Saturday, June 25, 2011

Installing Metasploit [Linux/Now Updated with Windows!]

Now that I've briefly covered some WEP/WPA cracking, lets install an important tool to our arsenal for issuing exploits and "payloads" (a name for exploits).

This program is called "Metasploit" and is considered by many to be one of the most important hacking/pentesting tools around. It has an amazing array of exploits that can be used on many vulnerable machines, and when coupled with the vulnerability scanner Nessus (I'll cover this in the future) becomes a highly sophisticated tool we can use to hack into and secure our networks.

I'm installing this on Ubuntu Gnome Backtrack 5 (the newest release), so if you're on a different GUI (like KDE) and aren't using BT5, some things might be different.

NOTE: It may be useful for new users to check out my Linux commands overview that I recently updated (the day this post was released).

Hopefully you know the basics of Linux navigation and listing commands, so lets begin.
For those running Linux 32 bit like me, download this and save it to your computer. For 64 bit, download this and save it to your computer.
These are both the full installations because I'm assuming you, like me, do not have the dependencies already installed (which are NOT optional).

Once you have them downloaded (they may take a while), open a new terminal console and enter the command to navigate to the directory that it is saved on. If you saved it to your desktop like me, all I type is "cd Desktop" (capitalization is necessary; Linux is case-sensitive; a doesn't mean A) and can confirm this with a "pwd" command. If you saved it in your Home directory (where the cd command alone takes you), try issuing an "ls" command to make sure it's there.

Once you're in the correct directory, type "chmod +x framework-3.*-linux-full.run" which runs the "chmod" command with the option "+x" on your downloaded file. This changes the permissions of this file to add "executable" so we can run it.
Next, we need to run this executable! Type: "./framework-3.*-linux-full.run" and it should bring up the install GUI (graphical user interface) in a few seconds (or minutes if your computer is slower like mine).

  • The first screen will be a welcome screen, just click "forward" and move on.
  • The next screen is Metasploit's license agreement. Read it if you want then click "I accept the agreement" and then "forward."
  • The next is where you want the Metasploit framework installed; I would keep it default (my default is /opt/framework-3.7.2). Click forward to continue. 
    • If after you push forward and it says it cannot be created because the directory is full or already exists, try renaming the installation path or check to see that Metasploit already isn't installed. If it isn't you can rename your old one and add ".bak" to make sure you don't screw anything up.
      • To rename it using Gnome 32bit, click on "Places"  then "Computer" then "root," then click on "go" in the taskbar and click "open parent" OR while in "Computer" hit "alt-up." An easier way to do this may just be to click on "File system" but sometimes that just doesn't work or isn't located on the options.
      • Next, double click the "opt" folder. There should be a bunch of folders in here, one being the folder you're trying to install. Right click that folder and click "rename" and add ".bak" to the end of the file name. You should be all ready to install it now if you wish.
  • The next screen prompts for automatic updates. I highly suggest leaving this on "yes" so you always have up-to-date exploits on your hands. Click forward.
  • Your ready to install page should come up, click forward to start your installation! If you're stupid like me and hit "cancel" at any point, it will prompt to close again, so don't worry about hitting the key!
  • After you hit forward, it should start installing and have a task completion bar. Depending on your computer it may take a while to install.
    • If you encounter an issue where it states that port 7175 is not open and it is closing installation due to this you have to change the Postgresql .conf (configure) file to start on port 7175 instead of the default 5xxx something. To do this, we are going to edit this file with our (meaning my) favorite Linux text editor-- Nano.
      Open a new terminal and navigate to your "/" folder. This may be your home on some computers, but my "home" is "/root," so I have to use the "cd" command to get there.
      How I navigate there is by typing "cd ../" which places me from my "/root" folder to my "/" folder (the ../ means go UP (back) a level).
      Next, I use my trusty "cd" command and type "cd etc" which brings me into me to "/etc" (if you type "pwd" it will show your location).
    • Then navigate into the "postgresql" folder with your cd command and further into the "8.4" and the "main folder within that (your location should be "/etc/postgresql/8.4/main." If your number isn't 8.4, use whatever version you have installed (as far as I know, 9.04 is out, but I haven't updated to it).
      Next, we're gonna edit the "postgresql.conf" file with our nano text editor. Type "nano postgresql.conf" while in the directory stated above and a text editor format will come up that you should be generally familiar with since it looks like most others. You  can read all the comments (lines with "#" in them), or you can scroll down past the "File locations" to the "connection and authentication" section. From there, you should see a setting "port= 5432" or something of the sort. Edit that number to 7175 (or if your error gave you a different port, set it to that), then push control o (the "oh" key), then push enter to write the file (a small prompt will come up asking to write it, pushing enter confirms this). Then push control-z to exit the editor.
      A restart of your system is required after this fix, so restart and hopefully your postgresql will start on the correct port. Redo your installation (delete your old framework-3xxx folder) and do everything normal. If this doesn't work, post a comment below and I'll help you troubleshoot.
  • Whoo, well, hopefully you didn't have that postgresql issue and it all installed fine, but if you did, read the block of text above and then come to this point. Once you have a successful install, you can try to update with the command "msfupdate" and run the program as "msfconsole."
    If you have any problems, ask below in a comment, email me, or @tweet me at my twitter account.
    You can navigate to the MSF3 files in the /opt/framework-3.7.2/msf3 directory and check out all the files listed there. There is a README file that may help you troubleshoot and figure out this amazing exploit program.

Leave comments below, opinions, any help or questions. I'll be updating this to make it easier to read and adding in troubleshooting but hopefully it helps some people right now.

Installing the Metasploit Framework on Windows!

Yep, finally more Windows content, and this time I'm updating my old Metasploit installation tutorial to include Windows!
Lets jump right in.

First, download this file and save it to wherever you want. It is the FULL version of Metasploit including an updated Java and Postgresql. I'm linking this one since a lot of people don't have the necessary dependencies already, and it's easier just to be safe than sorry and have to re-download it or it not work at all.
Once this is done downloading (it took about 5 minutes with a fast connection for me), double click it from your downloaded area or in your browsers download page to run the executable (.exe) file.

The setup is quite normal. Just hit next to go to the License Agreement and either read it and accept or just accept it (who actually reads them?).

The next page is the installation location. I left mine at the default which for me is "C:\Program Files\Rapid7\framework" and works unless you want it in a specific location.
Hit next and it will ask if you want automatic updates. I'd suggest saying yes since it allows you to have updated exploits and payloads and all the goodies we will be using. Now hit next until it installs (the next page is useless).
The Metasploit Framework might open up a few Consoles, but they should close quickly and you should let them do their thing. This is the program installing normally.
If you use Microsoft Security Essentials or some other type of virus protection, I would suggest turning them off for the installation, then adding the location that you're downloading Metasploit to to your "excluded locations" or else this happens:

Oh noez D=
If this happens, allow the location by following the directions below and "allow" those files by changing them from "remove" to "allow" with the dropdown menu and hitting "apply actions"

To allow this location this on MSE, click on the "settings" tab, then "excluded files and locations" and select your location (for me, Program Files -> Rapid7).


I would suggest allowing this location BEFORE continuing installation, as it may cause problems with the actual installation.
Once it's done downloading you can just hit finish and it should all be ready to go. It won't open up right away and for me, it didn't create a desktop shortcut. So go into your Start menu and All Programs, then Metasploit Framework and open the Metasploit GUI (graphical user interface) first.
If it's the first time opening it, it should say it's configuring, just hit OK and let it load.


This is the Metasploit GUI, which I will go over quickly before moving to the (better in my opinion) console interface, which is much like the Linux version.

Wow, so where to begin? Lets start by clicking on the "File" menu dropdown and clicking on "Show connection details"
This is our current "connection" to Metasploit, and it shows what port we are running off of, our username and password, as well as our "host," which for me is "127.0.0.1" which is localhost, which is our computer, if you didn't know.
In our "view" tab we can click on any of the options and it will switch to the tabs above. The only option we can use here that isn't on the tabs (like Firefox, Chrome, Opera, or any browser today uses) is the "preferences" which includes a few different things we can change around.

[Last updated August 8th at 1:00pm]

    22 comments:

    1. Hey,

      Autotom from reddit checking in,

      between the chmod +x and the installer there is 1 step missing that naturally stumped me, anyway a google search and the answer wasn't far away, but if anyone else gets stuck running the metastability update heres how

      you need to execute it with './' eg ./framework-3.*-linux-full.run

      ReplyDelete
    2. @Autotom, ahhh, thank you very much for that catch, I don't know how I missed putting that in!
      Did the rest of the install go well?

      ReplyDelete
    3. Yeah, I've played around with backtrack in the past and had a working 32 bit VM, figured i might as well take the opportunity to update to x64

      ReplyDelete
    4. @Autotom Awesome, I'm glad it did. I'll be posting some exploit how-tos once I get more basic things down, so be sure to check back soon!

      ReplyDelete
    5. Had trouble installing until I did chmod u=rwx. I'm not sure why +w would be necessary, but it seemed to be for me.

      ReplyDelete
    6. @Rumpy, that seems odd that you'd need to add write privileges to install it... did everything else go fine?

      ReplyDelete
    7. Download SecurityTube Metasploit Framework Expert DVD FREE Enjoy ;)

      securitytube-training.com/certifications/securitytube-metasploit-framework-expert/?id=download ;)

      ReplyDelete
    8. hey in windows installation..i had this error...
      http://www.zeroflag.eu/img/framework07.gif
      if any1 can help

      ReplyDelete
    9. Keep up the fantastic piece of work, I read few articles on this website and I believe that your website is real interesting and has got bands of wonderful information.
      earn money online without investment

      ReplyDelete