Cómo instalar Metasploit Framework en Ubuntu / Debian


Metasploit Framework es un proyecto de código abierto que proporciona la infraestructura, el contenido y las herramientas para realizar auditorías de seguridad y pruebas de penetración exhaustivas.

Las ediciones comerciales de Metasploit están disponibles para los usuarios que prefieren utilizar una interfaz web para pentest. El Framework Metasploit ejecuta los siguientes servicios.

  • PostgreSQL Database server – utilizado por Metasploit para almacenar datos de un proyecto.
  • Ruby on Rails
  • Metasploit service

Requerimientos Metasploit Framework

A continuación se encuentran los requisitos mínimos de hardware para ejecutar Metasploit Framework en Ubuntu 18.04 / Debian 9.

  • 2 GHz+ processor
  • 4 GB RAM available (8 GB recomendado)
  • 1 GB available disk space (50 GB recomendado)
  • 64-bit version of Ubuntu 18.04 / Debian 9 (o más)

La forma más sencilla de instalar Metasploit Framework en Ubuntu / Debian  es desde el instalador de Metasploit. Este instalador se entrega con todas las dependencias y herramientas necesarias para ejecutar Metasploit Framework.

Descargue el instalador de Metasploit ejecutando los siguientes comandos en su terminal.

curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall

Una vez descargado el script, hazlo ejecutable.

chmod 755 msfinstall

Luego ejecuta:

# ./msfinstall
 Adding metasploit-framework to your repository list..OK
 Updating package cache..OK
 Checking for and installing update..
 Reading package lists… Done
 Building dependency tree       
 Reading state information… Done
 The following NEW packages will be installed:
   metasploit-framework
 0 upgraded, 1 newly installed, 0 to remove and 122 not upgraded.
 Need to get 169 MB of archives.
 After this operation, 397 MB of additional disk space will be used.
 Get:1 https://downloads.metasploit.com/data/releases/metasploit-framework/apt lucid/main amd64 metasploit-framework amd64 4.17.35+20190105104028~1rapid7-1 [169 MB]
 Fetched 169 MB in 4s (42.3 MB/s)               
 debconf: delaying package configuration, since apt-utils is not installed
 Selecting previously unselected package metasploit-framework.
 (Reading database … 34892 files and directories currently installed.)
 Preparing to unpack …/metasploit-framework_4.17.35+20190105104028~1rapid7-1_amd64.deb …
 Unpacking metasploit-framework (4.17.35+20190105104028~1rapid7-1) …
 Setting up metasploit-framework (4.17.35+20190105104028~1rapid7-1) …
 update-alternatives: using /opt/metasploit-framework/bin/msfbinscan to provide /usr/bin/msfbinscan (msfbinscan) in auto mode
 update-alternatives: using /opt/metasploit-framework/bin/msfconsole to provide /usr/bin/msfconsole (msfconsole) in auto mode
 update-alternatives: using /opt/metasploit-framework/bin/msfd to provide /usr/bin/msfd (msfd) in auto mode
 update-alternatives: using /opt/metasploit-framework/bin/msfdb to provide /usr/bin/msfdb (msfdb) in auto mode
 update-alternatives: using /opt/metasploit-framework/bin/msfelfscan to provide /usr/bin/msfelfscan (msfelfscan) in auto mode
 update-alternatives: using /opt/metasploit-framework/bin/msfmachscan to provide /usr/bin/msfmachscan (msfmachscan) in auto mode
 update-alternatives: using /opt/metasploit-framework/bin/msfpescan to provide /usr/bin/msfpescan (msfpescan) in auto mode
 update-alternatives: using /opt/metasploit-framework/bin/msfrop to provide /usr/bin/msfrop (msfrop) in auto mode
 update-alternatives: using /opt/metasploit-framework/bin/msfrpc to provide /usr/bin/msfrpc (msfrpc) in auto mode
 update-alternatives: using /opt/metasploit-framework/bin/msfrpcd to provide /usr/bin/msfrpcd (msfrpcd) in auto mode
 update-alternatives: using /opt/metasploit-framework/bin/msfupdate to provide /usr/bin/msfupdate (msfupdate) in auto mode
 update-alternatives: using /opt/metasploit-framework/bin/msfvenom to provide /usr/bin/msfvenom (msfvenom) in auto mode
 update-alternatives: using /opt/metasploit-framework/bin/metasploit-aggregator to provide /usr/bin/metasploit-aggregator (metasploit-aggregator) in auto mode
 Run msfconsole to get started

Crea e inicializa la base de datos msf.

$ msfdb init
 Creating database at /home/jmutai/.msf4/db
 Starting database at /home/jmutai/.msf4/db…success
 Creating database users
 Creating initial database schema

Inicia msfconsole

Ahora que la base de datos está inicializada, puedes iniciar msfconsole.

$ msfconsole

Ejemplo del output:

Verifique la conectividad de la base de datos con el comando db_status como se muestra:.
msf > db_status
 [*] postgresql connected to msf
 msf >

Actualizando Metasploit Framework

Para actualizar su Metasploit Framework en Ubuntu  / Debian. Ejecute el comando:

# msfupdate
 Updating package cache..OK
 Checking for and installing update..
 Reading package lists… Done
 Building dependency tree       
 Reading state information… Done
 metasploit-framework is already the newest version (4.17.35+20190105104028~1rapid7-1).
 0 upgraded, 0 newly installed, 0 to remove and 123 not upgraded.

Puedes checar la versión del Framework con el siguiente comando:

# msfconsole  --version
 Framework Version: 4.17.35-dev-

Felicidades. Ya tienes instalado el Metasploit Framework en tu sistema 🙂


Like it? Share with your friends!

0 Comments