Installing Metasploit Framework on Mountain Lion and Mavericks

This Guide covers the installation of Metasploit Framework OSS Project on OSX Lion and Mountain Lion

This guide uses Homebrew as well as the script to provide the necessary packages to run Metasploit. If you have MacPorts this guide will not work and will cause problems. 

Dependencies

Make sure you run software update and install all updates for the operating system and install the latest version of Xcode so as to be able to compile software.

Installing Command Line Development Tools Xcode 4 on Mountain Lion

If you are running Xcode 4 you will need to go to Xcode Preference and choose the command line tools and download and install from the components

xcode4.jpg

Installing Command Line Development Tools Xcode 5 on Mountain Lion

If you are running Xcode 5  you will need to go to Xcode Preference and choose the command line tools and download and install from the components

xcode5.png

Installing Command Line Development Tools Xcode 5 on Mavericks

On OS X Mavericks the Command Line Developer Tools package can be installed on demand using "xcode-select --install” and the installed tools will be automatically updated using Software Update. Once you run the command the following dialog should appear and just click on Install

mavericks.png

 

Java

Download the latest Java JDK 8 from Oracle. This should set all the proper shortcuts for the Java binaries http://www.oracle.com/technetwork/java/javase/downloads/index.html

Test that Java is properly installed by running 

java -version

It should return the version of Java you just installed.  To check tha the location is /usr/bin/java for the link run:

whereis java

If both commands runs and the location is correct Java is properly installed on the system.

Manual Installation

Install Homebrew

/usr/bin/ruby -e "$(curl -fsSkL raw.github.com/mxcl/homebrew/go)"

We need to make sure that the binaries we install with homebrew are first in the path:

echo PATH=/usr/local/bin:/usr/local/sbin:$PATH >> ~/.bash_profile
source ~/.bash_profile
brew tap homebrew/versions

Install Nmap

For Nmap in the case of OSX I recommend the use of Homebrew since they are quite quick and keeping their formulas updated for the tool and work out most of the problems that may arise quite quickly. To install Nmap just run the command bellow:

brew install nmap

Install Ruby 2.1

On OS X we have 3 methods for installing ruby 2.1.x these are:

  • Homebrew
  • RVM (Ruby Version Manager)
  • rbenv

Installing Ruby using Homebrew:

brew install homebrew/versions/ruby21

Check that yo are running the version of ruby you just installed with:

ruby -v

If installing using RVM be warned that symlinks will not work do to the way it places the binary stubs of the metasploit-framework gem

Installing Ruby using RVM:

curl -L https://get.rvm.io | bash -s stable
source ~/.rvm/scripts/rvm
echo "source ~/.rvm/scripts/rvm" >> ~/.bash_profile
source ~/.bash_profile
rvm install 2.1.6
rvm use 2.1.6 --default
ruby -v

 Installing Ruby using rbenv:

cd ~
git clone git://github.com/sstephenson/rbenv.git .rbenv
echo 'export PATH="$HOME/.rbenv/bin:$PATH"' >> ~/.bash_profile
echo 'eval "$(rbenv init -)"' >> ~/.bash_profile
source ~/.bash_profile

git clone git://github.com/sstephenson/ruby-build.git ~/.rbenv/plugins/ruby-build
echo 'export PATH="$HOME/.rbenv/plugins/ruby-build/bin:$PATH"' >> ~/.bash_profile

# sudo plugin so we can run Metasploit as root with "rbenv sudo msfconsole" 
git clone git://github.com/dcarley/rbenv-sudo.git ~/.rbenv/plugins/rbenv-sudo

source ~/.bash_profile
rbenv install 2.1.6
rbenv global 2.1.6
ruby -v

Once the packages have been install we need to install the required Ruby libraries that metasploit depends on:

gem install bundler 

Install PostgreSQL

brew install postgresql --without-ossp-uuid

Configure PostgreSQL

Init the Database if this is a first time install:

initdb /usr/local/var/postgres

Configure Postgres to automatically load on login, the instruction bellow are as an example copy and paste the commands that the brew installer showed and follow any other instruction it shows :

mkdir -p ~/Library/LaunchAgents
cp /usr/local/Cellar/postgresql/9.4.4/homebrew.mxcl.postgresql.plist ~/Library/LaunchAgents/
launchctl load -w ~/Library/LaunchAgents/homebrew.mxcl.postgresql.plist

PostgreSQL will now start every time a user logs in. Create user called msf for use in Metasploit:

createuser msf -P -h localhost

Create database for use with metasploit called msf and make the user msf the owner:

createdb -O msf msf -h localhost

Record the password used for the account created since it will be used when configuring the framework.

Installing Metasploit Framework

For regular use of the framework only needs to clone the Git repository and create the necessary links and set the variable for the database config file

Create Symlink Copy for Regular Use

WARNING: Currently there is a bug in Metasploit Framework with Symlinks and RVM: https://github.com/rapid7/metasploit-framework/issues/4602

cd /usr/local/share/

git clone https://github.com/rapid7/metasploit-framework.git

cd metasploit-framework

for MSF in $(ls msf*); do ln -s /usr/local/share/metasploit-framework/$MSF /usr/local/bin/$MSF;done

sudo chmod go+w /etc/profile

sudo echo export MSF_DATABASE_CONFIG=/usr/local/share/metasploit-framework/config/database.yml >> /etc/profile

From the Metasploit-Framework folder lets use the Bundler Gem to install the properly supportted Gem versions:

bundle install

Before starting to use the framework we need to create the database config file and set the parameters:

vim /usr/local/share/metasploit-framework/config/database.yml

Enter the following text in to the file keeping the spacing and using the values used for creating the user and database:

production:
 adapter: postgresql
 database: msf
 username: msf
 password: 
 host: 127.0.0.1
 port: 5432
 pool: 75
 timeout: 5

To load the variable for the database configuration file for the current user:

source /etc/profile
source ~/.bash_profile

Execute Metasploit msfconsole for the first time so it initializes the schema for the database for the first time as your current user and not as root:

msfconsole

 

Metasploit for Development and Contribution

If you wish to develop and contribute to the product you can follow the additional steps here Metasploit Dev Environment . For this you will need a GitHub account and you will fork the project in to your own account. I personally keep my dev copy of Metasploit in ~/Development folder and after an initial run of msfconsole I keep my database.yml file in ~/.msf4/cofig folder and adjust the MSF_DATABASE_CONFIG variable for it or run msfconsole with the -y option and point it to a YAML file with the correct configuration.

Install Armitage

Since armitage is no longer included with Framework we need to execute some additional steps:

brew install pidof
curl -# -o /tmp/armitage.tgz http://www.fastandeasyhacking.com/download/armitage-latest.tgz
tar -xvzf /tmp/armitage.tgz -C /usr/local/share


 bash  -c "echo  \'/usr/bin/java\'  -jar /usr/local/share/armitage/armitage.jar \$\*" > /usr/local/share/armitage/armitage

perl -pi -e 's/armitage.jar/\/usr\/local\/share\/armitage\/armitage.jar/g' /usr/local/share/armitage/teamserver

Link Scripts

ln -s /usr/local/share/armitage/armitage /usr/local/bin/armitage

ln -s /usr/local/armitage/teamserver /usr/local/bin/teamserver

One important thing to take into consideration, for using Armitage and many of the modules provided in Metasploit you need to run them as root. Do to the way variables are handled when using the sudo command to invoke msfconsole or Armitage you need to give it the -E option:

# For launching Armitage
sudo -E armitage

# For launching msfconsole
sudo -E msfconsole