Steve_Jobs Posted October 28, 2017 Share Posted October 28, 2017 Hello all I'm having a bit of trouble in my lab. The way I have it set up is on a separate router which doesn't connect to the internet I have a ubuntu machine hosting metasploitable 2 from virtualbox. I also have a separate laptop on the network running kali on virtualbox as the attack machine. I have the vms set to bridged mode so they have ip's on the network and can communicate. For some reason when I run nmap from the attack machine I'm reading that all ports on metasploitable are closed. However if I run both kali and metasploitable on the ubuntu host, the ports are open. I thought it could be the ubuntu firewall but when I run ufw status it is set to inactive. Both vms have promiscuous mode set to allow all. I want to be able to use a separate machine to save on system resources. Quote Link to comment Share on other sites More sharing options...
PoSHMagiC0de Posted October 28, 2017 Share Posted October 28, 2017 If you are running the VM from ubuntu, you may want to check the firewall settings. Quote Link to comment Share on other sites More sharing options...
Steve_Jobs Posted October 28, 2017 Author Share Posted October 28, 2017 Is there some way other than through ufw? Quote Link to comment Share on other sites More sharing options...
PoSHMagiC0de Posted October 28, 2017 Share Posted October 28, 2017 you can use iptables to look too. #For main policies sudo iptables -L #For nat tables sudo iptables -t nat -L This will list all your policies including those that were placed there by ufw I believe. When I ran Ubuntu, I looked up a way to destroy their preset firewall rules so I could do my own with iptables. Quote Link to comment Share on other sites More sharing options...
Steve_Jobs Posted October 28, 2017 Author Share Posted October 28, 2017 Hmm well I tried doing ufw disable then followed up with sudo iptables-save > $HOME/firewall.txt sudo iptables -X sudo iptables -t nat -F sudo iptables -t nat -X sudo iptables -t mangle -F sudo iptables -t mangle -X sudo iptables -P INPUT ACCEPT sudo iptables -P FORWARD ACCEPT sudo iptables -P OUTPUT ACCEPT I ran another nmap scan from my second host and am still seeing the ports as closed Quote Link to comment Share on other sites More sharing options...
Steve_Jobs Posted October 28, 2017 Author Share Posted October 28, 2017 It's possible that there's a firewall auto configured on my gl-mt300n running openwrt Quote Link to comment Share on other sites More sharing options...
PoSHMagiC0de Posted October 28, 2017 Share Posted October 28, 2017 Well, lets try and troubleshoot this. So, if you nmap from the Ubuntu host to the metsploitable VM do you get any open ports? If so then next I would try this little thing. Run "python -m SimpleHTTPServer" from the Ubuntu host and see if you can browse to it from your remote machine. Last thing is instead of scanning for an open port on metasploitable, try and connect to the web port with your browser from remote machine to see if you get the page. If you can browse it from the Ubuntu host, use the same URL on the remote machine. Pretty much trying to see what is being blocked and where. Also is your VM on the same subnet as the ubuntu host as well as the remote machine? Quote Link to comment Share on other sites More sharing options...
Steve_Jobs Posted October 28, 2017 Author Share Posted October 28, 2017 Alright when I scan metasploitable from the ubuntu machine which is hosting it I get the open ports. When I run the simplehttpserver I can browse to it from the ubuntu machine hosting it. However I cannot access it from my laptop. when I run an nmap scan of 192.168.8.1-249 I can see all devices on the subnet from the remote machine. Quote Link to comment Share on other sites More sharing options...
Steve_Jobs Posted October 31, 2017 Author Share Posted October 31, 2017 After running ufw disable again tonight I am able to access the http server from other machines but still seeing the metasploitable ports as closed... Quote Link to comment Share on other sites More sharing options...
PoSHMagiC0de Posted October 31, 2017 Share Posted October 31, 2017 After disabling ufw try, sudo iptables -F sudo iptables -X sudo iptables -Z Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.