Scribd
Upload
138 views

Installing Metasploit

This guide outlines the steps to install Metasploit framework on Ubuntu and Debian. It covers installing dependencies, proper Ruby version, Nmap, PostgreSQL configuration, cloning Metasploit from GitHub, and linking commands. Armitage can also be installed for a GUI.

Uploaded by

milevyo
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
138 views

Installing Metasploit

This guide outlines the steps to install Metasploit framework on Ubuntu and Debian. It covers installing dependencies, proper Ruby version, Nmap, PostgreSQL configuration, cloning Metasploit from GitHub, and linking commands. Armitage can also be installed for a GUI.

Uploaded by

milevyo
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 8

Installing Metasploit in Ubuntu and Debian

http://www.darkoperator.com/installing-metasploit-in-ubunt/

HELL
I O N LY
THE
BEGINNING
When getting shell is only the start of the journey.

BLOG

I N F O E C TA C T I C O P O D C A T

BLOG ERIE

EARCH

M F I N TA L L AT I O N G U I D E

PROJECT

ABOUT ME

Installing Metasploit Framework on Ubuntu


14.04 LT and Debian 7
This Guide covers the installation of Metasploit
Framework O Project on Ubuntun Linux LT. If ou do
not wish to run the Open ource version or set up a
development environment and do not mind giving our
email address to Rapid 7 for marketing I would

1 of 8

23 09:06 2016 ,

Installing Metasploit in Ubuntu and Debian

http://www.darkoperator.com/installing-metasploit-in-ubunt/

recommend downloading their comercial installer


from http://www.metasploit.com/ for Metasploit Express
and Pro.
If ou prefer an all in one installer onl for framework the
Metasploit team offers nightl built installers at
https://github.com/rapid7/metasploit-framework
/wiki/Nightl-Installers making a quick setup a breeze if
ou do not plan to pull separate branches to test
experimental code or do development.

Installing Dependencie
We start b making sure that we have the latest
packages b updating the sstem using apt-get:

sudo apt-get update


sudo apt-get upgrade

Now that we know that we are running an updated


sstem we can install all the dependent packages that
are needed b Metasploit Framework:

sudo apt-get install build-essential libreadline-dev


libssl-dev libpq5 libpq-dev libreadline5
libsqlite3-dev libpcap-dev openjdk-7-jre git-core
autoconf postgresql pgadmin3 curl zlib1g-dev
libxml2-dev libxslt1-dev vncviewer libyaml-dev curl
zlib1g-dev

Installing a Proper Version of Rub


The distribution sadl does not comes b default with a

2 of 8

23 09:06 2016 ,

Installing Metasploit in Ubuntu and Debian

http://www.darkoperator.com/installing-metasploit-in-ubunt/

proper version of Linux for us to use with Metasploit


Framework and we will have to download and compile a
proper one. There 2 mains was recommended for this
are using RVM or rbenv (Do not install both choose one
or the other). If installing using RVM be warned that
smlinks will not work do to the wa it places the
binar stubs of the metasploit-framework gem
Installing Rub using RVM:

curl -L https://get.rvm.io | bash -s stable


source ~/.rvm/scripts/rvm
echo "source ~/.rvm/scripts/rvm" >> ~/.bashrc
source ~/.bashrc
rvm install 2.1.9
rvm use 2.1.9 --default
ruby -v

Installing Rub using rbenv:

cd ~
git clone git://github.com/sstephenson/rbenv.git
.rbenv
echo 'export PATH="$HOME/.rbenv/bin:$PATH"' >>
~/.bashrc
echo 'eval "$(rbenv init -)"' >> ~/.bashrc
exec $SHELL

git clone git://github.com/sstephenson/rubybuild.git ~/.rbenv/plugins/ruby-build


echo 'export PATH="$HOME/.rbenv/plugins/rubybuild/bin:$PATH"' >> ~/.bashrc

3 of 8

23 09:06 2016 ,

Installing Metasploit in Ubuntu and Debian

http://www.darkoperator.com/installing-metasploit-in-ubunt/

# sudo plugin so we can run Metasploit as root with


"rbenv sudo msfconsole"
git clone git://github.com/dcarley/rbenv-sudo.git
~/.rbenv/plugins/rbenv-sudo

exec $SHELL

rbenv install 2.1.9


rbenv global 2.1.9
ruby -v

Installing Nmap
One of the external tools that Metasploit uses for
scanning that is not included with the sources is Nmap.
Here we will cover downloading the latest source code
for Nmap, compiling and installing:

mkdir ~/Development
cd ~/Development
svn co https://svn.nmap.org/nmap
cd nmap
./configure
make
sudo make install
make clean

Configuring Postgre QL erver


We start b switching to the postgres user so we can
create the user and database that we will use for
Metasploit

4 of 8

23 09:06 2016 ,

Installing Metasploit in Ubuntu and Debian

http://www.darkoperator.com/installing-metasploit-in-ubunt/

sudo -s
su postgres

Now we create the user and Database, do record the


database that ou gave to the user since it will be used
in the database.ml file that Metasploit and Armitage use
to connect to the database.

createuser msf -P -S -R -D
createdb -O msf msf
exit
exit

If ou experience problems with the database setup this


fedora guide offers a good guide for troubleshooting
and setup https://fedoraproject.org
/wiki/Metasploit_Postgres_etup

Installing Metasploit Framework


We will download the latest version of Metasploit
Framework via Git so we can use msfupdate to keep it
updated:

cd /opt
sudo git clone https://github.com/rapid7/metasploitframework.git
sudo chown -R `whoami` /opt/metasploit-framework
cd metasploit-framework

Install using bundler the required gems and versions:

cd metasploit-framework

# If using RVM set the default gem set that is

5 of 8

23 09:06 2016 ,

Installing Metasploit in Ubuntu and Debian

http://www.darkoperator.com/installing-metasploit-in-ubunt/

create when you navigate in to the folder


rvm --default use ruby-2.1.6@metasploit-framework

gem install bundler


bundle install

WARNING: Currentl there is a bug in Metasploit


Framework with mlinks and
RVM: https://github.com/rapid7/metasploit-framework
/issues/4602
Lets create the links to the commands so we can use
them under an user and not being under the framework
folder, for this we need to be in the metasploitframework folder if not alread in it:

cd metasploit-framework
sudo bash -c 'for MSF in $(ls msf*); do ln -s
/opt/metasploit-framework/$MSF /usr/local
/bin/$MSF;done'

Metasploit for Development and Contribution


If ou wish to develop and contribute to the product ou
can follow the additional steps here Metasploit Dev
Environment . For this ou will need a GitHub account
and ou will fork the project in to our own account. I
personall keep m dev cop of Metasploit in
~/Development folder and after an initial run of
msfconsole I keep m database.ml file in ~/.msf4
/cofig folder and adjust the
MF_DATABAE_CONFIG variable for it or run
msfconsole with the - option and point it to a YAML file

6 of 8

23 09:06 2016 ,

Installing Metasploit in Ubuntu and Debian

http://www.darkoperator.com/installing-metasploit-in-ubunt/

with the correct configuration.


Installing armitage:

curl -# -o /tmp/armitage.tgz
http://www.fastandeasyhacking.com/download/armitagelatest.tgz
sudo tar -xvzf /tmp/armitage.tgz -C /opt
sudo ln -s /opt/armitage/armitage /usr/local
/bin/armitage
sudo ln -s /opt/armitage/teamserver /usr/local
/bin/teamserver
sudo sh -c "echo java -jar /opt/armitage
/armitage.jar \$\* > /opt/armitage/armitage"
sudo perl -pi -e 's/armitage.jar/\/opt\/armitage
\/armitage.jar/g' /opt/armitage/teamserver

Lets create the database.ml file that will contain the


configuration parameters that will be use b framework:

sudo nano /opt/metasploit-framework/config


/database.yml

Cop the YAML entries and make sure ou provide the


password ou entered in the user creating step in the
password field for the database:

production:
adapter: postgresql
database: msf
username: msf
password:
host: 127.0.0.1
port: 5432
pool: 75

7 of 8

23 09:06 2016 ,

Installing Metasploit in Ubuntu and Debian

http://www.darkoperator.com/installing-metasploit-in-ubunt/

timeout: 5

Create and environment variable so it is loaded b


Armitage and b msfconsole when running and load the
variable in to our current shell:

sudo sh -c "echo export MSF_DATABASE_CONFIG=/opt


/metasploit-framework/config/database.yml >>
/etc/profile"

source /etc/profile

First Run
Now we are read to run Metasploit for the first time. M
recommendation is to run it first under a regular user so
the folders create under our home director have the
proper permissions. First time it runs it will create the
entries needed b Metasploit in the database so it will
take a while to load.

msfconsole

Copright Carlos Perez 2014

8 of 8

23 09:06 2016 ,

You might also like