Good news, a new version of Metasploitable is available. Metasploitable is a Linux virtual machine that is left purposefully vulnerable so you can practice your mad cyber skills.
The latest version, Metasploitable 2, has a ton of open services for you to discover and try to exploit. Version 2 has several built in backdoors (intentional and unintentional) already present, weak passwords to crack and multiple vulnerable web services including DVWA (Damn Vulnerable Web App) and Irongeek’s vulnerable web application Mutillidae.
Mutillidae is really cool and a great learning tool as it has all the vulnerabilities from the OWASP Top Ten with a few extra thrown in for good measure. Irongeek’s website has a ton of tutorials on using Multillidae.
We had some fun a few months ago with gaining root on the first version of Metasploitable, hopefully in a week or two we will take a closer look at Metasploitable 2. In the mean time, download it and check it out!