1. Download Metasploitable 2 via the link: https://sourceforge.net/projects/metasploitable/files/Metasploitable2/
2. Create a new VM in virtualbox with the type: Linux and Version: Ubuntu (64-bit). Though you can customise your own settings for the creation of the virtual machine the defaults will work fine.
3. Click into the settings of your new VM and navigate to the network menu. Make sure you do not use 'nat,' but rather a host only network adapter. This will ensure that metasploitable will only be accessible by you.
Note: If there is no host only network adapter then one can be created by going file>preferences>Network>host-only networks. Then click the plus symbol to create a new host only adapter.
4. In the settings of the VM now navigate to the storage menu. In the storage tree there may be a file in the 'Controller:SATA.' Remove the file and then click the 'add hard disk' icon. Browse and select the metasploitable.vmdk file downloaded from earlier.
5. Now simply start up the VM. The username is msfadmin and the password is msfadmin. Use the command 'ifconfig' to see what 'eth0' 'inet addr:' the vm will operate on.
6. When connecting to metasploitable via a kali VM you must ensure that as well as being connected to 'nat' in the network settings; you must also add a host only adapter. (The same one that metasploitable2 is using)
7. If you have any trouble jump on the discord or ask us for help in our Wednesday sessions.
Setting up a Kali Linux and Metasploitable Virtual Machines
How to command-line?
While you'll notice that you're presented with a really smooth GUI on your Kali home screen, when working with Linux it's crucial to be able to use the command-line. Later down the road when you're remotely issuing commands to other computers that you've managed to gain access to, it will be through the command line not with a mouse!
As a stretch goal to work towards, you should be able to do everything you want to do in Kali only using the terminal. For now, just get a handle on the basics: