Installing Metasploit Framework GIT version
Recently with the release of Metasploit 4.5 the developers changed they way the framework is updated, previously it used to be done via ‘svn’, but due to various reasons it has been changed to be updated via ‘git’.
Also the developers chose to change the ‘Community’ version somewhat, they removed a large chunk of code that was kinda duplicated, this and other changes has altered the update frequency of the framework. The Community version now only receives updated modules etc on a weekly basis as the updates are QA’ed in the same way the Pro version is. The Community version also has to be activated to allow it to be updated also.
There is a way still to allow developers, pentesters or guys who just want the latest version. It follows the the ‘old way’ were the framework shipped without the database, but with support to connect to one.
I’ll show you here how to set up the git version of the framework, I did this on my pentesting laptop which runs Arch Linux, but as the framework is written in ‘ruby’ it should follow the same for any distro.
First off we need to install git, if you don’t already have it installed
sudo pacman -S git
Next run the next few commands as root
sudo su cd /opt git clone git://github.com/rapid7/metasploit-framework.git /opt/framework
This will clone the whole framework repository into the /opt/framework folder
Next step, we need to setup the database, postgresql, I used the following how to on the Arch Linux wiki, to complete the first parts of the setup - https://wiki.archlinux.org/index.php/Postgresql, extract below.
pacman -S postgresql
Configure the PGROOT
Edit the /etc/conf.d/postgresql configuration file. If you don’t know what value to use, just uncomment the line starting with “PGROOT” (the default directory is /var/lib/postgres). – I did just as this says.
Create the file tmpfiles.d for /run/postgresql:
systemd-tmpfiles --create postgresql.conf
Create the data directory (acordingly with the PGROOT variable set before in the config file)
Set /var/lib/postgres/data ownership to user ‘postgres’
chown -c postgres:postgres /var/lib/postgres/data
As user ‘postgres’ start the database (see first paragraph of this document for instructions on how to become a postgres user):
su - postgres initdb -D '/var/lib/postgres/data'
Start PostgreSQL – have to do this as ‘root’
systemctl start postgresql
(Optional) Add PostgreSQL to the list of daemons that start on system startup
systemctl enable postgresql
Next we need to configure the database, I used a lot of info here that I found in a blog post from the awesome Carlos Perez – http://www.darkoperator.com/installing-metasploit-in-ubunt/
Configuring Postgre SQL Server
We start by switching to the postgres user so we can create the user and database that we will use for Metasploit
sudo -s su postgres
Now we create the user and Database, do record the database that you gave to the user since it will be used in the database.yml file that Metasploit use to connect to the database.
createuser msf -P -S -R -D createdb -O msf msf exit exit
Now we have a database and user etc we need a database.yml file so he framework can connect up to it,
cd /opt/framework touch database.yml nano database.yml
now paste the below into the empty databse.yml file and save it.
production: adapter: postgresql database: msf username: msf password: host: 127.0.0.1 port: 5432 pool: 75 timeout: 5
Remember to enter the password you gave the msf database user into the database.yml file.
OK now we are almost there, this is a new bit to that the framework devs have added to the git version.
gem install bundler bundle install
This will pull in all the required dependencies for metasploit framework. H D Moore himself passed this on.
Next lets create an environment variable so it is loaded by msfconsole when running and load the variable in to your current shell:
sudo echo export MSF_DATABASE_CONFIG=/opt/framework/database.yml >> /etc/profile source /etc/profile
Strangley I couldn’t get the framework to recognise this variable, possibly because I’m using Arch, so I put this little script together that runs the framework and postgresql etc
systemctl start postgresql ./msfconsole -y database.yml systemctl stop postgresql exit
Next we need to install the pcaprub gem so we can use the portscanning modules:
cd /opt/framework/external/pcaprub sudo ruby extconf.rb && sudo make && sudo make install
Now we’re ready to run msfconsole
Forgot to mention that you also need ruby installed – I use a system wide installation of ruby 1.9.3 using rvm, which can be installed by following this https://rvm.io/rvm/install/
Hopefully you have a working msfconsole with the database connected, you can check this by entering ‘hosts’ and the console should show that there are no hosts in the database or that the database is not connected.
To update the framework you run the usual ‘msfupdate’ command or issue a ‘git pull’ from inside the /opt/framework folder.
- Metasploit Weekly Update: On Breaking (and Fixing!) Security Software March 5, 2014Attacking Security InfrastructureThis week, one module stands out for me: the Symantec Endpoint Protection Manager Remote Command Execution by xistence, who built on the proof-of-concept code from Chris Graham, who turned that out after Stefan Viehbock's disclosure from last week. You can read the full disclosure text from SEC Consult Vulnerability Lab, […]
- Don't Be An Easy Target: Testing Your Network Segmentation March 4, 2014Network segmentation is the act of splitting a computer network into subnetworks, each being a network segment or network layer, which increases security and can also boost performance. It is a security best practice that is recommended (but not required) by PCI DSS and it makes the top 20 list of critical security controls suggested by SANS. Due to the ongo […]
- Metasploit at RootedCON 2014 in Madrid March 3, 2014First of all let me share with all you, I'm really excited to write this blog post! This week RootedCON 2014 will be happening in Spain and we got a talk accepted with @julianvilas! The talk's title is not very self-explanatory: "Kicking SCADA Around." So, in case you are interested in attending here is a little more information about the […]
- Generating Kali Raspberry Pi Images January 27, 2014"Kali Linux Raspberry Pi Image Updated!" That was supposed to be the "tweet" we would release, telling everyone our new Kali Linux Raspberry Pi image was supposedly better than our old one. We often update our followers with news like this on twitter, and this tweet would be no different. However, this time, we thought it would be interes […]
- Exploit Database Hosted on GitHub January 7, 2014We have recently completed some renovations on the Exploit Database backend systems and moved the EDB exploit repository to Github. This means that it's now easier than ever to copy, clone or fork the whole repository. The previous SVN CVS has been retired.
- Bug Bounty Program Insights December 23, 2013With the nature of our business, we at Offensive Security take our system security very seriously and we appreciate the benefits of having "the crowd" scrutinize our internet presence for bugs. For this reason, we recently started our own Bug Bounty Program, which provides incentives for researchers to inform us of possible vulnerabilities in our s […]
- An error has occurred; the feed is probably down. Try again later.
- [webapps] - Ajax File Manager Directory Traversal March 8, 2014Ajax File Manager Directory Traversal
- [webapps] - Ilch CMS 2.0 - Persistent XSS Vulnerability March 5, 2014Ilch CMS 2.0 - Persistent XSS Vulnerability
- [webapps] - OpenDocMan 1.2.7 - Multiple Vulnerabilities March 5, 2014OpenDocMan 1.2.7 - Multiple Vulnerabilities