. Then unzip the into the Metasploitable2 folder.

Open VirtualBox and Hit the Blue New button.

The machine should have the following properties

  • Type: Linux
  • Version: Linux 2.6 / 3.x /4.x (64-bit)
  • Memory size: 1024MB
  • Select Use an existing virtual hard disk file and click on the yellow icon to the right
  • Click on the Add Button on the top left and browse to the Metasploitable2 folder. Select the Metasploitable.vmdk file and click choose

Then click the Create Button

Logging in

Start the Metaploitable 2 machine and then login via the console. The login details are:

  • Login: msfadmin
  • Password: msafdmin

Run the command ip addr to get the IP address of the machine. Now start hacking.