How to do it...

For the Kali Linux machine, the Linux server, and the Windows 10 client, the setup is simple. We can download the Kali Linux virtual machine from the official site, https://www.kali.org/downloads/; for the Linux server, we will use the Metasploitable 2 machine which you can download from SourceForge at https://sourceforge.net/projects/metasploitable/files/Metasploitable2/; and for the Windows 10 client, we can download a 90-day trial from the Microsoft Developer site at https://developer.microsoft.com/en-us/microsoft-edge/tools/vms/.

For the last machine, we will use Metasploitable 3, a Windows virtual machine that we will build, with many security vulnerabilities for us to test. To build the Metasploitable 3 machine, we have to install Packer, Vagrant, the Vagrant Reload plugin, and VirtualBox. The build scripts and documentation, as well as the most up-to-date build instructions, can be found at the official GitHub repository: https://github.com/rapid7/metasploitable3. To build the machine automatically, perform the following steps:

1. Run the build_win2008.sh script if using Bash, or build_win2008.ps1 if using Windows.
2. Upon successful completion, run vagrant up.
3. When the process completes, you should be able to open the VM within VirtualBox and log in using the username vagrant and password vagrant.

Before you start your virtual machines, there is an important configuration that you will have to make in order to set up the network communication for the lab:

1. Select the Kali Linux virtual machine and click on Settings. Then, move to Removable Devices. In the Network Adapter option, the network adapter should be configured to use Internet Sharing | Share with my Mac, which will allow the virtual machine to access the internet, sharing the IP address of the host machine, since it will provide Network Address Translation (NAT) for network traffic from the virtual machine.

1. The network adapter of the Metasploitable 3 virtual machine and the first network adapter of the Metasploitable 2 virtual machine should also be configured to use NAT:

1. In VMware Fusion, go to Preferences, select the Network tab, and create a custom network. Check the box to provide addresses on this network via DHCP; use the Subnet IP of 10.0.0.0  and the Subnet Mask of 255.255.255.0:

1. Now that you have created the custom network, select the Windows 10 virtual machine, click on Settings, then go to the Network Adapter settings. Choose Custom network and select the custom network we have created. Repeat the process for the second Network Adapter of the Metasploitable 2 virtual machine:

1. To verify the configuration, log in to the Metasploitable 2 machine and use the ip a command. The default username for the root user is msfadmin and the password is msfadmin: