Jump to content

Pen testing lab vbox issues


Recommended Posts

Hello all

I'm having a bit of trouble in my lab.  The way I have it set up is on a separate router which doesn't connect to the internet I have  a ubuntu machine hosting metasploitable 2 from virtualbox.  I also have a separate laptop on the network running kali on virtualbox as the attack machine.  I have the vms set to bridged mode so they have ip's on the network and can communicate.  For some reason when I run nmap from the attack machine I'm reading that all ports on metasploitable are closed.  However if I run both kali and metasploitable on the ubuntu host, the ports are open.  I thought it could be the ubuntu firewall but when I run ufw status it is set to inactive.  Both vms have promiscuous mode set to allow all.

I want to be able to use a separate machine to save on system resources.

Link to comment
Share on other sites

you can use iptables to look too.

#For main policies
sudo iptables -L

#For nat tables
sudo iptables -t nat -L

This will list all your policies including those that were placed there by ufw I believe.

When I ran Ubuntu, I looked up a way to destroy their preset firewall rules so I could do my own with iptables.


Link to comment
Share on other sites

Hmm well I tried doing ufw disable then followed up with 

sudo iptables-save > $HOME/firewall.txt
sudo iptables -X
sudo iptables -t nat -F
sudo iptables -t nat -X
sudo iptables -t mangle -F
sudo iptables -t mangle -X
sudo iptables -P INPUT ACCEPT
sudo iptables -P FORWARD ACCEPT
sudo iptables -P OUTPUT ACCEPT


I ran another nmap scan from my second host and am still seeing the ports as closed

Link to comment
Share on other sites

Well, lets try and troubleshoot this.  So, if you nmap from the Ubuntu host to the metsploitable VM do you get any open ports?

If so then next I would try this little thing.  Run "python -m SimpleHTTPServer" from the Ubuntu host and see if you can browse to it from your remote machine.

Last thing is instead of scanning for an open port on metasploitable, try and connect to the web port with your browser from remote machine to see if you get the page.  If you can browse it from the Ubuntu host, use the same URL on the remote machine.

Pretty much trying to see what is being blocked and where.  Also is your VM on the same subnet as the ubuntu host as well as the remote machine?


Link to comment
Share on other sites

Alright when I scan metasploitable from the ubuntu machine which is hosting it I get the open ports. 

When I run the simplehttpserver I can browse to it from the ubuntu machine hosting it. However I cannot access it from my laptop.

when I run an nmap scan of I can see all devices on the subnet from the remote machine.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...