Installing Metasploit Framework on Lion and Mountain Lion
This Guide covers the installation of Metasploit Framework OSS Project on OSX Lion and Mountain Lion I recommend you first try with the following install script since it will do more than what is covered in the guide https://github.com/darkoperator/MSF-Installer.
Prepping the Operating System
Make sure you run software update and install all updates for the operating system and install the latest version of Xcode so as to be able to compile software. OS X does not come with Java installed by default and it will be needed for Armitage and MSFGUI, to installed the supported version for OS X from Apple just open a terminal and enter:
java
Follow the instructions shown by the installer.
Install Homebrew
/usr/bin/ruby -e "$(curl -fsSkL raw.github.com/mxcl/homebrew/go)"
We need to make sure that the binaries we install with homebrew are first in the path:
echo PATH=/usr/local/bin:/usr/local/sbin:$PATH >> ~/.bash_profile
Install Nmap
For Nmap in the case of OSX I recommend the use of Homebrew since they are quite quick and keeping their formulas updated for the tool and work out most of the problems that may arise quite quickly. To install Nmap just run the command bellow:
brew install nmap
Install GNU GCC
Lets install the GNU GCC, since we will compile the latest version from source this may take 50 minutes or more depending on your processor:
brew tap homebrew/versions brew install gcc47 --use-llvm
Lets configure also some terminal values so we can have color syntaxt for it and set compilation flags. Do make sure you enter the correct version of the GCC compiler you installed with brew
echo export CLICOLOR=1 >> ~/.bash_profile echo export LSCOLORS=GxFxCxDxBxegedabagaced >> ~/.bash_profile echo "" >> ~/.bash_profile echo export ARCHFLAGS=\"-arch x86_64\" >> ~/.bash_profile echo export CC=/usr/local/bin/gcc-4.7 >> ~/.bash_profile source ~/.bash_profile
Install Ruby 1.9.3
We will use HomeBrew to install and maintain the most stable version of Ruby 1.9.x since it works best with Metasploit.
brew install homebrew/versions/ruby193
Check that yo are running the version of ruby you just installed with:
ruby -v
Install PostgreSQL
brew install postgresql --without-ossp-uuid
Configure PostgreSQL
Init the Database if this is a first time install:
initdb /usr/local/var/postgres
Configure Postgres to automatically load on login, the instruction bellow are as an example copy and paste the commands that the brew installer showed and follow any other instruction it shows :
mkdir -p ~/Library/LaunchAgents cp /usr/local/Cellar/postgresql/9.1.4/homebrew.mxcl.postgresql.plist ~/Library/LaunchAgents/ launchctl load -w ~/Library/LaunchAgents/homebrew.mxcl.postgresql.plistPostgreSQL will now start every time a user logs in. Create user called msf for use in Metasploit:
createuser msf -P -h localhost
Create database for use with metasploit called msf and make the user msf the owner:
createdb -O msf msf -h localhost
Record the password used for the account created since it will be used when configuring the framework.
Next we install the gems that we will need for running Metasploit:
gem install pg sqlite3 msgpack activerecord redcarpet rspec simplecov yard bundler
VNCViewer
When working with VNC payloads the framework need vncviwer to be installed on the machine. Since Apple includes a VNC Client by default with OSX lets create a simple bash script that will call on the hos:ip combination that Metasploit uses with vncviwer so we do not have to fight with XQuatz and X11 to get one running on OSX:
echo '#!/usr/bin/env bash' >> /usr/local/bin/vncviewer echo open vnc://\$1 >> /usr/local/bin/vncviewer chmod +x /usr/local/bin/vncviewer
This will allow us to call from the terminal a connection to a VNC Server like:
vncviewer 192.168.1.120:5901
Installing Metasploit Framework
For regular use of the framework only needs to clone the Git repository and create the necessary links and set the variable for the database config file
cd /usr/local/share/ git clone https://github.com/rapid7/metasploit-framework.git cd metasploit-framework for MSF in $(ls msf*); do ln -s /usr/local/share/metasploit-framework/$MSF /usr/local/bin/$MSF;done sudo chmod go+w /etc/profile sudo echo export MSF_DATABASE_CONFIG=/usr/local/share/metasploit-framework/database.yml >> /etc/profile
From the Metasploit-Framework folder lets use the Bundler Gem to install the properly supportted Gem versions:
bundle install
Before starting to use the framework we need to create the database config file and set the parameters:
vim /usr/local/share/metasploit-framework/database.ymlEnter the following text in to the file keeping the spacing and using the values used for creating the user and database:
production: adapter: postgresql database: msf username: msf password:host: 127.0.0.1 port: 5432 pool: 75 timeout: 5
To load the variable for the database configuration file for the current user:
source /etc/profile source ~/.bash_profile
When using modules that need to craft packets like the port scanner modules the pcaprub library will be needed. The library is located in the root of the Metasploit Framework copy in the external folder. Navigate and install:
cd /usr/local/share/metasploit-framework/external/pcaprub ruby extconf.rb && make && make install
Execute Metasploit msfconsole for the first time so it initializes the schema for the database for the first time as your current user and not as root:
msfconsole
Install Armitage
Since armitage is no longer included with Framework we need to execute some additional steps:
brew install pidof curl -# -o /tmp/armitage.tgz http://www.fastandeasyhacking.com/download/armitage-latest.tgz tar -xvzf /tmp/armitage.tgz -C /usr/local/share sh -c "echo java -jar /usr/local/share/armitage/armitage.jar \$\* > /usr/local/share/armitage/armitage ln -s /usr/local/share/armitage/armitage /usr/local/bin/armitage ln -s /usr/local/armitage/teamserver /usr/local/bin/teamserver perl -pi -e 's/armitage.jar/\/usr\/local\/share\/armitage\/armitage.jar/g' /usr/local/share/armitage/teamserver
One important thing to take into consideration, for using Armitage and many of the modules provided in Metasploit you need to run them as root. Do to the way variables are handled when using the sudo command to invoke msfconsole or Armitage you need to give it the -E option:
# For launching Armitage sudo -E armitage # For launching msfconsole sudo -E msfconsole
Note
If you want to use a scripted install here is a script that follows the guide
https://github.com/jackiesingh/Metasploit-Framework-Install-Script-OS-X-Lion-and-Mountain-Lion