From Fedora Project Wiki

m (→‎Dependencies: rubygem-rake added)
(modern Fedora versions using dnf instead yum)
 
(13 intermediate revisions by 5 users not shown)
Line 1: Line 1:
Since Metasploit comes with a "self update from SVN" feature and is updated with new exploits frequently most users likely prefer building from source. This page adapts instructions on [http://www.metasploit.com/redmine/projects/framework/wiki/Install_Ubuntu Metasploit Wiki: Installation on Ubuntu Linux] to Fedora.
__NOTOC__
{{autolang|base=yes}}
 
Since Metasploit comes with a "self update from Git" feature and is updated with new exploits frequently most users likely prefer building from source or the git checkout.
 
NOTE: These instructions are outdated, see the updated guide on how to install the [[Metasploit Penetration Testing Framework]] for more details.
 
 
NOTE: The instruction has been outdated:
 
* Fedora 19 ships with Ruby 2.0 and Metasploit requires 1.9.3 to function. rvm is required to get 1.9.3 running
* Metasploit directory structure has been changed. <tt>msf/</tt> is now <tt>msf3/</tt>
* Ruby-extension pcaprub is no longer distributed with Metasploit. Use <tt>gem install pcaprub</tt>


== Dependencies ==
== Dependencies ==
Install the Ruby dependencies:
Install the Ruby dependencies using [[yum]] or [[dnf]]:
  $ sudo yum -y install ruby-irb rubygems rubygem-bigdecimal rubygem-rake
  $ sudo dnf -y install ruby-irb rubygems rubygem-bigdecimal rubygem-rake rubygem-i18n rubygem-bundler
Install the git client:
Install the git and the svn client:
  $ sudo yum -y install git
  $ sudo dnf -y install git svn
In order to build the native extensions (pcaprub, lorcon2, etc), the following packages need to be installed:
In order to build the native extensions (pcaprub, lorcon2, etc), the following packages need to be installed:
$ sudo dnf builddep -y ruby
or with yum:
  $ sudo yum-builddep -y ruby
  $ sudo yum-builddep -y ruby
  $ sudo yum -y install ruby-devel libpcap-devel
 
then:
 
  $ sudo dnf -y install ruby-devel libpcap-devel
 
Get the latest version of rake
 
$ sudo gem install rake


=== Database support ===
=== Database support ===
In order to use the database functionality, RubyGems along with the appropriate drivers must be installed:
In order to use the database functionality, RubyGems along with the appropriate drivers must be installed:
Postgres is the recommended database:
Postgres is the recommended database:
  $ sudo yum -y install postgresql-server postgresql-devel
  $ sudo dnf -y install postgresql-server postgresql-devel
  $ sudo gem install pg # you can't use the distro ruby-postgres rpm as a replacement
  $ sudo gem install pg
 
Unfortunately the ruby-postgres RPM can't be used as a replacement.
 
Or for MySQL:
Or for MySQL:
  $ sudo yum -y install mysql-server ruby-mysql
  $ sudo dnf -y install mysql-server ruby-mysql
Sqlite will work for basic tasks, but is no longer supported!
Sqlite will work for basic tasks, but is no longer supported!
  $ sudo yum -y install sqlite rubygem-sqlite3
  $ sudo dnf -y install sqlite rubygem-sqlite3


== Metasploit Framework ==
== Metasploit Framework ==
Line 35: Line 59:
== Metasploit Extensions ==
== Metasploit Extensions ==
The Metasploit framework includes a few native Ruby extensions that must be compiled in order to use certain types of modules.
The Metasploit framework includes a few native Ruby extensions that must be compiled in order to use certain types of modules.
To enable raw socket modules:
 
$ sudo yum -y install libpcap-devel
$ sudo bash
# cd /opt/metasploit4/msf/external/pcaprub/
# ruby extconf.rb
# make && make install
To enable WiFi modules:
To enable WiFi modules:
  $ sudo bash
  $ sudo bash
  # cd  /opt/metasploit4/msf/external/ruby-lorcon2/
  # cd  /opt/metasploit4/msf/external/ruby-lorcon2/
Line 50: Line 70:
  # ruby extconf.rb
  # ruby extconf.rb
  # make && make install
  # make && make install
To enable raw socket modules:
$ sudo gem install pcaprub


== Updates ==
== Updates ==
Line 68: Line 92:
For sqlite, see [http://www.metasploit.com/redmine/projects/framework/wiki/Sqlite_setup sqlite_setup] (upstream: "not supported!!").
For sqlite, see [http://www.metasploit.com/redmine/projects/framework/wiki/Sqlite_setup sqlite_setup] (upstream: "not supported!!").
<br>
<br>
{{admon/important|This is important|Keep in mind that services firewalld and selinux must be disabled or configured to allow the pass of the exploits and payloads.}}


== See Also ==
== See Also ==
* [http://www.metasploit.com/redmine/projects/framework/wiki/Install_Ubuntu Metasploit Wiki: Installation on Ubuntu Linux]
* [http://www.metasploit.com/redmine/projects/framework/wiki/Install_Ubuntu Metasploit Wiki: Installation on Ubuntu Linux]
*[https://github.com/rapid7/metasploit-framework/wiki/Setting-Up-a-Metasploit-Development-Environment Metasploit Wiki: Metasploit Development Environment]

Latest revision as of 17:55, 13 March 2018

Since Metasploit comes with a "self update from Git" feature and is updated with new exploits frequently most users likely prefer building from source or the git checkout.

NOTE: These instructions are outdated, see the updated guide on how to install the Metasploit Penetration Testing Framework for more details.


NOTE: The instruction has been outdated:

  • Fedora 19 ships with Ruby 2.0 and Metasploit requires 1.9.3 to function. rvm is required to get 1.9.3 running
  • Metasploit directory structure has been changed. msf/ is now msf3/
  • Ruby-extension pcaprub is no longer distributed with Metasploit. Use gem install pcaprub

Dependencies

Install the Ruby dependencies using yum or dnf:

$ sudo dnf -y install ruby-irb rubygems rubygem-bigdecimal rubygem-rake rubygem-i18n rubygem-bundler

Install the git and the svn client:

$ sudo dnf -y install git svn

In order to build the native extensions (pcaprub, lorcon2, etc), the following packages need to be installed:

$ sudo dnf builddep -y ruby

or with yum:

$ sudo yum-builddep -y ruby

then:

$ sudo dnf -y install ruby-devel libpcap-devel

Get the latest version of rake

$ sudo gem install rake

Database support

In order to use the database functionality, RubyGems along with the appropriate drivers must be installed: Postgres is the recommended database:

$ sudo dnf -y install postgresql-server postgresql-devel
$ sudo gem install pg

Unfortunately the ruby-postgres RPM can't be used as a replacement.

Or for MySQL:

$ sudo dnf -y install mysql-server ruby-mysql

Sqlite will work for basic tasks, but is no longer supported!

$ sudo dnf -y install sqlite rubygem-sqlite3

Metasploit Framework

Once the dependencies have been installed, download the Unix tarball from the Metasploit download page and run the following commands:

$ wget http://downloads.metasploit.com/data/releases/framework-latest.tar.bz2
$ tar -jxf framework-latest.tar.bz2
$ sudo mkdir -p /opt/metasploit4
$ sudo cp -a msf/ /opt/metasploit4/msf
$ sudo chown root:root -R /opt/metasploit4/msf
$ sudo ln -sf /opt/metasploit4/msf/msf* /usr/local/bin/

Or checkout the source from the upstream git repository in a directory of your choice.

$ git clone git://github.com/rapid7/metasploit-framework.git

Metasploit Extensions

The Metasploit framework includes a few native Ruby extensions that must be compiled in order to use certain types of modules.

To enable WiFi modules:

$ sudo bash
# cd  /opt/metasploit4/msf/external/ruby-lorcon2/
# svn co http://802.11ninja.net/svn/lorcon/trunk lorcon2
# cd lorcon2
# ./configure --prefix=/usr && make && make install
# cd ..
# ruby extconf.rb
# make && make install

To enable raw socket modules:

$ sudo gem install pcaprub

Updates

The Metasploit Framework is updated daily with the latest exploits, payloads, features, and bug fixes. To update your installation of the framework:

$ sudo svn update /opt/metasploit4/msf/

This can also be installed into the root user's crontab:

$ sudo crontab -e -u root # enter the line below
 1 * * * * /usr/bin/svn update  /opt/metasploit4/msf/ >> /var/log/msfupdate.log 2>&1

Database Configuration

Now that the framework is installed, you'll want to configure a database connection, and enable the framework to connect to it:
For postgres, see Metasploit Postgres Setup (recommended by upstream)
For mysql, see mysql_setup
For sqlite, see sqlite_setup (upstream: "not supported!!").

Important.png
This is important
Keep in mind that services firewalld and selinux must be disabled or configured to allow the pass of the exploits and payloads.

See Also