Installing Metasploit Framework on Mountain Lion and Mavericks
This Guide covers the installation of Metasploit Framework OSS Project on OSX Lion, Mountain Lion, Mavericks and El Capitan.
If you prefer an all in one installer only for framework the Metasploit team offers nightly built installers at https://github.com/rapid7/metasploit-framework/wiki/Nightly-Installers making a quick setup a breeze if you do not plan to pull separate branches to test experimental code or do development.
This guide uses Homebrew as well as the script to provide the necessary packages to run Metasploit. If you have MacPorts this guide will not work and will cause problems.
Make sure you run software update and install all updates for the operating system and install the latest version of Xcode so as to be able to compile software.
Installing Command Line Development Tools Xcode 4 on Mountain Lion
If you are running Xcode 4 you will need to go to Xcode Preference and choose the command line tools and download and install from the components
Installing Command Line Development Tools Xcode 5 on Mountain Lion
If you are running Xcode 5 you will need to go to Xcode Preference and choose the command line tools and download and install from the components
Installing Command Line Development Tools Xcode 5 on Mavericks
On OS X Mavericks the Command Line Developer Tools package can be installed on demand using "xcode-select --install” and the installed tools will be automatically updated using Software Update. Once you run the command the following dialog should appear and just click on Install
Download the latest Java JDK 8 from Oracle. This should set all the proper shortcuts for the Java binaries http://www.oracle.com/technetwork/java/javase/downloads/index.html
Test that Java is properly installed by running
It should return the version of Java you just installed. To check tha the location is /usr/bin/java for the link run:
If both commands runs and the location is correct Java is properly installed on the system.
/usr/bin/ruby -e "$(curl -fsSkL raw.github.com/mxcl/homebrew/go)"
We need to make sure that the binaries we install with homebrew are first in the path:
echo PATH=/usr/local/bin:/usr/local/sbin:$PATH >> ~/.bash_profile
brew tap homebrew/versions
For Nmap in the case of OSX I recommend the use of Homebrew since they are quite quick and keeping their formulas updated for the tool and work out most of the problems that may arise quite quickly. To install Nmap just run the command bellow:
brew install nmap
Install Ruby 2.1
On OS X we have 3 methods for installing ruby 2.1.x these are:
- RVM (Ruby Version Manager)
Installing Ruby using Homebrew:
brew install homebrew/versions/ruby21
Check that yo are running the version of ruby you just installed with:
If installing using RVM be warned that symlinks will not work do to the way it places the binary stubs of the metasploit-framework gem
Installing Ruby using RVM:
curl -L https://get.rvm.io | bash -s stable source ~/.rvm/scripts/rvm echo "source ~/.rvm/scripts/rvm" >> ~/.bash_profile source ~/.bash_profile rvm install 2.1.9 rvm use 2.1.9 --default ruby -v
Installing Ruby using rbenv:
cd ~ git clone git://github.com/sstephenson/rbenv.git .rbenv echo 'export PATH="$HOME/.rbenv/bin:$PATH"' >> ~/.bash_profile echo 'eval "$(rbenv init -)"' >> ~/.bash_profile source ~/.bash_profile git clone git://github.com/sstephenson/ruby-build.git ~/.rbenv/plugins/ruby-build echo 'export PATH="$HOME/.rbenv/plugins/ruby-build/bin:$PATH"' >> ~/.bash_profile # sudo plugin so we can run Metasploit as root with "rbenv sudo msfconsole" git clone git://github.com/dcarley/rbenv-sudo.git ~/.rbenv/plugins/rbenv-sudo source ~/.bash_profile rbenv install 2.1.9 rbenv global 2.1.9 ruby -v
Once the packages have been install we need to install the required Ruby libraries that metasploit depends on:
gem install bundler
brew install postgresql --without-ossp-uuid
Init the Database if this is a first time install:
Configure Postgres to automatically load on login, the instruction bellow are as an example copy and paste the commands that the brew installer showed and follow any other instruction it shows :
mkdir -p ~/Library/LaunchAgents cp /usr/local/Cellar/postgresql/9.4.4/homebrew.mxcl.postgresql.plist ~/Library/LaunchAgents/ launchctl load -w ~/Library/LaunchAgents/homebrew.mxcl.postgresql.plist
PostgreSQL will now start every time a user logs in. Create user called msf for use in Metasploit:
createuser msf -P -h localhost
Create database for use with metasploit called msf and make the user msf the owner:
createdb -O msf msf -h localhost
Record the password used for the account created since it will be used when configuring the framework.
Installing Metasploit Framework
For regular use of the framework only needs to clone the Git repository and create the necessary links and set the variable for the database config file
Create Symlink Copy for Regular Use
WARNING: Currently there is a bug in Metasploit Framework with Symlinks and RVM: https://github.com/rapid7/metasploit-framework/issues/4602
cd /usr/local/share/ git clone https://github.com/rapid7/metasploit-framework.git cd metasploit-framework for MSF in $(ls msf*); do ln -s /usr/local/share/metasploit-framework/$MSF /usr/local/bin/$MSF;done sudo chmod go+w /etc/profile sudo echo export MSF_DATABASE_CONFIG=/usr/local/share/metasploit-framework/config/database.yml >> /etc/profile
From the Metasploit-Framework folder lets use the Bundler Gem to install the properly supportted Gem versions:
Before starting to use the framework we need to create the database config file and set the parameters:
Enter the following text in to the file keeping the spacing and using the values used for creating the user and database:
production: adapter: postgresql database: msf username: msf password: host: 127.0.0.1 port: 5432 pool: 75 timeout: 5
To load the variable for the database configuration file for the current user:
source /etc/profile source ~/.bash_profile
Execute Metasploit msfconsole for the first time so it initializes the schema for the database for the first time as your current user and not as root:
Metasploit for Development and Contribution
If you wish to develop and contribute to the product you can follow the additional steps here Metasploit Dev Environment . For this you will need a GitHub account and you will fork the project in to your own account. I personally keep my dev copy of Metasploit in ~/Development folder and after an initial run of msfconsole I keep my database.yml file in ~/.msf4/cofig folder and adjust the MSF_DATABASE_CONFIG variable for it or run msfconsole with the -y option and point it to a YAML file with the correct configuration.
Since armitage is no longer included with Framework we need to execute some additional steps:
brew install pidof curl -# -o /tmp/armitage.tgz http://www.fastandeasyhacking.com/download/armitage-latest.tgz tar -xvzf /tmp/armitage.tgz -C /usr/local/share bash -c "echo \'/usr/bin/java\' -jar /usr/local/share/armitage/armitage.jar \$\*" > /usr/local/share/armitage/armitage
perl -pi -e 's/armitage.jar/\/usr\/local\/share\/armitage\/armitage.jar/g' /usr/local/share/armitage/teamserver
ln -s /usr/local/share/armitage/armitage /usr/local/bin/armitage ln -s /usr/local/armitage/teamserver /usr/local/bin/teamserver
One important thing to take into consideration, for using Armitage and many of the modules provided in Metasploit you need to run them as root. Due to the way variables are handled when using the sudo command to invoke msfconsole or Armitage you need to give it the -E option:
# For launching Armitage sudo -E armitage # For launching msfconsole sudo -E msfconsole