UPDATE 02/2015 : see there for the procedure on Fedora 21
As I started to use Fedora 20 at work – by the way, a solid distro with all security features enabled, I had the bad surprise to get similar issues to those on OS X.
Again, we will have to face the joy of dependencies! Fedora provides Ruby 2.0 by default, so firing msfconsole would fail with many openssl warnings, ending with:
It happened to me a little more complex than expected, so I thought it would deserve a post. There are a few good tutorials already, but they actually did not work flawlessly for me. So while this post is mostly based on them, there are some slight differences.
First, let’s fetch Metasploit. Adjust the last two lines by replacing .zshrc (I am using Zsh) with .bash_profile if you are using Bash, for instance.
This will download, create symlinks and set the database settings path (we will come back on it later) in your environment:
cd /usr/local/share/ git clone https://github.com/rapid7/metasploit-framework.git cd metasploit-framework for MSF in $(ls msf*); do ln -s /usr/local/share/metasploit-framework/$MSF /usr/local/bin/$MSF;done ln -s /usr/local/share/metasploit-framework/armitage /usr/local/bin/armitage echo export MSF_DATABASE_CONFIG=/usr/local/share/metasploit-framework/config/database.yml >> ~/.zshrc source ~/.zshrc
Metasploit is almost ready, but don’t run anything yet. There a still quite a few steps…
We use Homebrew:
brew install postgresql --without-ossp-build
Initialization stuff:
initdb /usr/local/var/postgres
To have launchd start postgresql at login:
ln -sfv /usr/local/opt/postgresql/*.plist ~/Library/LaunchAgents
But I prefer to keep my startup clean, so I added two aliases in my .zshrc
alias pg_start='pg_ctl -D /usr/local/var/postgres -l /usr/local/var/postgres/server.log start' alias pg_stop='pg_ctl stop'
So you now have two commands, pg_start and pg_stop, to use for Metasploit.
Finally, we create the msf user that will connect to the database from within Metasploit:
createuser msf -P -h localhost
createdb -O msf msf -h localhost While we are at the database stuff, let’s configure Metasploit to use it. Create a database.yml file in /usr/local/share/metasploit-framework/config/ and put these lines:
production:
adapter: postgresql
database: msf
username: msf
password: <password>
host: 127.0.0.1
port: 5432
pool: 75
timeout: 5
The database is ready!
The last big step is to install Ruby. The one provided by Mac Os is a little too old, and you don’t want to mess with system libraries, so let’s leave it untouched. You could install Ruby with Homebrew, but it happens that the latest version (2.0.0-p0) is not working with Metasploit (OpenSSL libraries conflicts). So we need to use something like the 1.9.3 version of Ruby.
Anyway, a good practice is to have some flexibility on the version you are going to use, so you would be able to switch between 1.9.3, 2.0.0 or whatever and that whenever you need.
Here comes rbenv. For the next steps, I will assume that you have a working homebrew setting.
Let’s go:
brew install rbenv ruby-build
Add this line to your .zshrc or bash_profile:
eval "$(rbenv init -)"
Now you should be able to list all installable versions of Ruby:
rbenv install --list
Let’s pick up 1.9.3:
rbenv install 1.9.3-p392
It takes a while, but after it is completed, you can set it as your default:
rbenv rehash rbenv global 1.9.3-p392
Note that you could use the local command instead of global to set it for the current terminal only.
Let’s check that everything is correctly set. This is where the Ruby versions are stored:
$ ls ~/.rbenv/versions/ 1.9.3-p392 2.0.0-p0
ruby and gem MUST point to the 1.9.3 version:
$ rbenv which ruby $HOME/.rbenv/versions/1.9.3-p392/bin/ruby $ rbenv which gem $HOME/.rbenv/versions/1.9.3-p392/bin/gem
Looks good, let’s go ahead.
We are now able to install up the required gems for Metasploit. They made it easy by packaging these in a Gemfile that can be read by the “bundle” utility:
gem install bundle cd /usr/local/share/metasploit-framework rbenv rehash bundle install
Create an vncviewer wrapper to facilitate use from within Metasploit:
echo '#!/usr/bin/env bash' >> /usr/local/bin/vncviewer echo open vnc://\$1 >> /usr/local/bin/vncviewer chmod +x /usr/local/bin/vncviewer
Get and compile the pcaprub library (optional):
cd /usr/local/share/metasploit-framework/external git clone http://github.com/shadowbq/pcaprub.git cd ./ext/pcaprub ruby extconf.rb && make && make install
If you haven’t, don’t forget to start Postgres, and you are ready to play:
sudo -E msfconsole
It should deploy the database structure and then start to work without warning. Hurrah! That was not hard, but a bit long, wasn’t it?
In case it still fails for you, it means that something went wrong with the setup. Check the steps again, and then leave a comment as it may be the time for an update or a correction of this article.
As stated in the introduction, this article is mostly taken from darkoperator.com with minor adjustments (it actually did not work out of the box for me), so the use of rbenv. I hope it will be helpful to other people in the same case as me.
UPDATE 09/07/2013:
UPDATE 07/23/2013: