The joy of dependencies: Metasploit on Fedora 20

UPDATE 02/2015 : see there for the procedure on Fedora 21

As I started to use Fedora 20 at work – by the way, a solid distro with all security features enabled, I had the bad surprise to get similar issues to those on OS X.
Again, we will have to face the joy of dependencies! Fedora provides Ruby 2.0 by default, so firing msfconsole would fail with many openssl warnings, ending with:

/usr/share/ruby/openssl/cipher.rb:61:in `': superclass mismatch for class Cipher (TypeError)
from /usr/share/ruby/openssl/cipher.rb:22:in `'
from /usr/share/ruby/openssl/cipher.rb:21:in `'
from /usr/share/ruby/openssl.rb:20:in `require'
from /usr/share/ruby/openssl.rb:20:in `'
from /opt/pentest/exploit/msf/lib/msf/ui/console/driver.rb:144:in `require'
from /opt/pentest/exploit/msf/lib/msf/ui/console/driver.rb:144:in `initialize'
from ./msfconsole:148:in `new'
from ./msfconsole:148:in `'

While the installation steps are globally the same than on Mac, there are some specific issues with rbenv and Postgresql.

Preparing Postgresql


 yum -y install postgresql-server postgresql-devel

Initiate a new “cluster” and connect to the sql client through the postgres user:

# as root:
postgresql-setup initdb
systemctl restart postgresql.service
su postgres psql

Inside the psql console, create the new Metasploit user and its database:

create user msf;
alter user msf with encrypted password 'super password';
create database msfdb;
grant all privileges on database msfdb to msf;

Then, we will tell to Postgres how to accept local connections. ident necessitates an system account, trust means no password for any local account and md5 stands for a classic password authentication, which we will prefer.
Add this line inside /var/lib/pgsql/data/pg_hba.conf and beware that the order is important:

# IPv4 local connections:
host msfdb msf md5
host all all ident

Then we can restart the service and check with psql that the credentials are working:

systemctl restart postgresql.service
psql -U msf msfdb -h localhost

Setting Ruby

Metasploit runs well with Ruby 1.9.3, so we will install this version and switch to it using rbenv.
rbenv does a nice job at managing several version of ruby next to each other, installing dependancies (as OpenSSL) and setting PATH:

# as root:
# download and install rbenv
\curl -sSL | bash
rvm install ruby-1.9.3 --autolibs=packages
rvm use ruby-1.9.3
# checking, should obviously return ruby 1.9.3
ruby --version

Getting and running Metasploit


# as root in e.g. /opt
git clone msf
cd msf
yum -y install rubygem-bundler libpcap-devel
bundle install

Configure the database creating config/database.yml:

    adapter: postgresql
    database: msfdb
    username: msf
    port: 5432
    pool: 75
    timeout: 5

Launch it and have fun :

ln -s /opt/msf/msf* /usr/local/bin
sudo -i msfconsole
# as root
# check connection to the database

Note that the -i option of sudo is mandatory, as it resets the environment for security purposes. That way it will get the environment of the target user, root, which should be just fine if you set rbenv with that user.

UPDATE 02/27/2014: I had some issues starting Metasploit with sudo and I actually failed to find a satisfying solution. I am now just launching it as root and in its work directory.

It is recommended to add a cron entry in /etc/crontab for regular updates:

# msfupdate every 2 hours
0 */2 * * * root /opt/msf/msfupdate 2>&1