Creating a Metasploitable VM Lab in Qubes 4.1

User Support
1

i want to setup Metasploitable VM as a lab in Qubes to practice on but im having some trouble.

Metasploitable comes as a . vmdk
I read this page, it instructs users to convert to .raw (where it specified win10, i have replaced with Metaspilotable)

qemu-img convert -O raw *.vmdk Metasploitable.raw

Successful.
The documentation then instructs the user to transfer the raw file to dom0 and seems to save it as a .img

qvm-run --pass-io name-of-vm 'cat /home/user/Metasploitable.raw' > /home/admin/metasploitable-root.img

terminal completes back to prompt
I then put in

qvm-create --property=virt_mode=hvm --property=memory=4096 --property=kernel='' --label red --standalone --root-move-from /home/user/win10-root.img win10

I get the following error

app: Error importing root volume (but VM created): Data import failed: not enough data (copied 8589934592 bytes, expected 10737418240 bytes)

I can see the ā€˜Metasploitableā€™ VM in Qubes Manager. Red cube, standaloneVM
However when i go to run the VM a terminal opens & i get the following Error

Booting from Hard Diskā€¦
Boot failed not a bootable disk

Booting from Floppyā€¦
Boot failed could not read the boot disk

No bootable device.

Any ideas whats gone wrong?
This is my first time trying to create a VM not based on a Qubes template, but did succesfully get Kali template installed.

VM also wont shut down and has to be ā€˜killedā€™

1 Like
2

Quick update, i just tested the Metasploitable.VMDK does work in virtualbox on windows 10.
So either

  • Something is going wrong with the conversion to .raw/.img,
  • i have a setting wrong,
  • or Xen doesnt like it for some reason

Is there a log file that will tell me whats going wrong?

I did notized the unzipped Metasploit.vmdk file was acompanied by a few other files,

  • Metasploitable.nvram,
  • Metasploitable.vmsd,
  • Metasploitable.vmx,
  • Metasploitable.vmxf

could not including these files be the cause? I had only focused on the .VMDK

Any seasoned custom VM builders care to have a crack at getting it to boot would be appreciated.

EDIT: Just a thought, can virtualbox export the running .VMDK on windows 10 out to another format that Qubes/Xen will like?

3

might no, because the .vmdk file is the disk file and other is just vmware related file

there no similar format between virtualbox and xen

4

Thanks @ppc , it sound like this guy @dallas87 has it working. Im hoping he can help.

5

Looks like @yann experinced the same error trying to create a VM whose size is smaller than the VMā€™s rootfs size

app: Error importing root volume (but VM created): Data import failed: not enough data (copied 771339878 bytes, expected 10737418240 bytes)

The solution they posted was

dd if=/dev/zero of=myrootfs.img count=0 bs=1 seek=10737418240

But im not sure how to include the above dd with the qvm-create command?
Do i just add it to the end?

6

no, just do that before running qvm-create command on the root image

1 Like
7

IT WORKS !! Thanks mate @ppc
Metasploit has booted to loginscreen.

Here are my commands for anyone interested.
Once Metasploit has been downloaded and extracted in VM of your choice open terminal in the location of your .vmdk file and enter,

qemu-img convert -f vmdk *.vmdk -O raw Metasploitable.raw

Then in dom0 terminal

qvm-run --pass-io name-of-source-vm 'cat "/home/user/Metasploitable.raw"' > /home/admin/metasploitable.img

dd if=/dev/zero of=Metasploitable.img count=0 bs=1 seek=10737418240

qvm-create --property=virt_mode=hvm --property=memory=4096 --property=kernel='' --label red --standalone --root-move-from /home/admin/Metasploitable.img Metasploitable

For security i setup a separate sys-proxy network VM that has no access to sys-net (no internet). This way my Lab Kali/Metaspoilt stuff is contained from internet, and the rest of my network.

I followed this and entered the following command in my sys-proxy VM terminal to enable networking between both VMs.

sudo iptables -I FORWARD 2 -s <IP address of A> -d <IP address of B> -j ACCEPT

Kali VM & Metasploitable lab VM can ping
Now the fun begins :sunglasses:

2 Likes
8

Just have to chime in with a massive thanks for the work on this. I was getting completely puzzled by how I was going to resolve this issue, but once again the Qubes community is amazing! Thanks @ppc and @naverone.