Introduction

 

Metasploit Framework is an exploitation and attack framework that covers many Enumeration, Attack, Exploitation and Post Exploitation modules and tools, for many of this tasks it is dependant of having the right Ruby libraries and tools installed on the system to get the most of the framework. This guide is writen on the experience of running the Metasploit Framework on Ubuntu Linux where most of the development team and its author HD Moore do most of the development of the framework this is the reason this guide focuses on Ubuntu and its variants.

 

Installing Dependencies and Metasploit

 

The first thing to do on a Ubuntu system is to make sure that it is running the latest version of all the software. This is achived by running in Terminal the following commands to update our database of packages and upgrade those which are already installed by running:

 

sudo aptitude update

sudo aptitude upgrade

 

Once all packages are upgraded we can proceed to install all required dependencies and programs, we achive this by running the following command which will install all the necesarry libraries and programs to be able run and build Metasploit and its dependencies:

sudo aptitude install build-essential subversion libssl-dev libsqlite-dev libsqlite3-dev ruby libruby rdoc libyaml-ruby libzlib-ruby libopenssl-ruby libdl-ruby libreadline-ruby libiconv-ruby libgtk2-ruby libglade2-ruby ruby1.8-dev rubygems libhpricot-ruby libsqlite3-ruby linux-source libpcap-dev libpcap-ruby sun-java6-jre autoconf

 

Now that all of the dependencies and programs are installed a folder called svn is created to house all the source code of the tools, the name svn is since we will be using subversion to download the source code for Metasploit and other tools that are used in conjunction with Metasploit to carry out attacks. We start by creating the folder and downloading the latest version of Metasploit development, Aircrack-ng (for Karmetasploit) and Nmap (for scanning targets for autopwn):

 

 

mkdir svn

cd svn

svn co http://metasploit.com/svn/framework3/trunk/ msf3-dev

svn co --username guest --password "" svn://svn.insecure.org/nmap/

svn co http://trac.aircrack-ng.org/svn/trunk/ aircrack-ng

 


Now that we have downloaded all of the source code lets compile some of the dependencies that are included with the Mestasploit SVN tree, we must compile burp-proxy for wmap, ratproxy for wmap also, pcaprub for port scanning auxiliary modules and packet capture, ruby-lorcon used for wireless auxiliary modules and attacks, serialport for auxiliary modules that require communication with the serial port of the machine.

 

Pcaprub Library Installation

 

To install the pcaprub ruby library:

 

 

cd ~/svn/msf3-dev/external

cd pcaprub

ruby extconf.rb && make

sudo make install

 

Burp Suite Install

To install Burp Suite we must download the suite and the SQLiteJDBC library, this will be used for wmap site spidering:

 

cd ~/svn/msf3-dev/tools

wget http://portswigger.net/suite/burpsuite_v1.2.zip

unzip burpsuite_v1.2.zip

cd burpsuite_v1.2/

wget http://files.zentus.com/sqlitejdbc/sqlitejdbc-v054.jar

cp ../../external/burp-proxy/*.jar ./

rm ../burpsuite_v1.2.zip


Ratproxy Install and Patching

 

Ratproxy is used by wmap as an attack proxy for gathering all information from the webapp, to download, patch and compile ratproxy for use by wmap:

 

cd ~/svn/msf3-dev/tools

wget http://ratproxy.googlecode.com/files/ratproxy-1.51.tar.gz

tar xvzf ratproxy-1.51.tar.gz

cd ratproxy

cp ../../external/ratproxy/ratproxy_wmap.diff ./

patch -d ./ < ratproxy_wmap.diff

make

rm ../ratproxy-1.51.tar.gz

Lorcon Ruby Library Installation and Patching

 

Lorcon is used for the interaction of Metasploit with supported wireless cards, Josh Wright from Ingardians wrote the patch that is used for the integration with Metasploit:

 

cd ~/svn/msf3-dev/external/lorcon

svn co https://802.11ninja.net/svn/lorcon/trunk/ lorcon

cd lorcon/

./configure

make

sudo make install

ruby extconf.rb

make

sudo make install

Serialport Ruby Library Installation

 

The Serialport library is used for the auxiliary/scanner/telephony/wardialer module for performing wardialing:

 

cd ~/svn/msf3-dev/external/serialport

ruby extconf.rb

make

sudo make install

Nmap Development Compilation and Installation

 

Nmap is used by Metasploit for the gathering of port and host enumeration for the lauching of exploits in the db_autopwn attack:

 

cd ~/svn/nmap/

./configure && make

sudo make install

Aircrack-ng Compilation and Installation

 

The airbase-ng tool that is part of Aircrack-ng suite of tools is used for performing the karmetasploit attack:

 

cd ~/svn/aircrack-ng

make sqlite=true unstable=true

make strip

sudo make install

Note: Aircrack-ng depends on patched drivers, since there is a great number of supported cards and chip-sets and the steps required to get each one working in Linux I recommend that you visit the Aircrack ng site (http://www.aircrack-ng.org/doku.php?id=drivers) and follow the instruction for your specific chipset.

 

Conclusion

 

After all of this steps are completed a full suite of programs and source code that can later be updated and re-compiled will be available to take full advantage of all the tools and modules offered by the Metasploit framework. We should be able to run both the msfconsole command and the msfgui. One important note is that Metspaloit for several of its modules will need to have root privileges and msfconsole and msfgui must be invoked by sudo or in a root prompt.