Metasploit is a free, downloadable framework that makes it easy to acquire, develop, and attack computer software vulnerabilities. It itself comes with a professional-grade vulnerability attack tool with hundreds of known software vulnerabilities. When H.d Moore released Metasploit in 2003, the state of computer security was permanently changed. Like overnight, anyone can become a hacker, and everyone can use attack tools to attack bugs that haven't patched or just patched. Software vendors can no longer postpone the release of patches for published vulnerabilities because the Metasploit team has been working to develop various attack tools and contribute them to all Metasploit users.
Experimental environment
Centos6.5_x64
Experimental software
pgdg-centos94-9.4-1.noarch.rpm
Yaml-0.1.6.tar.gz
Ruby-2.2.4.tar.gz
nmap-7.12.tar.bz2
Metasploit-framework.git
Software Installation
RPM-IVH pgdg-centos94-9.4-1.noarch.rpm
Yum install-y postgresql94-server postgresql94-devel postgresql94
Yum groupinstall-y ' Development Tools '
Yum install-y sqlite-devel libxslt-devel libxml2-devel java-1.7.0-openjdk libpcap-devel nano openssl-devel zlib-devel Li Bffi-devel gdbm-devel readline-devel nano wget git
Gem Install wirble PG sqlite3 Msgpack activerecord redcarpet rspec Simplecov yard bundler
Tar zxvf yaml-0.1.6.tar.gz
CD yaml-0.1.6
./configure--prefix=/usr/local/
Make
Make install
Tar zxvf ruby-2.2.4.tar.gz
CD ruby-2.2.4
./configure--prefix=/usr/local--with-opt-dir=/usr/local/lib
Make
Make install
Tar jxvf nmap-7.12.tar.bz2
CD nmap-7.12
./configure
Make
Make install
exclude=postgresql*
Service postgresql-9.4 Initdb
Service postgresql-9.4 Start
Chkconfig--level postgresql-9.4 on
echo Export path=/usr/pgsql-9.4/bin: $PATH >>/ETC/BASHRC
SOURCE ~/.BASHRC
Su-postgres
Su-postgres
-bash-4.1$ CreateUser msf-p-s-r-D
Enter Password for new role:
Enter It again:
Createdb-o MSF MSF
Exit
Cp/var/lib/pgsql/9.4/data/pg_hba.conf/var/lib/pgsql/9.4/data/pg_hba.conf.bak
Vim/var/lib/pgsql/9.4/data/pg_hba.conf
# TYPE DATABASE USER ADDRESS METHOD
78
"Local" is for Unix domain sockets connections only
The local all MD5
Bayi # IPV4 Local connections:
MD5 host All 127.0.0.1/32
# IPV6 Local connections:
+ Host All:: 1/128 MD5
Replication connections from localhost, by a user with thed
Replication # privilege.
#local Replication Postgres Peer
#host Replication Postgres 127.0.0.1/32 ident
#host replication postgres:: 1/128 ident
Service postgresql-9.4 Restart
cd/opt/
git clone https://github.com/rapid7/metasploit-framework.git
CD Metasploit-framework
Bash-c ' for MSF in $ (LS msf*); Do ln-s/opt/metasploit-framework/$MSF/usr/local/bin/$MSF;d One '
Ln-s/opt/metasploit-framework/armitage/usr/local/bin/armitage
Bundle Install
Bundle Install
Don ' t run bundler as root. Bundler can ask for sudo if it is needed, and
Installing your bundle as root would break this application for all non-root users
On the machine.
Fetching gem metadata from https://rubygems.org/
Fetching version metadata from https://rubygems.org/
Fetching dependency metadata from https://rubygems.org/
Resolving dependencies ....
Installing Rake 11.2.2
Using i18n 0.7.0
Installing JSON 1.8.3 with native extensions
Vim/opt/metasploit-framework/database.yml
Development: &pgsql
Adapter:postgresql
Database:metasploit-credential_development1
username:msf
Password
Host:localhost modified to 127.0.0.1
port:5432
Pool:5 modified to 75
Timeout:5
Min_messages:warning
Test
<<: *pgsql
Database:metasploit-credential_test1
Netstat-tuplna | grep 5432
TCP 0 0 127.0.0.1:5432 0.0.0.0:* LISTEN 30767/postmaster
TCP 0 0:: 1:5432:::* LISTEN 30767/postmaster
echo Export MSF_DATABASE_CONFIG=/OPT/METASPLOIT-FRAMEWORK/DATABASE.YML >>/ETC/BASHRC
SOURCE ~/.BASHRC
Verify
Msfconsole
650) this.width=650; "Src=" Http://s3.51cto.com/wyfs02/M02/86/74/wKioL1e_DGKTaWqJAAClBsAXO18106.jpg-wh_500x0-wm_3 -wmp_4-s_3655963883.jpg "title=" 1.jpg "alt=" Wkiol1e_dgktawqjaaclbsaxo18106.jpg-wh_50 "/>
This article from "Mailfile" blog, declined reprint!
CENTOS6 installation Metasploit