Finding the IP address of a Vulnerable Machine

So you’ve got your lab setup and you’ve been over to and you’ve downloaded a vulnerable virtual machine such as Kioptrix 1.1.

You have managed to install the VM into your favourite hypervisor such as Virtual Box or VMWare and get it booted. You are presented at this stage with a login screen for the VM.

At this point before you can start enumerating with NMap etc you will need to find out the IP address of that VM. To do this load Kali and open a terminal window. Then use the tools below to scan the local network

NB Ensure that both Kali and the vulnerable VM are both on internal (host only) networks.



Simply type the following  at the command prompt.


Screenshot 2018-05-25 14.46.54

NMap Ping Sweep

First of all you need to know your own IP address so that you can workout the subnet to scan. Do this by entering


at the terminal prompt.

Once you get the result back enter the following

nmap -sn

Screenshot 2018-05-25 15.09.11

replacing the IP address and subnet mask with your own.


At the terminal enter the following:

arp-scan -l

Screenshot 2018-05-25 14.39.32

All of these tools will help you discover the IP addresses of devices on your subnet.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s