Since Metasploit comes with a "self update from SVN" feature and is updated with new exploits frequently most users likely prefer building from source. This page adapts instructions on Metasploit Wiki: Installation on Ubuntu Linux to Fedora.
NOTE: The instruction has been outdated:
- Fedora 19 ships with Ruby 2.0 and Metasploit requires 1.9.3 to function. rvm is required to get 1.9.3 running
- Metasploit directory structure has been changed. msf/ is now msf3/
- Ruby-extension pcaprub is no longer distributed with Metasploit. Use gem install pcaprub
Dependencies
Install the Ruby dependencies:
$ sudo yum -y install ruby-irb rubygems rubygem-bigdecimal rubygem-rake rubygem-i18n
Install the git client:
$ sudo yum -y install git
In order to build the native extensions (pcaprub, lorcon2, etc), the following packages need to be installed:
$ sudo yum-builddep -y ruby $ sudo yum -y install ruby-devel libpcap-devel
Database support
In order to use the database functionality, RubyGems along with the appropriate drivers must be installed: Postgres is the recommended database:
$ sudo yum -y install postgresql-server postgresql-devel $ sudo gem install pg
Unfortunately the ruby-postgres RPM can't be used as a replacement.
Or for MySQL:
$ sudo yum -y install mysql-server ruby-mysql
Sqlite will work for basic tasks, but is no longer supported!
$ sudo yum -y install sqlite rubygem-sqlite3
Metasploit Framework
Once the dependencies have been installed, download the Unix tarball from the Metasploit download page and run the following commands:
$ wget http://downloads.metasploit.com/data/releases/framework-latest.tar.bz2 $ tar -jxf framework-latest.tar.bz2 $ sudo mkdir -p /opt/metasploit4 $ sudo cp -a msf/ /opt/metasploit4/msf $ sudo chown root:root -R /opt/metasploit4/msf $ sudo ln -sf /opt/metasploit4/msf/msf* /usr/local/bin/
Or checkout the source from the upstream git repository in a directory of your choice.
$ git clone git://github.com/rapid7/metasploit-framework.git
Metasploit Extensions
The Metasploit framework includes a few native Ruby extensions that must be compiled in order to use certain types of modules. To enable raw socket modules:
$ sudo bash # cd /opt/metasploit4/msf/external/pcaprub/ # ruby extconf.rb # make && make install
To enable WiFi modules:
$ sudo bash # cd /opt/metasploit4/msf/external/ruby-lorcon2/ # svn co http://802.11ninja.net/svn/lorcon/trunk lorcon2 # cd lorcon2 # ./configure --prefix=/usr && make && make install # cd .. # ruby extconf.rb # make && make install
Updates
The Metasploit Framework is updated daily with the latest exploits, payloads, features, and bug fixes. To update your installation of the framework:
$ sudo svn update /opt/metasploit4/msf/
This can also be installed into the root user's crontab:
$ sudo crontab -e -u root # enter the line below 1 * * * * /usr/bin/svn update /opt/metasploit4/msf/ >> /var/log/msfupdate.log 2>&1
Database Configuration
Now that the framework is installed, you'll want to configure a database connection, and enable the framework to connect to it:
For postgres, see Metasploit Postgres Setup (recommended by upstream)
For mysql, see mysql_setup
For sqlite, see sqlite_setup (upstream: "not supported!!").
Keep in mind that services firewalld and selinux must be disabled or configured to allow the pass of the exploits and payloads.