Sunday, August 23, 2015

HOWTO : Metasploit Framework on Ubuntu 14.04 LTS

Metasploit is an exploitation framework.


Install

sudo apt-get install git build-essential libreadline-dev libssl-dev libpq5 libpq-dev libreadline5 libsqlite3-dev libpcap-dev default-jre git autoconf postgresql pgadmin3 curl zlib1g-dev libxml2-dev libxslt1-dev xtightvncviewer libyaml-dev curl zlib1g-dev libffi-dev libgmp-dev

cd ~
mkdir arsenal
cd arsenal

Install Ruby :

gpg --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3
curl -sSL https://get.rvm.io | bash -s stable
source ~/.rvm/scripts/rvm
echo "source ~/.rvm/scripts/rvm" >> ~/.bashrc
source ~/.bashrc
rvm install 2.1.6
rvm use 2.1.6 --default
ruby -v


* Metasploit Framework use ruby 2.1.6 by default

Install NMap :

* Install NMap if you do not have it installed; otherwise, skip it.

cd ~/arsenal
git clone https://github.com/nmap/nmap.git
cd nmap
./configure
make
sudo make install


Configure PostgreSQL :

sudo -s
su postgres

createuser msf -P -S -R -D

* enter "msf" as password
createdb -O msf msf
exit
exit


Install Metasploit Framework :

cd ~/arsenal
git clone https://github.com/rapid7/metasploit-framework.git
cd metaploit-framework
rvm --default use ruby-2.1.6@metasploit-framework --create
gem install bundler
bundle install


Configure Metasploit :

cp ~/arsenal/metasploit-framework/config/database.yml.example ~/arsenal/metasploit-framework/config/database.yml
nano ~/arsenal/metasploit-framework/config/database.yml

development: &pgsql
  adapter: postgresql
  database: msf
  username: msf
  password: msf
  host: localhost
  port: 5432
  pool: 75
  timeout: 5

sudo sh -c "echo export MSF_DATABASE_CONFIG=/home/samiux/arsenal/metasploit-framework/config/database.yml >> /etc/profile"

source /etc/profile


* please rename the /home/samiux to your name.

To run it :

cd ~/arsenal
cd metasploit-framework
sudo service postgresql start
msfconsole
sudo service postgresql stop



Update/Ugrade

sudo apt-get update
sudo apt-get dist-upgrade
cd ~/arsenal/metasploit-framework
git pull origin master
msfupdate



Reference

See also : NMap


That's all! See you.