How To Find Ip Address Of Metasploitable 2

Hey there, friend! So, you're trying to figure out the IP address of your Metasploitable 2 VM, huh? No worries, it's a pretty common quest for newbie pentesters and ethical hackers – and it's definitely less intimidating than it sounds. Think of it like finding the house number on a slightly dilapidated, yet charming, building. Let's get to it, shall we? Grab your coffee, because we're diving in!

First Things First: Metasploitable 2 Is Your Target

Just a quick reminder: Metasploitable 2 is intentionally vulnerable. Like, really vulnerable. Don't go pointing it at the open internet, okay? Keep it safely tucked away in your virtual environment. We're talking VirtualBox or VMware. We're all friends here, right? So, let's keep things responsible. This is for learning, experimenting, and building your cybersecurity chops. Got it? Good!

Speaking of keeping things contained, that means your Metasploitable 2 VM should be running in either Bridged or NAT mode. What are those modes exactly? Well, briefly:

Must Read

NAT (Network Address Translation): Your Metasploitable 2 VM shares the IP address of your host machine (the computer running VirtualBox/VMware). It gets a private IP address on a separate network created by the virtual machine software. Kinda like sharing an apartment building's address but having your own apartment number inside.
Bridged: Your Metasploitable 2 VM gets its own IP address directly from your router, just like any other device on your network. Think of it as having your own individual house on the street.

Knowing which mode you're using is key, because it influences how you find that elusive IP address. So, make sure you check your VM settings before you start anything.

Method 1: The "ifconfig" (or "ip addr") Route – Inside Metasploitable 2 Itself

Alright, let's get our hands dirty! The most direct way to find the IP address is to simply ask Metasploitable 2 itself. Log in! Use the default credentials: msfadmin:msfadmin. Don't worry, everyone knows these, but you wouldn't use them in a real-world scenario, would you?

Now that you're in, open a terminal. You've got a few commands at your disposal, depending on how ancient (but lovable) your Metasploitable 2 setup is.

The Classic: "ifconfig"

Type ifconfig and hit Enter. What do you see? A whole bunch of network interface information! Don't panic! Look for an interface usually named eth0 or ens33 (it varies based on the setup). Under that interface, you should see a line that says inet addr. That's your IPv4 address! Voila! You've found the house number!

For example, you might see something like:


eth0      Link encap:Ethernet  HWaddr 00:0C:29:5F:93:6A
          inet addr:192.168.1.105  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fe5f:936a/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1102 errors:0 dropped:0 overruns:0 frame:0
          TX packets:845 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:972557 (949.7 KiB)  TX bytes:99018 (96.6 KiB)

In this case, the IP address is 192.168.1.105. Easy peasy, right?

Easiest Way to Find IP Address of any website using CMD - YouTube

The Modern Alternative: "ip addr"

ifconfig is a bit old-school these days. Some newer Linux distributions might not even have it installed by default. (Gasp!) So, the modern replacement is ip addr. Type that in and press Enter. Again, you'll see a lot of information.

Look for the same interface (eth0, ens33, or something similar). Then, look for a line that starts with inet followed by an IP address. It'll look something like this:


2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> MTU 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:5f:93:6a brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.105/24 brd 192.168.1.255 scope global dynamic ens33
       valid_lft 85998sec preferred_lft 85998sec
    inet6 fe80::20c:29ff:fe5f:936a/64 scope link
       valid_lft forever preferred_lft forever

See that inet 192.168.1.105/24? That's your IPv4 address! Notice the /24? That's the subnet mask in CIDR notation. Don't worry about that right now. Just grab the IP address. You're on a roll!

Pro Tip: If you're overwhelmed by the output, you can filter it using grep. For example, ip addr | grep "inet " will show you only the lines containing the IP address. Ah, the magic of the command line!

Method 2: The "arp" Command – From Your Host Machine

Okay, let's say you can't (or don't want to) log in to Metasploitable 2 directly. Maybe you forgot the password (again!). Or maybe you just want to be sneaky. No judgment here! You can still find the IP address from your host machine using the arp command.

But here's the catch: This method only works reliably if your Metasploitable 2 VM is in Bridged mode. Why? Because in Bridged mode, your VM is directly on your network, and your host machine can see its MAC address and associated IP address. If you're using NAT, this might not work, or it might give you the wrong IP (the IP of the virtual network adapter). Always double-check!

How to check IP on Hp Color LaserJet Pro / Check IP settings on Hp

The arp command displays the Address Resolution Protocol (ARP) table, which maps IP addresses to MAC addresses. MAC addresses are unique identifiers for network interfaces. So, to use this method, you need to know the MAC address of your Metasploitable 2 VM.

Finding the MAC Address

There are a couple of ways to find the MAC address:

From the VM settings: In VirtualBox or VMware, look at the network adapter settings for your Metasploitable 2 VM. You should see a MAC address listed there. It'll be in a format like 00:0C:29:xx:yy:zz.
From inside Metasploitable 2 (if you can log in): Use ifconfig or ip addr as described above. The MAC address is listed next to HWaddr (for ifconfig) or link/ether (for ip addr).

Using the "arp" Command

Once you have the MAC address, open a terminal (Command Prompt on Windows, Terminal on macOS/Linux) on your host machine. Then, use the arp command. The syntax is a little different depending on your operating system.

Linux/macOS:

Type arp -a and press Enter. This will list all the devices on your network that your host machine knows about. Look for the MAC address of your Metasploitable 2 VM in the list. The corresponding IP address will be next to it.

You can also filter the output using grep. For example, if your Metasploitable 2's MAC address is 00:0C:29:5F:93:6A, you could type arp -a | grep 00:0C:29:5F:93:6A.

Windows:

Type arp -a and press Enter. The output will be similar to Linux/macOS. Look for the MAC address of your Metasploitable 2 VM. The corresponding IP address will be in the "Internet Address" column.

If you're having trouble finding it, try pinging the broadcast address of your network first. This might help populate the ARP table. To find your broadcast address, you can usually look at the output of ipconfig (Windows) or ifconfig (Linux/macOS) on your host machine. It's often the last IP address in your network range (e.g., if your IP is 192.168.1.10, the broadcast address might be 192.168.1.255).

How to Find your IP Address on Windows 11 [2 Easy Ways] - YouTube

Then, type ping 192.168.1.255 (replace with your actual broadcast address). After that, try arp -a again.

Method 3: Network Scanning Tools – The More Aggressive Approach

If all else fails, or if you just want to be a bit more thorough, you can use a network scanning tool like nmap. Nmap is a powerful tool for network discovery and security auditing. It can scan your entire network and identify all the devices that are online, including your Metasploitable 2 VM, even if it's hiding behind NAT (to some extent, NAT can be a bit tricky).

Important: Using network scanning tools on networks you don't own or have permission to scan is illegal and unethical. Only use these tools on your own network or with explicit permission.

Installing Nmap

If you don't already have nmap installed, you can download it from the official nmap website: https://nmap.org/. It's available for Windows, macOS, and Linux.

Scanning Your Network

Open a terminal on your host machine and type the following command:

nmap -sn 192.168.1.0/24

Replace 192.168.1.0/24 with your network's IP address range. To find your network range, you can look at the output of ipconfig (Windows) or ifconfig (Linux/macOS) on your host machine. The /24 indicates a subnet mask of 255.255.255.0, which is a common home network configuration. If your network is different, adjust the subnet mask accordingly.

How to Assign IP Address on CISCO Switch | Networkforyou | CCNA 200-301

This command tells nmap to perform a "ping scan" (-sn) on the specified network range. It will send ICMP echo requests (pings) to each IP address in the range and report which devices are responding.

The output will look something like this:


Starting Nmap 7.92 ( https://nmap.org ) at 2023-10-27 14:30 PDT
Nmap scan report for 192.168.1.1 (192.168.1.1)
Host is up (0.00040s latency).
Nmap scan report for 192.168.1.100 (192.168.1.100)
Host is up (0.00032s latency).
Nmap scan report for 192.168.1.105 (192.168.1.105)
Host is up (0.00028s latency).
Nmap done: 256 IP addresses (3 hosts up) scanned in 2.56 seconds

You'll see a list of IP addresses that are "up." Now, you need to figure out which one is your Metasploitable 2 VM. One way to do this is to compare the MAC addresses from the nmap output to the MAC address you found earlier.

You can use the -p flag to specify a port to scan, which can sometimes help identify the device. For example, Metasploitable 2 is known to have port 22 (SSH) open. So, you could try:

nmap -p 22 192.168.1.0/24

If nmap finds port 22 open on a particular IP address, it's a strong indication that that's your Metasploitable 2 VM.

Troubleshooting: When Things Go Wrong

Sometimes, things don't go according to plan. (Surprise!) Here are a few common problems and how to fix them:

Can't ping Metasploitable 2: Make sure the VM is running! Check your firewall settings on both your host machine and the VM. Ensure that ICMP (ping) traffic is allowed.
"ifconfig" or "ip addr" not found: You might need to install the net-tools package (which includes ifconfig) or the iproute2 package (which includes ip). Use your distribution's package manager (e.g., apt-get install net-tools or apt-get install iproute2).
Nmap doesn't find anything: Double-check your network range and subnet mask. Make sure you're scanning the correct network. Also, try running nmap with root privileges (using sudo) to ensure it has the necessary permissions.
Still can't find the IP address: Take a deep breath! Double-check everything. Make sure you're using the correct MAC address. Make sure your VM is in Bridged mode if you're using the arp command. Sometimes, a simple restart of the VM or your host machine can fix things.

Wrapping Up: You've Got This!

Finding the IP address of your Metasploitable 2 VM might seem daunting at first, but it's a fundamental skill for anyone working with virtual machines and networks. Once you get the hang of it, it'll become second nature. Remember to always practice responsibly and ethically, and most importantly, have fun learning! Now go forth and conquer that network (your own, of course!). You are now an IP address finding master! (Well, almost.)