No edit summary |
(modern Fedora versions using dnf instead yum) |
||
(30 intermediate revisions by 9 users not shown) | |||
Line 1: | Line 1: | ||
__NOTOC__ | |||
{{autolang|base=yes}} | |||
Since Metasploit comes with a "self update from Git" feature and is updated with new exploits frequently most users likely prefer building from source or the git checkout. | |||
NOTE: These instructions are outdated, see the updated guide on how to install the [[Metasploit Penetration Testing Framework]] for more details. | |||
NOTE: The instruction has been outdated: | |||
* Fedora 19 ships with Ruby 2.0 and Metasploit requires 1.9.3 to function. rvm is required to get 1.9.3 running | |||
* Metasploit directory structure has been changed. <tt>msf/</tt> is now <tt>msf3/</tt> | |||
* Ruby-extension pcaprub is no longer distributed with Metasploit. Use <tt>gem install pcaprub</tt> | |||
== Dependencies == | == Dependencies == | ||
Install the Ruby dependencies: | Install the Ruby dependencies using [[yum]] or [[dnf]]: | ||
$ sudo | $ sudo dnf -y install ruby-irb rubygems rubygem-bigdecimal rubygem-rake rubygem-i18n rubygem-bundler | ||
Install the | Install the git and the svn client: | ||
$ sudo | $ sudo dnf -y install git svn | ||
In order to build the native extensions (pcaprub, lorcon2, etc), the following packages need to be installed: | In order to build the native extensions (pcaprub, lorcon2, etc), the following packages need to be installed: | ||
$ sudo dnf builddep -y ruby | |||
or with yum: | |||
$ sudo yum-builddep -y ruby | $ sudo yum-builddep -y ruby | ||
$ sudo | |||
then: | |||
$ sudo dnf -y install ruby-devel libpcap-devel | |||
Get the latest version of rake | |||
$ sudo gem install rake | |||
=== Database support === | === Database support === | ||
In order to use the database functionality, RubyGems along with the appropriate drivers must be installed: | In order to use the database functionality, RubyGems along with the appropriate drivers must be installed: | ||
Postgres is the recommended database: | Postgres is the recommended database: | ||
$ sudo | $ sudo dnf -y install postgresql-server postgresql-devel | ||
$ sudo gem install pg | |||
Unfortunately the ruby-postgres RPM can't be used as a replacement. | |||
Or for MySQL: | Or for MySQL: | ||
$ sudo | $ sudo dnf -y install mysql-server ruby-mysql | ||
Sqlite will work for basic tasks, but is no longer supported! | Sqlite will work for basic tasks, but is no longer supported! | ||
$ sudo | $ sudo dnf -y install sqlite rubygem-sqlite3 | ||
== Metasploit Framework == | == Metasploit Framework == | ||
Once the dependencies have been installed, download the Unix tarball from the [http://www.metasploit.com/framework/download/ Metasploit download page] and run the following commands: | Once the dependencies have been installed, download the Unix tarball from the [http://www.metasploit.com/framework/download/ Metasploit download page] and run the following commands: | ||
$ tar - | $ wget http://downloads.metasploit.com/data/releases/framework-latest.tar.bz2 | ||
$ sudo mkdir -p /opt/ | $ tar -jxf framework-latest.tar.bz2 | ||
$ sudo cp -a | $ sudo mkdir -p /opt/metasploit4 | ||
$ sudo chown root:root -R /opt/ | $ sudo cp -a msf/ /opt/metasploit4/msf | ||
$ sudo ln -sf /opt/ | $ sudo chown root:root -R /opt/metasploit4/msf | ||
$ sudo ln -sf /opt/metasploit4/msf/msf* /usr/local/bin/ | |||
Or checkout the source from the upstream git repository in a directory of your choice. | |||
$ git clone git://github.com/rapid7/metasploit-framework.git | |||
== Metasploit Extensions == | == Metasploit Extensions == | ||
The Metasploit framework includes a few native Ruby extensions that must be compiled in order to use certain types of modules. | The Metasploit framework includes a few native Ruby extensions that must be compiled in order to use certain types of modules. | ||
To enable WiFi modules: | To enable WiFi modules: | ||
$ sudo bash | $ sudo bash | ||
# cd /opt/ | # cd /opt/metasploit4/msf/external/ruby-lorcon2/ | ||
# svn co | # svn co http://802.11ninja.net/svn/lorcon/trunk lorcon2 | ||
# cd lorcon2 | # cd lorcon2 | ||
# ./configure --prefix=/usr && make && make install | # ./configure --prefix=/usr && make && make install | ||
Line 45: | Line 70: | ||
# ruby extconf.rb | # ruby extconf.rb | ||
# make && make install | # make && make install | ||
To enable raw socket modules: | |||
$ sudo gem install pcaprub | |||
== Updates == | == Updates == | ||
The Metasploit Framework is updated daily with the latest exploits, payloads, features, and bug fixes. To update your installation of the framework: | The Metasploit Framework is updated daily with the latest exploits, payloads, features, and bug fixes. To update your installation of the framework: | ||
$ sudo svn update /opt/ | $ sudo svn update /opt/metasploit4/msf/ | ||
This can also be installed into the root user's crontab: | This can also be installed into the root user's crontab: | ||
$ sudo crontab -e -u root # enter the line below | $ sudo crontab -e -u root # enter the line below | ||
1 * * * * /usr/bin/svn update /opt/ | 1 * * * * /usr/bin/svn update /opt/metasploit4/msf/ >> /var/log/msfupdate.log 2>&1 | ||
== Database Configuration == | == Database Configuration == | ||
Now that the framework is installed, you'll want to configure a database connection, and enable the framework to connect to it: | Now that the framework is installed, you'll want to configure a database connection, and enable the framework to connect to it: | ||
For postgres, see [ | <br> | ||
For postgres, see [[Metasploit Postgres Setup]] (recommended by upstream) | |||
<br> | |||
For mysql, see [http://www.metasploit.com/redmine/projects/framework/wiki/Mysql_setup mysql_setup] | For mysql, see [http://www.metasploit.com/redmine/projects/framework/wiki/Mysql_setup mysql_setup] | ||
For sqlite, see [http://www.metasploit.com/redmine/projects/framework/wiki/Sqlite_setup sqlite_setup] (not supported!!). | <br> | ||
For sqlite, see [http://www.metasploit.com/redmine/projects/framework/wiki/Sqlite_setup sqlite_setup] (upstream: "not supported!!"). | |||
<br> | |||
{{admon/important|This is important|Keep in mind that services firewalld and selinux must be disabled or configured to allow the pass of the exploits and payloads.}} | |||
== See Also == | == See Also == | ||
* [http://www.metasploit.com/redmine/projects/framework/wiki/Install_Ubuntu Metasploit Wiki: Installation on Ubuntu Linux] | * [http://www.metasploit.com/redmine/projects/framework/wiki/Install_Ubuntu Metasploit Wiki: Installation on Ubuntu Linux] | ||
*[https://github.com/rapid7/metasploit-framework/wiki/Setting-Up-a-Metasploit-Development-Environment Metasploit Wiki: Metasploit Development Environment] |
Latest revision as of 17:55, 13 March 2018
Since Metasploit comes with a "self update from Git" feature and is updated with new exploits frequently most users likely prefer building from source or the git checkout.
NOTE: These instructions are outdated, see the updated guide on how to install the Metasploit Penetration Testing Framework for more details.
NOTE: The instruction has been outdated:
- Fedora 19 ships with Ruby 2.0 and Metasploit requires 1.9.3 to function. rvm is required to get 1.9.3 running
- Metasploit directory structure has been changed. msf/ is now msf3/
- Ruby-extension pcaprub is no longer distributed with Metasploit. Use gem install pcaprub
Dependencies
Install the Ruby dependencies using yum or dnf:
$ sudo dnf -y install ruby-irb rubygems rubygem-bigdecimal rubygem-rake rubygem-i18n rubygem-bundler
Install the git and the svn client:
$ sudo dnf -y install git svn
In order to build the native extensions (pcaprub, lorcon2, etc), the following packages need to be installed:
$ sudo dnf builddep -y ruby
or with yum:
$ sudo yum-builddep -y ruby
then:
$ sudo dnf -y install ruby-devel libpcap-devel
Get the latest version of rake
$ sudo gem install rake
Database support
In order to use the database functionality, RubyGems along with the appropriate drivers must be installed: Postgres is the recommended database:
$ sudo dnf -y install postgresql-server postgresql-devel $ sudo gem install pg
Unfortunately the ruby-postgres RPM can't be used as a replacement.
Or for MySQL:
$ sudo dnf -y install mysql-server ruby-mysql
Sqlite will work for basic tasks, but is no longer supported!
$ sudo dnf -y install sqlite rubygem-sqlite3
Metasploit Framework
Once the dependencies have been installed, download the Unix tarball from the Metasploit download page and run the following commands:
$ wget http://downloads.metasploit.com/data/releases/framework-latest.tar.bz2 $ tar -jxf framework-latest.tar.bz2 $ sudo mkdir -p /opt/metasploit4 $ sudo cp -a msf/ /opt/metasploit4/msf $ sudo chown root:root -R /opt/metasploit4/msf $ sudo ln -sf /opt/metasploit4/msf/msf* /usr/local/bin/
Or checkout the source from the upstream git repository in a directory of your choice.
$ git clone git://github.com/rapid7/metasploit-framework.git
Metasploit Extensions
The Metasploit framework includes a few native Ruby extensions that must be compiled in order to use certain types of modules.
To enable WiFi modules:
$ sudo bash # cd /opt/metasploit4/msf/external/ruby-lorcon2/ # svn co http://802.11ninja.net/svn/lorcon/trunk lorcon2 # cd lorcon2 # ./configure --prefix=/usr && make && make install # cd .. # ruby extconf.rb # make && make install
To enable raw socket modules:
$ sudo gem install pcaprub
Updates
The Metasploit Framework is updated daily with the latest exploits, payloads, features, and bug fixes. To update your installation of the framework:
$ sudo svn update /opt/metasploit4/msf/
This can also be installed into the root user's crontab:
$ sudo crontab -e -u root # enter the line below 1 * * * * /usr/bin/svn update /opt/metasploit4/msf/ >> /var/log/msfupdate.log 2>&1
Database Configuration
Now that the framework is installed, you'll want to configure a database connection, and enable the framework to connect to it:
For postgres, see Metasploit Postgres Setup (recommended by upstream)
For mysql, see mysql_setup
For sqlite, see sqlite_setup (upstream: "not supported!!").