Metasploit on Ubuntu
So I recently stood up a droplet over at Digital Ocean running Ubuntu and wanted to run Metasploit on top of it. To get this working it is all command like, so here are the steps. Firstly update the system with the following command:
sudo apt-get update && sudo apt-get upgrade && sudo apt-get dist-upgrade
Once this is completed, we can then start installing the per-requisites that are needed for the installation.
sudo apt-get install build-essential libreadline-dev libssl-dev libpq5 libpq-dev libreadline5 libsqlite3-dev libpcap-dev openjdk-7-jre git-core autoconf postgresql pgadmin3 curl zlib1g-dev libxml2-dev libxslt1-dev vncviewer libyaml-dev curl zlib1g-dev subversion
Now we need to install “Ruby“, which can be done either using “RVM” or “RBENV“. I personally prefer to use “RBENV“.
cd ~ git clone git://github.com/sstephenson/rbenv.git .rbenv echo 'export PATH="$HOME/.rbenv/bin:$PATH"' >> ~/.bashrc echo 'eval "$(rbenv init -)"' >> ~/.bashrc exec $SHELL
Next we need to actually get the “Ruby” build.
git clone git://github.com/sstephenson/ruby-build.git ~/.rbenv/plugins/ruby-build echo 'export PATH="$HOME/.rbenv/plugins/ruby-build/bin:$PATH"' >> ~/.bashrc exec $SHELL
And finally we can install version “2.1.6“, this can take some time based on the Ubuntu Instance you have.
rbenv install 2.1.6 rbenv global 2.1.6 ruby –v
Next we need to run the commands for the “Nmap” install.
mkdir Tools cd Tools svn co https://svn.nmap.org/nmap
cd nmap ./configure make sudo make install make clean
Now that “Nmap” is installed, we can now configure the database we want to use. First we need to drop into the “Postgres” user, then create the required “Metasploit” user account and Database.
sudo -s su postgres
After you have run this, you need to use “cd ~” or you will get errors creating the database.
createuser msf -P -S -R -D createdb -O msf msf exit
Now we have the database created, we can actually perform the installation of “Metasploit“. This done by cloning it from “GitHub“.
cd /opt sudo git clone https://github.com/rapid7/metasploit-framework.git
sudo chown -R 'whoami' /opt/metasploit-framework cd metasploit-framework
Now we need setup “Bundler” using the following commands.
gem install bundler
This can take some time also, so maybe leave this going and come back later. Once it is competed, we can set “Metasploit” so it can be used under any user using the following command.
sudo bash -c 'for MSF in $(ls msf*); do ln -s /opt/metasploit-framework/$MSF /usr/local/bin/$MSF;done'
Once this is all done you can then start “Metasploit” using the following command, I use the “-L” switch as I have seen errors when parsing text files as password lists on some commands, and this resolves it.
As you can see with little effort and commands you can get a fully functional “Metasploit” environment using cheap Virtual Machine hosts such as Digital Ocean. If you want to get some free credit us this link to get an account:
Video of the Full Process