How to install Metasploit on Ubuntu

Metasploit is a handy penetration tool used most widely. It contains handlers to listen for reverse connections and send bind shell connections.

Metasploit-Framework is a tool by Rapid7. It contains exploits written in Ruby, Python, PHP, Apk and contains handlers to listen for reverse connections and send bind shell connections.

It also has scripts for scanning, dictionary attacks, gives pivoting ability and backgrounding and upgrading shells. Metasploit comes pre-installed in some Linux versions. In this tutorial, we should see the two common ways of installing Metasploit on Ubuntu.

1. Installing Metasploit By Changing Repositories

The first method is to install it by changing the Ubuntu repositories to Kali rolling repositories and then updating the system. Once we update, all the package details are downloaded, and it becomes easy to install the Kali tools on Ubuntu system.

To change repositories, enter the following command;

$ sudo nano /etc/apt/sources.list

Now add the Kali rolling repositories in the sources.list file.

deb kali-rolling main non-free contrib

Editing Sources in Ubuntu
Editing Sources in Ubuntu

Press CTRL+X then Enter Y to save the file. Now run the following command;

$ sudo apt update

You may see something like “Following Signatures Couldn’t be Verified” on the terminal.

Signature not verified
Signature not verified

The apt packaging system has trusting keys for package authentication, and these need to be installed on a particular system. You can import them by the following command;

$ sudo apt-key adv --keyserver --recv-keys ED444FF07D8D0BF6

Again enter the above if needed;

$ sudo apt-key adv --keyserver --recv-keys ED444FF07D8D0BF6

Remember to replace the key with the one that appears on your terminal.

Importing the Keys
Importing the Keys

Since the keys have successfully been imported, now you need to update, and the error should be gone, and the system should successfully update. Never run apt Upgrade when you have added any external system repository as it should panic the Kernel, and the system may crash.

$ sudo apt update

Apt Update
Apt Update

Now install Metasploit with the following command;

$ sudo apt install metasploit-framework -y

Installing Metasploit

All the dependencies should automatically be installed. Start the PostgreSQL service. Enter;

$ sudo service postgresql start

You need to initialize the Metasploit database before its use. You can do that by entering;

$ sudo msfdb init

You can then use Metasploit by entering the following command;

$ sudo msfconsole

Starting Metasploit
Starting Metasploit

The last step is to remove the Kali Rolling repositories from the sources.list file.

Enter the following command;

$ sudo nano /etc/apt/sources.list

Remove the link to Kali rolling repository which you added previously, press CTRL+X and then Y. The run;

$ sudo apt update

2. Installing From GitHub

Another standard method is to install the Metasploit-Framework by cloning from the GitHub. You need to manually install and configure all the dependencies one by one while cloning Metasploit from GitHub.

Following is the list of dependencies that are required for Metasploit Development Environment as stated by Rapid7.

$ sudo apt-get install gpgv2 autoconf bison build-essential curl git-core libapr1 libaprutil1 libcurl4-openssl-dev libgmp3-dev libpcap-dev libpq-dev libreadline6-dev libsqlite3-dev libssl-dev libsvn1 libtool libxml2 libxml2-dev libxslt-dev libyaml-dev locate ncurses-dev openssl postgresql postgresql-contrib wget xsel zlib1g zlib1g-dev

Configuring Postgres

After installing the dependencies, you need to configure the PostgreSQL database. It provides search capability and few other supporting features for Metasploit.

$ sudo su postgres
Create a new metasploit user;

$ createuser metasploituser -P

Enter any password you want to keep.

MSFuser in Postgres
MSFuser in Postgres

Now create the user database;

$ createdb msfdb -O metasploituser

Now exit from the Postgres.

$ exit

It is better to configure the PostgreSQL service to start automatically. Else the user has to start it manually each time for using the Metasploit.

$ sudo update-rc.d postgresql enable

Now you need to install RVM.

$ gpg --keyserver hkp:// --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB
$ curl -sSL | bash -s stable --ruby 
$ source ~/.rvm/scripts/rvm

Installing RVM

The next step is cloning Metasploit from the Github.

$ git clone

Cloning Metasploit

Now switch to metasploit directory;

$ cd metasploit-framework/

Install Ruby, Ruby Gems & Bundler;

$ rvm --install ruby-2.6.2

Installing Ruby
Installing Ruby

$ gem install bundler
$ bundle install

The very last step is to configure the database.yml. Switch the present directory by entering;

$ cd ~/.msf4/

Now enter;

$ sudo nano database.yml
development: &pgsql
adapter: postgresql
database: msfdb
username: metasploituser
password: msfuser1
host: localhost
port: 5432
pool: 5
timeout: 5            

production: &production
<<: *pgsql
<<: *pgsql
database: msfdb

Remember to replace the username and password with the one you entered while creating the msfuser.

Configuring database.yml
Configuring database.yml

Press CTRL+X and then Y to save the file.

If everything went all right, your Metasploit must have been installed correctly. Switch back to the metasploit directory;

$ cd ~/metasploit-framework

You can start metasploit by entering;

$ ./msfconsole

Starting Metasploit


Metasploit can be easily installed in various ways. It requires some dependencies and PostgreSQL to be installed. You have to configure the Ruby database for Metasploit to work correctly manually.

Zohaib Yousaf
My name is Zohaib Yousaf. I'm an Ethical Hacker & a Pen Tester. Python scripting and Bash automation is my hobby. My research work is in Anonymity. I have co-worked in development of few anonymity solutions which implemented different Cryptographic Algorithms.


Please enter your comment!
Please enter your name here




Create a ClamAV Antivirus Live USB drive, and how to use it

Antivirus Live CD or USB drives come in handy at times when your computer is infected with a virus and other malware. Here is how you can create a ClamAV Live USB drive to scan and remove the malware from a computer.


best video players for linux
Most Linux-based systems come with a built-in video player, but let's be honest, it most definitely won't be able to satisfy all of your requirements, due to the fact that default software is mostly made for basic purposes. In this article, we will review the 5 Best Video Players for Linux and thoroughly discuss their features as well as their pros and cons.
Application Launchers for Ubuntu
Ubuntu is one of the most used Linux distributions worldwide. It is also the reason why it has the maximum number of available programs for itself. Today we are going to talk about one category of those programs, the application launchers.
Ubuntu 19.10 beta overview
It may be early, but I've been looking forward to the release of Ubuntu 19.10 for some time now. As an impatient person, and promised readers in the FOSSLinux article announcing the release of Eoan Ermine that we would provide you a review of Ubuntu 19.10 Eoan Ermine - Beta.  So, here it goes.