[Installing Metasploit Framework on Centos_rhel 6] install Metasploit frame "translation" on Centos_rhel 6
Tag declaration: Blue Man for the translation of the English content, yellow text for the execution of orders. English proficiency is limited, please note if there are omissions. Article Origin Blog Park-first line
All command in the need to is ran as root. To switch to root and has all the proper variables run:
All commands in this tutorial need to use the root account. Switch to the root account to ensure that the variables are correctly executed:
Su-
Installing Dependencies
Install dependencies
We start by making sure, we have the latest packages by updating the system using Yum:
First, we want to make sure that we have the latest packages for the Yum update system:
Yum Update
Yum Upgrade
Now, we know that we is running an updated system we can install all the dependent packages that is needed by metasp Loit Framework:
Now that we know that we are running an updated system, we can install all the dependencies that need to be through the Metasploit framework:
Yum Groupinstall ' Development Tools '
Yum install sqlite-devel libxslt-devel libxml2-devel java-1.7.0-openjdk libpcap-devel Nano openssl-devel zlib-devel Libffi-devel gdbm-devel readline-devel Nano wget
Installing Ruby 1.9.3
Installing Ruby1.9.3
Centos/rhel is a solid operating system, but sadly it does does tend to run the latest in term of packages so we had to COM Pile and install by hand the YAML and Ruby 1.9.3 software.
The Centos/rhel operating system is very stable, but unfortunately it does not support the latest packages, so we will manually compile and install Yaml and Ruby1.9.3.
First we download and install the latest version of YAML.
First we download and install the latest YAML version.
Cd/usr/src
wget http://pyyaml.org/download/libyaml/yaml-0.1.4.tar.gz
Tar zxf yaml-0.1.4.tar.gz
CD yaml-0.1.4
./configure--prefix=/usr/local
Make && make install
Now we download and install the latest version of Ruby 1.9.3
Now, we download and install the latest version of Ruby1.9.3
Cd/usr/src
wget http://ftp.ruby-lang.org/pub/ruby/1.9/ruby-1.9.3-p374.tar.gz
Tar xvzf ruby-1.9.3-p374.tar.gz
CD ruby-1.9.3-p374
./configure--prefix=/usr/local--with-opt-dir=/usr/local/lib
Make & make Install
Installing Nmap
Installing Nmap
One of the external tools, Metasploit uses for scanning, is not included with the sources is Nmap. Here we'll cover downloading the latest source code for NMAP, compiling and installing:
One of them is Metasploit's use of the scanned external tool, Nmap is not included in the source. Here, we will introduce the latest source code for downloading Nmap, compiling and installing:
Cd/usr/src
SVN Co https://svn.nmap.org/nmap
CD Nmap
./configure
Make
Make install
Make clean
Configuring Postgre SQL Server
Configuring SQL Server for Postgre
The version that comes with Centos/rhel are quite old so we need to modify our system to install the latest from PostgreSQL Directly. Open/etc/yum.repos.d/centos-base.repo and add to the [Base] and [UPDATE] sections:
The version included in the Centos/rhel is very old, so we need to modify our system to install the latest PostgreSQL directly. Open/Etc/yum.repos.d/centos-base.repo, and add to [Base] and [Updatge] sections:
exclude=postgresql*
Now we can install the Postgres official repository for CentOS 6 x64:
Now we can install Postgres's official library in CentOS6 x64:
wget http://yum.postgresql.org/9.2/redhat/rhel-6-x86_64/pgdg-centos92-9.2-6.noarch.rpm
RPM-IVH pgdg-centos92-9.2-6.noarch.rpm
For X86 download:http://yum.postgresql.org/9.2/redhat/rhel-6-i386/pgdg-redhat92-9.2-7.noarch.rpm
X86 version of:
Fot RHEL 6 x64
For Rehel 6 x64 version
wget http://yum.postgresql.org/9.2/redhat/rhel-6-x86_64/pgdg-redhat92-9.2-7.noarch.rpm
RPM-IVH pgdg-redhat92-9.2-7.noarch.rpm
For x86 download http://yum.postgresql.org/9.2/redhat/rhel-6-i386/pgdg-centos92-9.2-6.noarch.rpm
X86 version of:
To install Postgres and the necessary files we use Yum:
To install Postgres, we must use the Yum file:
Yum Update
Yum Install Postgresql92-server postgresql92-devel postgresql92
Now we initialize the server and configure it for automatic startup:
Now we initialize the server and configure it to start automatically :
Service postgresql-9.2 Initdb
Service postgresql-9.2 Start
Chkconfig postgresql-9.2 on
For if we compile the necessary gem for Ruby we need to add the new install to our path so the compiler can find the bin Aries and Libraries:
Because when we compile the required Ruby gem package We need to add a new installation path to our environment variable (path) so that the compiler can find binaries and libraries:
echo Export path=/usr/pgsql-9.2/bin:\ $PATH >>/ETC/BASHRC
SOURCE ~/.BASHRC
We start by switching to the Postgres user so we can create the user and database that we'll use for Metasploit
First, we switch to postgres users so that we can create the Metasploit users and databases we will use.
Su-postgres
Now we create the user and database, do record the database, gave to the user since it'll be used in the Databas E.yml file, Metasploit, and Armitage use to connect to the database.
Now we create the user and database and record the database that you gave to the user because it will be used in Metasploit and Armitage to connect the Database.yml file to the database.
CreateUser Msf-p-s-r-D
Createdb-o MSF MSF
Exit
Exit
To allow the user we created to connect to Postgres we need to add to/var/lib/pgsql/9.2/data/pg_hba.conf file the Followi Ng lines above the rest of the other configured settings:
To allow us to create the user to connect to the Postgres, we need to add the following line to the rest of the other settings on the/var/lib/pgsql/9.2/data/pg_hba.conf file:
Local MSF MSF MD5
HOSTMSF MSF 127.0.0.1/8 MD5
HOSTMSF MSF:: 1/128 MD5
Restart the service:
Restart the service:
Service postgresql-9.2 Start
Installing Metasploit Framework
Installing the Metasploit Framework
Once The packages has been install we need to install the required Ruby libraries that Metasploit depends on:
Once the package has been installed, we need to install the required Ruby library Metasploit depending on:
Gem Install wirble PG sqlite3 Msgpack activerecord redcarpet rspec Simplecov yard bundler
We'll download the latest version of Metasploit Framework via Git so we can use msfupdate to keep it updated:
We will download the latest version of the Metasploit framework via git, so we can use Msfupdate to keep the update:
Cd/opt
git clone https://github.com/rapid7/metasploit-framework.git
CD Metasploit-framework
Lets Create the links to the commands so we can use them under any user and not being under the Framework folder:
Let's create a link to the command so that we can use them in any user, not according to the Frames folder:
Bash-c ' for MSF in $ (LS msf*); Do ln-s/opt/metasploit-framework/$MSF/usr/local/bin/$MSF;d One '
Ln-s/opt/metasploit-framework/armitage/usr/local/bin/armitage
From the Metasploit-framework folder lets with the Bundler gem to install the properly supportted gem versions:
From the Metasploit Framework folder allow the correct supported gem versions to be installed using the Bundler gem:
Bundle Install
Lets Create the Database.yml file that would contain the configuration parameters that would be a use by framework:
Let's create a database.yml file that is framed and included with configuration parameters:
Nano/opt/metasploit-framework/database.yml
Copy the YAML entries and make sure you provide the password your entered in the user creating step in the Password field F or the database:
Copy the YAML project and make sure that you provide the steps that you created in the Password field for the password that the user entered in the database:
Production
Adapter:postgresql
database:msf
username:msf
Password
host:127.0.0.1
port:5432
Pool:75
Timeout:5
Create and environment variable so it's loaded by Armitage and by Msfconsole when running and load the variable R Current Shell:
The environment variable is created by Armitage and the Msfconsole runtime loads the variable into the current shell:
echo Export MSF_DATABASE_CONFIG=/OPT/METASPLOIT-FRAMEWORK/DATABASE.YML >>/ETC/BASHRC
SOURCE ~/.BASHRC
First Run
First Run
Now we is ready-to-run Metasploit for the first time. My recommendation is to run it first under a regular user so the folders create under your home directory has the proper Permissions. First time it runs it would create the entries needed by Metasploit in the database so it would take a while to load.
Now we are ready to run Metasploit for the first time. My suggestion is to run it as a normal user first, so the folder you created under your home directory has the appropriate permissions. The first run will create the required Metasploit project in the database so that it will take a while to load.
Msfconsole
Original address: http://www.darkoperator.com/msf-centosrhel/