Metasploit on Ubuntu

So I recently stood up a droplet over at Digital Ocean running Ubuntu and wanted to run Metasploit on top of it. To get this working it is all command like, so here are the steps. Firstly update the system with the following command:

sudo apt-get update && sudo apt-get upgrade && sudo apt-get dist-upgrade

Once this is completed, we can then start installing the per-requisites that are needed for the installation.

sudo apt-get install build-essential libreadline-dev libssl-dev libpq5 libpq-dev libreadline5 libsqlite3-dev libpcap-dev openjdk-7-jre git-core autoconf postgresql pgadmin3 curl zlib1g-dev libxml2-dev libxslt1-dev vncviewer libyaml-dev curl zlib1g-dev subversion

Now we need to install “Ruby“, which can be done either using “RVM” or “RBENV“. I personally prefer to use “RBENV“.

cd ~
git clone git://github.com/sstephenson/rbenv.git .rbenv
echo 'export PATH="$HOME/.rbenv/bin:$PATH"' >> ~/.bashrc
echo 'eval "$(rbenv init -)"' >> ~/.bashrc
exec $SHELL

Next we need to actually get the “Ruby” build.

git clone git://github.com/sstephenson/ruby-build.git ~/.rbenv/plugins/ruby-build
echo 'export PATH="$HOME/.rbenv/plugins/ruby-build/bin:$PATH"' >> ~/.bashrc
exec $SHELL

And finally we can install version “2.1.6“, this can take some time based on the Ubuntu Instance you have.

rbenv install 2.1.6
rbenv global 2.1.6
ruby –v

Next we need to run the commands for the “Nmap” install.

mkdir Tools
cd Tools
svn co https://svn.nmap.org/nmap

cd nmap
./configure
make
sudo make install
make clean

Now that “Nmap” is installed, we can now configure the database we want to use. First we need to drop into the “Postgres” user, then create the required “Metasploit” user account and Database.

sudo -s
su postgres

After you have run this, you need to use “cd ~” or you will get errors creating the database.

createuser msf -P -S -R -D
createdb -O msf msf
exit

Now we have the database created, we can actually perform the installation of “Metasploit“. This done by cloning it from “GitHub“.

cd /opt
sudo git clone https://github.com/rapid7/metasploit-framework.git

sudo chown -R 'whoami' /opt/metasploit-framework
cd metasploit-framework

Now we need setup “Bundler” using the following commands.

gem install bundler

bundle install

This can take some time also, so maybe leave this going and come back later. Once it is competed, we can set “Metasploit” so it can be used under any user using the following command.

sudo bash -c 'for MSF in $(ls msf*); do ln -s /opt/metasploit-framework/$MSF /usr/local/bin/$MSF;done'

Once this is all done you can then start “Metasploit” using the following command, I use the “-L” switch as I have seen errors when parsing text files as password lists on some commands, and this resolves it.

msfconsole -L

<

As you can see with little effort and commands you can get a fully functional “Metasploit” environment using cheap Virtual Machine hosts such as Digital Ocean. If you want to get some free credit us this link to get an account:

https://www.digitalocean.com/?refcode=36bda18dc83c

Other Resources:
http://sourcedigit.com/14717-install-metasploit-linux-ubuntu-14-04/
http://www.thegeeky.space/2014/05/how-to-install-metasploit-framework-from-github-on-ubuntu.html
https://github.com/darkoperator/MSF-Installer
https://github.com/rapid7/metasploit-framework/wiki/Setting-Up-a-Metasploit-Development-Environment
https://www.redspin.com/blog/labs/2011/08/19/installing-metasploit-4-in-ubuntu-11-04/
http://www.r00tsec.com/2014/10/howto-install-metasploit-git-on-ubuntu.html

Video of the Full Process

Liam Cleary

I work as an Associate Director for Protiviti in Virginia. My main focus is to ensure that SharePoint can either natively or with minimal customization meet the business requirement securely. I am currently a SharePoint MVP focused on Architecture but also cross the boundary into Development and Security. I am often found at user groups, conferences speaking, offering advice, spending time in the community, teaching my kids how to code, raspberry PI programming, hacking the planet and sometimes building Lego robots.

You may also like...

  • blade0912

    Hi, This is a great guide, I follow this http://www.serverlinuxx.com/2015/10/installing-metasploit-framework-on.html to get a msf on in my system Debian Jessie Stable, but I get some issues when I run the msfconsole command, show me this
    [-] No database definition for environment production

    I get my installation with rbenv, I have already installed 2.1.6 and 2.1.8 versions but I don think so this was the error.

    Could do you please give some help with it?

    PD. Sorry by my poor english skills