Installing Metasploit Framework GIT version
Recently with the release of Metasploit 4.5 the developers changed they way the framework is updated, previously it used to be done via ‘svn’, but due to various reasons it has been changed to be updated via ‘git’.
Also the developers chose to change the ‘Community’ version somewhat, they removed a large chunk of code that was kinda duplicated, this and other changes has altered the update frequency of the framework. The Community version now only receives updated modules etc on a weekly basis as the updates are QA’ed in the same way the Pro version is. The Community version also has to be activated to allow it to be updated also.
There is a way still to allow developers, pentesters or guys who just want the latest version. It follows the the ‘old way’ were the framework shipped without the database, but with support to connect to one.
I’ll show you here how to set up the git version of the framework, I did this on my pentesting laptop which runs Arch Linux, but as the framework is written in ‘ruby’ it should follow the same for any distro.
First off we need to install git, if you don’t already have it installed
sudo pacman -S git
Next run the next few commands as root
sudo su cd /opt git clone git://github.com/rapid7/metasploit-framework.git /opt/framework
This will clone the whole framework repository into the /opt/framework folder
Next step, we need to setup the database, postgresql, I used the following how to on the Arch Linux wiki, to complete the first parts of the setup - https://wiki.archlinux.org/index.php/Postgresql, extract below.
pacman -S postgresql
Configure the PGROOT
Edit the /etc/conf.d/postgresql configuration file. If you don’t know what value to use, just uncomment the line starting with “PGROOT” (the default directory is /var/lib/postgres). – I did just as this says.
Create the file tmpfiles.d for /run/postgresql:
systemd-tmpfiles --create postgresql.conf
Create the data directory (acordingly with the PGROOT variable set before in the config file)
Set /var/lib/postgres/data ownership to user ‘postgres’
chown -c postgres:postgres /var/lib/postgres/data
As user ‘postgres’ start the database (see first paragraph of this document for instructions on how to become a postgres user):
su - postgres initdb -D '/var/lib/postgres/data'
Start PostgreSQL – have to do this as ‘root’
systemctl start postgresql
(Optional) Add PostgreSQL to the list of daemons that start on system startup
systemctl enable postgresql
Next we need to configure the database, I used a lot of info here that I found in a blog post from the awesome Carlos Perez – http://www.darkoperator.com/installing-metasploit-in-ubunt/
Configuring Postgre SQL Server
We start by switching to the postgres user so we can create the user and database that we will use for Metasploit
sudo -s su postgres
Now we create the user and Database, do record the database that you gave to the user since it will be used in the database.yml file that Metasploit use to connect to the database.
createuser msf -P -S -R -D createdb -O msf msf exit exit
Now we have a database and user etc we need a database.yml file so he framework can connect up to it,
cd /opt/framework touch database.yml nano database.yml
now paste the below into the empty databse.yml file and save it.
production: adapter: postgresql database: msf username: msf password: host: 127.0.0.1 port: 5432 pool: 75 timeout: 5
Remember to enter the password you gave the msf database user into the database.yml file.
OK now we are almost there, this is a new bit to that the framework devs have added to the git version.
gem install bundler bundle install
This will pull in all the required dependencies for metasploit framework. H D Moore himself passed this on.
Next lets create an environment variable so it is loaded by msfconsole when running and load the variable in to your current shell:
sudo echo export MSF_DATABASE_CONFIG=/opt/framework/database.yml >> /etc/profile source /etc/profile
Strangley I couldn’t get the framework to recognise this variable, possibly because I’m using Arch, so I put this little script together that runs the framework and postgresql etc
systemctl start postgresql ./msfconsole -y database.yml systemctl stop postgresql exit
Next we need to install the pcaprub gem so we can use the portscanning modules:
cd /opt/framework/external/pcaprub sudo ruby extconf.rb && sudo make && sudo make install
Now we’re ready to run msfconsole
Forgot to mention that you also need ruby installed – I use a system wide installation of ruby 1.9.3 using rvm, which can be installed by following this https://rvm.io/rvm/install/
Hopefully you have a working msfconsole with the database connected, you can check this by entering ‘hosts’ and the console should show that there are no hosts in the database or that the database is not connected.
To update the framework you run the usual ‘msfupdate’ command or issue a ‘git pull’ from inside the /opt/framework folder.