INSTALLING METASPLOIT

tested on xenial and bionic

JAVA

see java

PostgreSQL

echo deb http://apt.postgresql.org/pub/repos/apt/ bionic-pgdg main >> /etc/apt/sources.list
wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -
apt update
apt search postgres | grep -E '^postgresql-1[[:digit:]]' | less
apt search pgadmin | grep ^pgadmin
apt install postgresql-12 pgadmin4
dpkg -l | grep postgres
dpkg -l | grep pgadmin

systemctl status postgresql

otherwise if you want to proceed from scratch to avoid the Ubuntu/MSF inconsistencies – grab latest

apt purge postgresql-common postgresql-client-common pgadmin3 pgadmin4
rm -rf /etc/postgresql-common/
rm -rf /var/lib/postgresql/
dpkg -l | grep postgres
dpkg -l | grep pgadmin

apt install build-essential libreadline-dev libssl-dev libpq5 libpq-dev libreadline5 libsqlite3-dev libpcap-dev git autoconf curl zlib1g-dev libxml2-dev libxslt1-dev tigervnc-viewer libyaml-dev curl zlib1g-dev ruby ruby-dev 
#xtightvncviewer

wget https://ftp.postgresql.org/pub/snapshot/12/postgresql-12-snapshot.tar.gz
tar xzf postgresql-12-snapshot.tar.gz
cd postgresql-12.2/
./configure
grep ^proc /proc/cpuinfo
make -j4
make install

#mkdir /usr/local/pgsql/data/
#chown postgres:postgres /usr/local/pgsql/data/
mkdir /var/lib/postgresql/
chown postgres:postgres /var/lib/postgresql/

su - postgres
vi .bash_profile

export PATH=/usr/local/pgsql/bin:$PATH

source .bash_profile
initdb -D /var/lib/postgresql/data
pg_ctl -D /var/lib/postgresql/data -l logfile start
^D

check

netstat -lntup
apt install nmap #db_nmap

Rubygems

as root

vi /etc/bash.bashrc

export DEBIAN_DISABLE_RUBYGEMS_INTEGRATION=1

source /etc/bash.bashrc
time gem update --system #takes a while
gem install bundler

Install

as root

get latest

cd /opt/
git clone https://github.com/rapid7/metasploit-framework.git
cd /opt/metasploit-framework/
time bundle update --bundler
bundle install
yard config --gem-install-yri
#~/.gemspec
#spec.metadata["yard.run"] = "yri" # use "yard" to build full HTML docs.

for MSF in $(ls msf*); do ln -svf /opt/metasploit-framework/$MSF /usr/local/bin/$MSF; done; unset MSF

useradd -m -s /bin/bash -g users msf
#-G sudo
chown -R msf:users /opt/metasploit-framework/

Manual setup

as postgres

su - postgres
createuser msf -P -S -R -D
createdb -O msf msf
vi README
^D

check

psql -U msf -h localhost
\list
^D

setup

as msf

su - msf
cd /opt/metasploit-framework/config/
cp -i database.yml.example database.yml
vi database.yml

  database: msf
  username: msf
  password: PASSWORD-HERE

Auto setup

as msf

#export PATH=/usr/lib/postgresql/12/bin:$PATH
export PATH=/usr/local/pgsql/bin:$PATH
which pg_ctl; which initdb

cd /opt/metasploit-framework/
#./msfdb delete
#./msfdb init
./msfdb reinit

nevermind the MSF web service

ps auxww | grep thin
kill XXX

and check

msfconsole -qx "db_status; exit"

Maintain / update

as root

apt update
apt full-upgrade
apt autoremove --purge

#ruby -v
gem update --system
gem install bundler

cd /opt/metasploit-framework/
git pull
bundle update --bundler
bundle exec gem --version
bundle install
#gem install bundler:1.17.3
yard config --gem-install-yri

and finally (may be redundant with the above)

echo $USER@$HOSTNAME
git config --global user.name "$USER@$HOSTNAME"
git config --global user.email "$USER@$HOSTNAME"

msfupdate

chown -R msf:users /opt/metasploit-framework* /home/msf/
su - msf

Ready to go

and see OPERATING METASPLOIT

Tweak the source

cp lib/msf/core/module/search.rb lib/msf/core/module/search.rb.dist
vi lib/msf/core/module/search.rb

Metasploit search by port function disappeared. How to search an exploit by port http://itdrafts.blogspot.com/2015/03/metasploit-search-by-port-function.html

Re: Fwd: Search exploits for a particular port number https://seclists.org/metasploit/2011/q3/242

? https://dev.metasploit.com/pipermail/framework/2011-September/008122.html

Resources

Setting Up a Metasploit Development Environment https://github.com/rapid7/metasploit-framework/wiki/Setting-Up-a-Metasploit-Development-Environment#set-up-postgresql

Nightly Installers https://github.com/rapid7/metasploit-framework/wiki/Nightly-Installers

Setting Up a Metasploit Development Environment https://github.com/rapid7/metasploit-framework/wiki/Setting-Up-a-Metasploit-Development-Environment

Installing Metasploit Framework on Ubuntu 18.04 LTS and Debian 7 https://www.darkoperator.com/installing-metasploit-in-ubunt/

How to Exploit BlueKeep Vulnerability with Metasploit https://pentest-tools.com/blog/bluekeep-exploit-metasploit/

Exploiting BlueKeep https://medium.com/@jonathanchelmus/bluekeepn-it-real-9e99a45dfceb

java

Oracle Java SE Licensing FAQ https://www.oracle.com/technetwork/java/javase/overview/oracle-jdk-faqs.html

Install the JDK Software and Set JAVA_HOME on a UNIX System https://docs.oracle.com/cd/E19182-01/821-0917/inst_jdk_javahome_t/index.html

postgres

Downloads https://www.postgresql.org/download/

Linux downloads (Debian) https://www.postgresql.org/download/linux/debian/ https://wiki.postgresql.org/wiki/Apt

How To Install and Use PostgreSQL on Ubuntu 16.04 https://www.digitalocean.com/community/tutorials/how-to-install-and-use-postgresql-on-ubuntu-16-04

Metasploit Postgres Setup https://fedoraproject.org/wiki/Metasploit_Postgres_Setup

Metasploit Penetration Testing Framework https://fedoraproject.org/wiki/Metasploit_Penetration_Testing_Framework

Error Connecting to Posgresql Database (metasploit) #2 https://github.com/r00t-3xp10it/venom/issues/2

initdb — create a new PostgreSQL database cluster https://www.postgresql.org/docs/12/app-initdb.html

PostgreSQL “initdb” (Database Initialization) on Linux https://stackoverflow.com/questions/32041907/postgresql-initdb-database-initialization-on-linux

maintenance

Update to the Metasploit Updates and msfupdate https://blog.rapid7.com/2013/01/17/metasploit-updates-and-msfupdate/

troubles

warning: constant Gem::ConfigMap is deprecated #3068 https://github.com/rubygems/rubygems/issues/3068 –> DEBIAN_DISABLE_RUBYGEMS_INTEGRATION

Work needed to allow msfdb to use postgresql common https://github.com/rapid7/metasploit-framework/wiki/Work-needed-to-allow-msfdb-to-use-postgresql-common –> build pg from scratch

Trash

#add-apt-repository -y ppa:webupd8team/java
#apt -y install oracle-java8-installer
#add-apt-repository --remove ppa:webupd8team/java

HOME | GUIDES | LECTURES | LAB | SMTP HEALTH | HTML5 | CONTACT
Copyright © 2023 Pierre-Philipp Braun