The Metasploit Framework (MSF) is one of the most useful auditing tools freely available to security professionals today. From a wide array of commercial grade exploits and an extensive exploit development environment all the way to network information gathering tools and web vulnerability plugins. The Metasploit Framework provides a truly impressive work environment. The Metasploit Framework (MSF) is far more than just a collection of exploits. It is an infrastructure that you can build upon and utilize for your custom needs. This allows you to concentrate on your unique environment and not have to reinvent the wheel.
Install Metasploit Framework on BackTrack 5
BackTrack includes the Metasploit Framework but not always the latest version. To install the latest version of Metasploit Framework in BackTrack:
$ sudo bash
# cd /pentest/svn
# rm -rf framework3
# svn co https://www.metasploit.com/svn/framework3/trunk framework3
# cd /pentest/svn
# rm -rf framework3
# svn co https://www.metasploit.com/svn/framework3/trunk framework3
In order to use the raw socket modules the pcaprub extension must be installed:
# cd /pentest/svn/framework3/external/pcaprub
# ruby extconf.rb
# make && make install
# ruby extconf.rb
# make && make install
In order to use the WiFi modues the lorcon2 extension must be installed:
# cd /pentest/svn
# svn co https://802.11ninja.net/svn/lorcon/trunk lorcon2
# cd lorcon2
# ./configure --prefix=/usr && make && make install
# cd /pentest/svn/framework3/external/ruby-lorcon2
# ruby extconf.rb
# make && make install
# svn co https://802.11ninja.net/svn/lorcon/trunk lorcon2
# cd lorcon2
# ./configure --prefix=/usr && make && make install
# cd /pentest/svn/framework3/external/ruby-lorcon2
# ruby extconf.rb
# make && make install
Once a fresh Subversion snapshot has been installed it can be updated with the following command:
# svn update /pentest/svn/framework3/
Installation on Ubuntu Linux
These notes are for the MANUAL install of the Metasploit Framework on Linux. You may want to try the Installer if you're trying out the framework, or don't want to deal with setting up and configuring dependencies. The Metasploit Framework is well-supported on the Ubuntu platform. The following instructions should also apply to Kubuntu, Xubuntu, and Debian. If these instructions do not work for your version of Ubuntu, please try the Generic Linux instructions instead.
Dependencies
Install the Ruby dependencies:
$ sudo apt-get install ruby libopenssl-ruby libyaml-ruby libdl-ruby libiconv-ruby libreadline-ruby irb ri rubygems
Install the Subversion client:
$ sudo apt-get install subversion
In order to build the native extensions (pcaprub, lorcon2, etc), the following packages need to be installed:
$ sudo apt-get install build-essential ruby-dev libpcap-dev
Metasploit Framework
Once the dependencies have been installed, download the Unix tarball from the download page and run the following commands:
$ tar xf framework-3.X.tar.gz
$ sudo mkdir -p /opt/metasploit3
$ sudo cp -a msf3/ /opt/metasploit3/msf3
$ sudo chown root:root -R /opt/metasploit3/msf3
$ sudo ln -sf /opt/metasploit3/msf3/msf* /usr/local/bin/
$ sudo mkdir -p /opt/metasploit3
$ sudo cp -a msf3/ /opt/metasploit3/msf3
$ sudo chown root:root -R /opt/metasploit3/msf3
$ sudo ln -sf /opt/metasploit3/msf3/msf* /usr/local/bin/
When you've completed this step, you should have a working installation and be able to run modules, pivot through compromised systems, and use most of the Metasploit Framework's features. The following optional installation steps will give you extra functionality. NOTE: AYou can check out from svn to obtain the latest code. Use the command svn co https://www.metasploit.com/svn/framework3/trunk /opt/metasploit3 to check out into the /opt/metasploit3 directory.
Extensions (optional)
The Metasploit Framework includes a few native Ruby extensions that must be compiled in order to use certain types of modules. To enable raw socket modules:
$ sudo apt-get install libpcap-dev
$ sudo bash
# cd /opt/metasploit3/msf3/external/pcaprub/
# ruby extconf.rb
# make && make install
$ sudo bash
# cd /opt/metasploit3/msf3/external/pcaprub/
# ruby extconf.rb
# make && make install
To enable WiFi modules:
$ sudo bash
# cd /opt/metasploit3/msf3/external/ruby-lorcon2/
# svn co http://802.11ninja.net/svn/lorcon/trunk lorcon2
# cd lorcon2
# ./configure --prefix=/usr && make && make install
# cd ..
# ruby extconf.rb
# make && make install
# cd /opt/metasploit3/msf3/external/ruby-lorcon2/
# svn co http://802.11ninja.net/svn/lorcon/trunk lorcon2
# cd lorcon2
# ./configure --prefix=/usr && make && make install
# cd ..
# ruby extconf.rb
# make && make install
Updates
The Metasploit Framework is updated daily with the latest exploits, payloads, features, and bug fixes. To update your installation of the Metasploit Framework:
$ sudo svn update /opt/metasploit3/msf3/
This can also be installed into the root user's crontab:
$ sudo crontab -e -u root # enter the line below
1 * * * * /usr/bin/svn update /opt/metasploit3/msf3/ >> /var/log/msfupdate.log 2>&1
1 * * * * /usr/bin/svn update /opt/metasploit3/msf3/ >> /var/log/msfupdate.log 2>&1
soruce: http://www.airdemon.net/
No comments:
Post a Comment