- readloud / Installing Metasploit Framework with Kali Linux.md
- How to install Metasploit in Kali Linux for Security Testing
- How to install Metasploit in Kali Linux
- How to solve upgrade bundler error in Kali Linux
- Start, Restart, and Stop Metasploit services:
- Launching Metasploit in Kali Linux
- How to install metasploit kali linux
- Quick way
- MSFDB
- Start the Kali PostgreSQL Service
- Initialize the Metasploit PostgreSQL Database
- Launch msfconsole in Kali
readloud / Installing Metasploit Framework with Kali Linux.md
This article demonstrates how to install the Metasploit Framework with Kali Linux on WSL version 2. When installing Kali Linux for WSL2 using Microsoft Store, its file size is minimised by including the bare essentials by default.
Pre-requisites This example assumes that you have the following:
Windows Subsystem For Linux version 2 (WSL2) — This example is not tested on WSL version 1 Kali Linux for WSL2
Instructions STEP 1 — UPDATE THE REPOSITORIES
STEP 2 — INSTALL AND ENABLE POSTGRESQL
sudo apt install postgresql sudo /etc/init.d/postgresql start
STEP 3 — DOWNLOAD THE METASPLOIT FRAMEWORK INSTALLATION FILE
wget https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb
STEP 4 — INSTALL THE METASPLOIT FRAMEWORK
STEP 5 -VERIFY THE INSTALLATION To confirm that the Metasploit Framework was successfully installed, attempt to launch components supported by the framework.
To launch the Metasploit Framework command-line interface, run:
The below screen capture displays msfconsole launched with an ASCII-art banner.
You can use exit to exit msfconsole and attempt to launch the msfvenom, the command-line instance of Metasploit.
If the installation was successful, the help page will be displayed as demonstrated below.
Steps to install Metasploit on Windows 10 using the Windows Subsystem for Linux
C:\> reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock" /t REG_DWORD /f /v "AllowDevelopmentWithoutDevLicense" /d "1"
2.) Enable Windows Subsystem for Linux
C:\> DISM /online /enable-feature /featurename:Microsoft-Windows-Subsystem-Linux
4.) Type «bash» at cmd line to get into Windows Subsystem for Linux and create a new password for your user.
test@Desktop:/mnt/c$ curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall && chmod 755 msfinstall && ./msfinstall
How to install Metasploit in Kali Linux for Security Testing
Security is a big concern for an organization, So most of the companies are hiring Pentester or Ethical hacker to secure data of an organization.
You can use Penetration testing tools and different types of techniques to find out vulnerabilities in websites, applications or databases.
Metasploit is a big framework used for Penetration Testing and ethical hacking. This is managed by Rapid7. There are two editions of Metasploit, one is Metasploit Pro, which is chargeable and another is Metasploit Community is free.
In the case, if you are not using Kali Linux and want to use Metasploit on another Linux operating system.
This is very simple, Install it on any operating systems including Windows.
Are you using Ubuntu? do you want to use Metasploit? Download first:
You can download Metasploit on ubuntu you have to download from Rapid7
If you are using Kali Linux. Keep in mind Metasploit is not come with Kali Linux by default as previously. So you need to install Metasploit in Kali Linux then Learn how to use Metasploit in Kali Linux. So if you want to know how to install Metasploit in Kali Linux? I am going to describe each and everything in this article.
How to install Metasploit in Kali Linux
I don’t like to write this section on how to install Metasploit in Kali Linux. It comes by default in previous versions.
Today I am going to describe here about installation on Metasploit. You can install it directly from the repository by using apt or apt-get command.
First update the repository list by using following command.
[email protected]:~#apt-get update Get:1 http://kali.download/kali kali-rolling InRelease [30.5 kB] Get:2 http://kali.download/kali kali-rolling/non-free Sources [127 kB] Get:3 http://kali.download/kali kali-rolling/main Sources [12.9 MB] Get:4 http://kali.download/kali kali-rolling/contrib Sources [60.3 kB] Get:5 http://kali.download/kali kali-rolling/main amd64 Packages [16.5 MB] Get:6 http://kali.download/kali kali-rolling/non-free amd64 Packages [200 kB] Get:7 http://kali.download/kali kali-rolling/contrib amd64 Packages [97.0 kB] Fetched 29.9 MB in 23s (1,287 kB/s) Reading package lists. Done [email protected]:~#
Install the Metasploit framework on Kali Linux by running the following command:
#apt-get install metasploit-framework
[email protected]:~#apt-get install metasploit-framework Reading package lists. Done Building dependency tree Reading state information. Done The following packages were automatically installed and are no longer required: acheck-rules libconfig-general-perl libterm-size-perl libtext-aspell-perl Use 'apt autoremove' to remove them. The following additional packages will be installed: cryptsetup cryptsetup-initramfs gcc-10-base libc-bin libc-dev-bin libc-l10n libc6 libc6-dbg libc6-dev libc6-i386 libcrypt-dev libcrypt1 libgcc-s1 locales locales-all Suggested packages: glibc-doc clamav clamav-daemon The following NEW packages will be installed: gcc-10-base libcrypt-dev libcrypt1 libgcc-s1 The following packages will be upgraded: cryptsetup cryptsetup-initramfs libc-bin libc-dev-bin libc-l10n libc6 libc6-dbg libc6-dev libc6-i386 locales locales-all metasploit-framework 12 upgraded, 4 newly installed, 0 to remove and 1554 not upgraded. Need to get 169 MB of archives. After this operation, 2,233 kB disk space will be freed. Do you want to continue? [Y/n]
You will get some configuration popups at the time of installation. Read configuration messages carefully and configure accordingly.
Upgrade glibc so Click on yes. You can change options by pressing “TAB” key, and for selecting press “ENTER” Key.
I have installed Metasploit successfully. I used command msfconsole to run the Metasploit framework but no success.
I go the following error “You may need to uninstall or upgrade bundler”
You can see in the following image:
[email protected]:~#msfconsole [*] Bundler failed to load and returned this error: 'cannot load such file -- bundler/setup' [*] You may need to uninstall or upgrade bundler [email protected]:~#
How to solve upgrade bundler error in Kali Linux
If you are getting an error “You may need to uninstall or upgrade bundler” after installation of Metasploit then you can use the following steps:
Step 1: Go to /usr/share/metasploit-framework/ by using cd command. As you can see in the following image.
[email protected]:~#cd /usr/share/metasploit-framework/ [email protected]:/usr/share/metasploit-framework#
Step 2: Install bundler: You can use the followoing command to install and upgrade bundler.
[email protected]:~#cd /usr/share/metasploit-framework/ [email protected]:/usr/share/metasploit-framework#gem install bundler Fetching: bundler-2.1.4.gem (100%) Successfully installed bundler-2.1.4 Parsing documentation for bundler-2.1.4 Installing ri documentation for bundler-2.1.4 Done installing documentation for bundler after 24 seconds 1 gem installed [email protected]:/usr/share/metasploit-framework#bundle install
Start, Restart, and Stop Metasploit services:
You have finished the installation of Metasploit, the next task on how to use Metasploit in Kali Linux. It is quite simple. You must follow the 2 steps:
Before the launch Metasploit, it is necessary to start Metasploit service.
Sometimes, It is possible the services you are going to start, running previously. before the start, the Metasploit service first checks the status of service.
If the service is not running then you can start, restart and stop Metasploit by following commands.
#service metasploit status
#service metasploit restart
If the User start the Metasploit service first time, He have to start postgresql service first similar metasploit postgresql service can be start, restart, and stop by following commands
#service postgresql restart
#service postgresql status.
Launching Metasploit in Kali Linux
Metasploit has four working interface for the user, Pentester can use variety of ways to access Metasploit. For the learner who don’t have solid command over control of Metasploit, It is recommended to use graphical interface. The Graphical User Interface is accessed by selecting “Measploit Community/Pro” from the main menu:
Applications > Kali Linux > Exploitation > Metasploit > Metasploit Community/Pro
By default the user will used a web browser with URL address: https://localhost:3790/ . When the Metasploit runs in to browser, the tester will be prompt with an error message “Connection is Untrusted”. It happens because Metasploit don’t have a valid security certification. Click on “I Understand the Risks”, Click on the next option “Add Exception”. When new screen will be opened, click on the “Confirm Security Exception” to continue process.
Update the Database for Metasploit:
Metasploit is developed by Rapid7, There are limited updates for community users. It is necessary to update the Metasploit database before use every time. Metasploit database can be updated by using following command.
User can update metasploit by GUI interface. If a pentester running web interface, Select “software Update” option from the upper right-hand side of Web page of Metasploit. Next screen will be displayed select “Check for Updates”. Metasploit will start download and install updates on the system if available. It is recommended that service of Metasploit be restarted. Restart the browser then reopen the Metasploit Web Intrface.
MODULE 13:- Metasploit Framework
How to install metasploit kali linux
In keeping with the Kali Linux Network Services Policy, no network services, including database services, run on boot as a default, so there are a couple of steps that need to be taken in order to get Metasploit up and running with database support.
Quick way
You an have everything up and running, by starting the PostgreSQL service and set it up just by doing:
[email protected]:~$ sudo msfdb init [+] Starting database [+] Creating database user 'msf' [+] Creating databases 'msf' [+] Creating databases 'msf_test' [+] Creating configuration file '/usr/share/metasploit-framework/config/database.yml' [+] Creating initial database schema [email protected]:~$
You can even take it one step further by doing sudo msfdb run and it will do the same as the above, as well as start msfconsole afterwards
MSFDB
To help interactive with various parts of the Metasploit configuration there is msfdb :
[email protected]:~$ sudo msfdb Manage the metasploit framework database msfdb init # start and initialize the database msfdb reinit # delete and reinitialize the database msfdb delete # delete database and stop using it msfdb start # start the database msfdb stop # stop the database msfdb status # check service status msfdb run # start the database and run msfconsole [email protected]:~$
Please note: this is a different version of msfdb that is shipped with the default project
Start the Kali PostgreSQL Service
Start the Kali PostgreSQL Service
Metasploit uses PostgreSQL as its database so it needs to be launched first:
[email protected]:~$ sudo msfdb start [+] Starting database [email protected]:~$
You can verify that PostgreSQL is running by checking the output of ss -ant and making sure that port 5432 is listening, or using sudo msfdb status :
[email protected]:~$ sudo msfdb status ● postgresql.service - PostgreSQL RDBMS Loaded: loaded (/lib/systemd/system/postgresql.service; disabled; vendor preset: disabled) Active: active (exited) since Sun 2021-02-07 02:15:42 EST; 4s ago Process: 157089 ExecStart=/bin/true (code=exited, status=0/SUCCESS) Main PID: 157089 (code=exited, status=0/SUCCESS) Feb 07 02:15:42 kali systemd[1]: Starting PostgreSQL RDBMS. Feb 07 02:15:42 kali systemd[1]: Finished PostgreSQL RDBMS. COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME postgres 157071 postgres 5u IPv6 647182 0t0 TCP localhost:5432 (LISTEN) postgres 157071 postgres 6u IPv4 647183 0t0 TCP localhost:5432 (LISTEN) UID PID PPID C STIME TTY STAT TIME CMD postgres 157071 1 1 02:15 ? Ss 0:00 /usr/lib/postgresql/13/bin/postgres -D /var/lib/postgresql/13/main -c config_file=/etc/postgresql/13/main/postgresql.con [i] No configuration file found [email protected]:~$
Initialize the Metasploit PostgreSQL Database
With PostgreSQL up and running, we next need to create and initialize the msf database:
[email protected]:~$ sudo msfdb init [i] Database already started [+] Creating database user 'msf' [+] Creating databases 'msf' [+] Creating databases 'msf_test' [+] Creating configuration file '/usr/share/metasploit-framework/config/database.yml' [+] Creating initial database schema [email protected]:~$
Launch msfconsole in Kali
Now that the PostgreSQL service is up and running and the database is initialized, you can launch msfconsole and verify database connectivity with the db_status command as shown below:
[email protected]:~$ msfconsole -q msf6 > msf6 > db_status [*] Connected to msf. Connection type: postgresql. msf6 >
Updated on: 2023-Mar-06
Author: g0tmi1k