{"id":11455,"date":"2022-02-05T17:37:25","date_gmt":"2022-02-05T14:37:25","guid":{"rendered":"https:\/\/kifarunix.com\/?p=11455"},"modified":"2024-03-09T10:14:32","modified_gmt":"2024-03-09T07:14:32","slug":"install-metasploit-framework-on-ubuntu-22-04-ubuntu-20-04","status":"publish","type":"post","link":"https:\/\/kifarunix.com\/install-metasploit-framework-on-ubuntu-22-04-ubuntu-20-04\/","title":{"rendered":"Install Metasploit Framework on Ubuntu 22.04\/Ubuntu 20.04"},"content":{"rendered":"\n

In this tutorial, you will learn how to install Metasploit Framework on Ubuntu 22.04\/Ubuntu 20.04 LTS. Metasploit Framework<\/a> provides a platform and tools for performing deep system security auditing as well as penetration testing to unearth, exploit and validate every other would-be vulnerability.<\/p>\n\n\n\n

Install Metasploit Framework on Ubuntu 22.04\/Ubuntu 20.04<\/h2>\n\n\n\n

Metasploit is available in both the commercial and opensource version (thanks to Rapid 7 for teaming up with OSS community).<\/p>\n\n\n\n

In this tutorial, we will install the opensource version of Metasploit using the Nightly build installers<\/a>. The Nightly installers ship with all the dependencies required for a successful installation and all you need to do the installation is just a simple script.<\/p>\n\n\n\n

Before you proceed, check the minimum system requirements<\/a>.<\/p>\n\n\n\n

RUn System Update<\/h3>\n\n\n\n

To begin with, update and upgrade your system.<\/p>\n\n\n\n

sudo apt update<\/code><\/pre>\n\n\n\n
sudo apt upgrade -y<\/code><\/pre>\n\n\n\n
Install PostgreSQL Metasploit Database Backend;<\/h3>\n\n\n\n
Run the command below to install PostgreSQL database backend for Metasploit.<\/p>\n\n\n\n
sudo apt install postgresql postgresql-contrib -y<\/code><\/pre>\n\n\n\n
Next, run start and enable PostgreSQL service to run on boot;<\/p>\n\n\n\n
sudo systemctl enable --now postgresql<\/code><\/pre>\n\n\n\n
Download Metasploit Opensource Installer<\/h3>\n\n\n\n
If you want to install the Pro versions, installers are available on Metasploit framework wiki’s page<\/a> or Metasploit Download’s page<\/a>.<\/p>\n\n\n\n
For our opensource versions, run the command below to download installer script.<\/p>\n\n\n\n
curl https:\/\/raw.githubusercontent.com\/rapid7\/metasploit-omnibus\/master\/config\/templates\/metasploit-framework-wrappers\/msfupdate.erb > msfinstall<\/code><\/pre>\n\n\n\n
Install Metasploit Framework on Ubuntu<\/h3>\n\n\n\n
Once the download completes, make the installer executable by running the command below;<\/p>\n\n\n\n
chmod +x msfinstall<\/code><\/pre>\n\n\n\n
Next, launch the Metasploit installer.<\/p>\n\n\n\n
sudo .\/msfinstall<\/code><\/pre>\n\n\n\n
The command will create Metasploit Framework repository from where Metasploit can be installed.<\/p>\n\n\n\n
According to the Wiki’s page;<\/p>\n\n\n\n
\n
Once installed, you can launch msfconsole as \/opt\/metasploit-framework\/bin\/msfconsole<\/code> from a terminal window, or depending on your environment, it may already be in your path and you can just run it directly. On first run, a series of prompts will help you setup a database and add Metasploit to your local PATH if it is not already.<\/p>\n\n\n\n
These packages integrate into your package manager and can be updated with the msfupdate<\/code> command, or with your package manager. On first start, these packages will automatically setup the database or use your existing database.<\/p>\n<\/blockquote>\n\n\n\n
Sample installation command output;<\/p>\n\n\n\n
Adding metasploit-framework to your repository list..OK\nUpdating package cache..OK\nChecking for and installing update..\nReading package lists... Done\nBuilding dependency tree       \nReading state information... Done\nThe following NEW packages will be installed:\n  metasploit-framework\n0 upgraded, 1 newly installed, 0 to remove and 142 not upgraded.\nNeed to get 266 MB of archives.\nAfter this operation, 655 MB of additional disk space will be used.\nGet:1 http:\/\/downloads.metasploit.com\/data\/releases\/metasploit-framework\/apt lucid\/main amd64 metasploit-framework amd64 6.1.29+20220206112545~1rapid7-1 [266 MB]\nFetched 266 MB in 6min 22s (696 kB\/s)                                                                                                                                      \nSelecting previously unselected package metasploit-framework.\n(Reading database ... 71317 files and directories currently installed.)\nPreparing to unpack ...\/metasploit-framework_6.1.29+20220206112545~1rapid7-1_amd64.deb ...\nUnpacking metasploit-framework (6.1.29+20220206112545~1rapid7-1) ...\nSetting up metasploit-framework (6.1.29+20220206112545~1rapid7-1) ...\nupdate-alternatives: using \/opt\/metasploit-framework\/bin\/msfbinscan to provide \/usr\/bin\/msfbinscan (msfbinscan) in auto mode\nupdate-alternatives: using \/opt\/metasploit-framework\/bin\/msfconsole to provide \/usr\/bin\/msfconsole (msfconsole) in auto mode\nupdate-alternatives: using \/opt\/metasploit-framework\/bin\/msfd to provide \/usr\/bin\/msfd (msfd) in auto mode\nupdate-alternatives: using \/opt\/metasploit-framework\/bin\/msfdb to provide \/usr\/bin\/msfdb (msfdb) in auto mode\nupdate-alternatives: using \/opt\/metasploit-framework\/bin\/msfelfscan to provide \/usr\/bin\/msfelfscan (msfelfscan) in auto mode\nupdate-alternatives: using \/opt\/metasploit-framework\/bin\/msfmachscan to provide \/usr\/bin\/msfmachscan (msfmachscan) in auto mode\nupdate-alternatives: using \/opt\/metasploit-framework\/bin\/msfpescan to provide \/usr\/bin\/msfpescan (msfpescan) in auto mode\nupdate-alternatives: using \/opt\/metasploit-framework\/bin\/msfrop to provide \/usr\/bin\/msfrop (msfrop) in auto mode\nupdate-alternatives: using \/opt\/metasploit-framework\/bin\/msfrpc to provide \/usr\/bin\/msfrpc (msfrpc) in auto mode\nupdate-alternatives: using \/opt\/metasploit-framework\/bin\/msfrpcd to provide \/usr\/bin\/msfrpcd (msfrpcd) in auto mode\nupdate-alternatives: using \/opt\/metasploit-framework\/bin\/msfupdate to provide \/usr\/bin\/msfupdate (msfupdate) in auto mode\nupdate-alternatives: using \/opt\/metasploit-framework\/bin\/msfvenom to provide \/usr\/bin\/msfvenom (msfvenom) in auto mode\nRun msfconsole to get started\n<\/code><\/pre>\n\n\n\n
When the installation is done, all binary files related to Metasploit should now be under your path;<\/p>\n\n\n\n
ls -1 \/bin\/msf*<\/code><\/pre>\n\n\n\n
\n\/bin\/msfbinscan\n\/bin\/msfconsole\n\/bin\/msfd\n\/bin\/msfdb\n\/bin\/msfelfscan\n\/bin\/msfmachscan\n\/bin\/msfpescan\n\/bin\/msfrop\n\/bin\/msfrpc\n\/bin\/msfrpcd\n\/bin\/msfupdate\n\/bin\/msfvenom\n<\/code><\/pre>\n\n\n\n
Initialize Metasploit Database<\/h3>\n\n\n\n
Your Metasploit is now ready.<\/p>\n\n\n\n
Create and initialize the msf database as well create the MSF web service. As non root user, run the command below<\/p>\n\n\n\n
msfdb init<\/code><\/pre>\n\n\n\n
\n[?] Would you like to init the webservice? (Not Required) [no]: yes\n====================================================================\nRunning the 'init' command for the database:\nCreating database at \/home\/kifarunix\/.msf4\/db\nStarting database at \/home\/kifarunix\/.msf4\/db...success\nCreating database users\nWriting client authentication configuration file \/home\/kifarunix\/.msf4\/db\/pg_hba.conf\nStopping database at \/home\/kifarunix\/.msf4\/db\nStarting database at \/home\/kifarunix\/.msf4\/db...success\nCreating initial database schema\n====================================================================\n\n====================================================================\nRunning the 'init' command for the webservice:\n[?] Initial MSF web service account username? [kifarunix]: \n[?] Initial MSF web service account password? (Leave blank for random password): \nGenerating SSL key and certificate for MSF web service\nAttempting to start MSF web service...success\nMSF web service started and online\nCreating MSF web service user kifarunix\n\n    ############################################################\n    ##              MSF Web Service Credentials               ##\n    ##                                                        ##\n    ##        Please store these credentials securely.        ##\n    ##    You will need them to connect to the webservice.    ##\n    ############################################################\n\nMSF web service username: kifarunix\nMSF web service password: password\nMSF web service user API token: 2906c3a503f549528b725187f283254af87554e86fc8897b875883db3b3e6a62665cc715a583fb72\n\n\nMSF web service configuration complete\nThe web service has been configured as your default data service in msfconsole with the name \"local-https-data-service\"\n\nIf needed, manually reconnect to the data service in msfconsole using the command:\ndb_connect --name local-https-data-service --token 2906c3a503f549528b725187f283254af87554e86fc8897b875883db3b3e6a62665cc715a583fb72 --cert \/home\/kifarunix\/.msf4\/msf-ws-cert.pem --skip-verify https:\/\/localhost:5443\n\nThe username and password are credentials for the API account:\nhttps:\/\/localhost:5443\/api\/v1\/auth\/account\n\nPersisting http web data service credentials in msfconsole\n====================================================================\n\n<\/code><\/pre>\n\n\n\n
You can see other command options by running;<\/p>\n\n\n\n
msfdb<\/code><\/pre>\n\n\n\n
Check database\/web service status;<\/p>\n\n\n\n
msfdb status<\/code><\/pre>\n\n\n\n
\n====================================================================\nRunning the 'status' command for the database:\nDatabase started\n====================================================================\n\n====================================================================\nRunning the 'status' command for the webservice:\nMSF web service is running as PID 83935\n====================================================================\n<\/code><\/pre>\n\n\n\n
Launch Msfconsole on Ubuntu<\/h3>\n\n\n\n
The Metasploit Framework is available on command line. To launch it, just execute the command below;<\/p>\n\n\n\n
msfconsole<\/code><\/pre>\n\n\n\n
\n ______________________________________________________________________________\n|                                                                              |\n|                   METASPLOIT CYBER MISSILE COMMAND V5                        |\n|______________________________________________________________________________|\n      \\                                  \/                      \/\n       \\     .                          \/                      \/            x\n        \\                              \/                      \/\n         \\                            \/          +           \/\n          \\            +             \/                      \/\n           *                        \/                      \/\n                                   \/      .               \/\n    X                             \/                      \/            X\n                                 \/                     ###\n                                \/                     # % #\n                               \/                       ###\n                      .       \/\n     .                       \/      .            *           .\n                            \/\n                           *\n                  +                       *\n\n                                       ^\n####      __     __     __          #######         __     __     __        ####\n####    \/    \\ \/    \\ \/    \\      ###########     \/    \\ \/    \\ \/    \\      ####\n################################################################################\n################################################################################\n# WAVE 5 ######## SCORE 31337 ################################## HIGH FFFFFFFF #\n################################################################################\n                                                           https:\/\/metasploit.com\n\n\n       =[ metasploit v6.1.29-dev-                         ]\n+ -- --=[ 2197 exploits - 1164 auxiliary - 400 post       ]\n+ -- --=[ 596 payloads - 45 encoders - 11 nops            ]\n+ -- --=[ 9 evasion                                       ]\n\nMetasploit tip: View a module's description using \ninfo, or the enhanced version in your browser with \ninfo -d\n\nmsf6 >\n<\/code><\/pre>\n\n\n\n
Run Example Port Scan on msfconsole<\/h3>\n\n\n\n
For Example to launch TCP Scans;<\/p>\n\n\n\n