[Kali_metasploit] When installing Metasploit in the Fast-track tool, SVN expires and installs the workaround with GitHub

Source: Internet
Author: User
Tags http authentication

Tl;dr:please stop using SVN with

SVN Co https://www.metasploit.com/svn/framework3/trunk

and start using the GitHub repo with

git clone git://github.com/rapid7/metasploit-framework

As of today, a few of notice that's attempt to update Metasploit Framework over SVN (instead of git or msfupdate) Results in an authentication request. If you try to SVN checkout on Windows, using the TortoiseSVN, you'll see a pop up much like this:

For command line people, if you try to ' svn co ' or ' svn up ' your checkout of the Metasploit Framework you'll read:

$ svn up Updating '. ':
Authentication Realm:

Or a more recent msfupdate. See Http://r-7.co/MSF-SVN for more]=

Password for ' yourname ':

Please don ' t try any passwords think you know. We ' ve locked up SVN and we ' re using the authentication realms to communicate the correct update path to humans Dable by human eyeballs. The password prompt is incidental. If you've read this far, you might wonder why we ' re doing this.

On November, we moved we have source control to GitHub, and we've been bugging people to use git instead of SVN ever Since. However, the Internet exists in an eternal present tense. there is thousands and thousands documents, blog posts, books, and articles on ' Getting Started with Metasploit ' in P Ractically every human language spread all over the world, both on and offline, some of which we control, most of which we Don ' t. If you don ' t believe me, the just search for "SVN co" Metasploit.

Because of this, we ' re isn't ready to turn off SVN completely--throwing a 404 error on an update would just generate more ( than usual) complaints on Twitter, IRC, and mailing lists about the ' SVN co ' and ' svn up ' being broken. Those complaints is still happening today, so it's clear that some people is still stuck with way-out-of-date docume Ntation. Hopefully, those folks would read the instruction in the HTTP authentication realms, since that's about the only-to-do we can Communicate with svn-only clients.

If you is still on SVN, then converting to GitHub works like this:

    1. Don ' t try to use a password; If by some miracle your happen to guess a correct one, your prize is so you get some messed up, out of date svn-sourced C Ode. (:
    2. Delete your SVN checkout of Metasploit: rm-rf $HOME/metasploit (or the real path to your checkout).
    3. Clone the latest from GitHub: git clone--depth=1 git://github.com/rapid7/metasploit-framework Metasploit (or the path Where you want the clone).
    4. Go to your new Metasploit checkout, and run Msfupdate: CD Metasploit;./msfupdate (This'llget the bundle of Rub Y gems together for you).

If you can ' t use the git://URI handler, then use https://instead. It ' s somewhat slower, but still a million times better than SVN. If Bundler complains about the Gem dependencies, then check to make sure so you have a reasonable version of Ruby--1.9.3 I S ideal. 1.8.x is out. 2.0.0 should is okay, but it's not vetted for prime time yet.

That ' s it. Everything'll work as before--your custom modules so you stashed in $HOME/.msf4/modules'll be picked up, you'll Be gleefully tracking Metasploit ' s bleeding edge source branch, and now, your checkouts won ' t take hours and crash off on You.

If You use Metasploit Community, Metasploit Express, or Metasploit Pro, then basically none of the This applies for you--MSFU Pdate is converted in Metasploit 4.5 to use use weekly updates, which means you ' re getting the benefit of both Rapid7 QA and community testing without bothering with git or SVN.

Below, you can find a smattering of documents and posts regarding msfupdate and tracking the Framework source, which would Provide more detail in various aspects of the continuous state of Metasploit development. If your setup isn't the simple case described here, you'll probably find what's need in one of the these documents:

Metasploit Development Environment (Metasploit-framework wiki)

Git while the gitting is good

Metasploit Moves from SVN to Git/github

Update to the Metasploit Updates and Msfupdate

Activating Metasploit to fix Msfupdate:start to Finish

[Go to the official] Https://community.rapid7.com/community/metasploit/blog/2013/05/20/git-clone-metasploit-dont-svn-checkout

[Kali_metasploit] When installing Metasploit in the Fast-track tool, SVN expires and installs the workaround with GitHub

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.