How to install Metasploit on Ubuntu

Metasploit is a handy penetration tool used most widely. It contains handlers to listen for reverse connections and send bind shell connections.

Metasploit-Framework is a tool by Rapid7. It contains exploits written in Ruby, Python, PHP, Apk and contains handlers to listen for reverse connections and send bind shell connections.

It also has scripts for scanning, dictionary attacks, gives pivoting ability and backgrounding and upgrading shells. Metasploit comes pre-installed in some Linux versions. In this tutorial, we should see the two common ways of installing Metasploit on Ubuntu.

1. Installing Metasploit By Changing Repositories

The first method is to install it by changing the Ubuntu repositories to Kali rolling repositories and then updating the system. Once we update, all the package details are downloaded, and it becomes easy to install the Kali tools on Ubuntu system.

To change repositories, enter the following command;

$ sudo nano /etc/apt/sources.list

Now add the Kali rolling repositories in the sources.list file.

deb http://http.kali.org/kali kali-rolling main non-free contrib

Editing Sources in Ubuntu
Editing Sources in Ubuntu

Press CTRL+X then Enter Y to save the file. Now run the following command;

$ sudo apt update

You may see something like “Following Signatures Couldn’t be Verified” on the terminal.

Signature not verified
Signature not verified

The apt packaging system has trusting keys for package authentication, and these need to be installed on a particular system. You can import them by the following command;

$ sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys ED444FF07D8D0BF6

Again enter the above if needed;

$ sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys ED444FF07D8D0BF6

Remember to replace the key with the one that appears on your terminal.

Importing the Keys
Importing the Keys

Since the keys have successfully been imported, now you need to update, and the error should be gone, and the system should successfully update. Never run apt Upgrade when you have added any external system repository as it should panic the Kernel, and the system may crash.

$ sudo apt update

Apt Update
Apt Update

Now install Metasploit with the following command;

$ sudo apt install metasploit-framework -y

Installing Metasploit

All the dependencies should automatically be installed. Start the PostgreSQL service. Enter;

$ sudo service postgresql start

You need to initialize the Metasploit database before its use. You can do that by entering;

$ sudo msfdb init

You can then use Metasploit by entering the following command;

$ sudo msfconsole

Starting Metasploit
Starting Metasploit

The last step is to remove the Kali Rolling repositories from the sources.list file.

Enter the following command;

$ sudo nano /etc/apt/sources.list

Remove the link to Kali rolling repository which you added previously, press CTRL+X and then Y. The run;

$ sudo apt update

2. Installing From GitHub

Another standard method is to install the Metasploit-Framework by cloning from the GitHub. You need to manually install and configure all the dependencies one by one while cloning Metasploit from GitHub.

Following is the list of dependencies that are required for Metasploit Development Environment as stated by Rapid7.

$ sudo apt-get install gpgv2 autoconf bison build-essential curl git-core libapr1 libaprutil1 libcurl4-openssl-dev libgmp3-dev libpcap-dev libpq-dev libreadline6-dev libsqlite3-dev libssl-dev libsvn1 libtool libxml2 libxml2-dev libxslt-dev libyaml-dev locate ncurses-dev openssl postgresql postgresql-contrib wget xsel zlib1g zlib1g-dev

Configuring Postgres

After installing the dependencies, you need to configure the PostgreSQL database. It provides search capability and few other supporting features for Metasploit.

$ sudo su postgres
Create a new metasploit user;

$ createuser metasploituser -P

Enter any password you want to keep.

MSFuser in Postgres
MSFuser in Postgres

Now create the user database;

$ createdb msfdb -O metasploituser

Now exit from the Postgres.

$ exit

It is better to configure the PostgreSQL service to start automatically. Else the user has to start it manually each time for using the Metasploit.

$ sudo update-rc.d postgresql enable

Now you need to install RVM.

$ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB
$ curl -sSL https://get.rvm.io | bash -s stable --ruby 
$ source ~/.rvm/scripts/rvm

Installing RVM

The next step is cloning Metasploit from the Github.

$ git clone https://github.com/rapid7/metasploit-framework.git

Cloning Metasploit

Now switch to metasploit directory;

$ cd metasploit-framework/

Install Ruby, Ruby Gems & Bundler;

$ rvm --install ruby-2.6.2

Installing Ruby
Installing Ruby

$ gem install bundler
$ bundle install

The very last step is to configure the database.yml. Switch the present directory by entering;

$ cd ~/.msf4/

Now enter;

$ sudo nano database.yml
development: &pgsql
adapter: postgresql
database: msfdb
username: metasploituser
password: msfuser1
host: localhost
port: 5432
pool: 5
timeout: 5            

production: &production
<<: *pgsql
test:
<<: *pgsql
database: msfdb

Remember to replace the username and password with the one you entered while creating the msfuser.

Configuring database.yml
Configuring database.yml

Press CTRL+X and then Y to save the file.

If everything went all right, your Metasploit must have been installed correctly. Switch back to the metasploit directory;

$ cd ~/metasploit-framework

You can start metasploit by entering;

$ ./msfconsole

Starting Metasploit

Conclusion

Metasploit can be easily installed in various ways. It requires some dependencies and PostgreSQL to be installed. You have to configure the Ruby database for Metasploit to work correctly manually.

Zohaib Yousaf
My name is Zohaib Yousaf. I'm an Ethical Hacker & a Pen Tester. Python scripting and Bash automation is my hobby. My research work is in Anonymity. I have co-worked in development of few anonymity solutions which implemented different Cryptographic Algorithms.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

STAY CONNECTED

24,536FansLike
172FollowersFollow

LATEST ARTICLES

Application Launchers for Ubuntu
Ubuntu is one of the most used Linux distributions worldwide. It is also the reason why it has the maximum number of available programs for itself. Today we are going to talk about one category of those programs, the application launchers.
best linux distros for laptops
Whether buying a Linux pre-installed laptop or selecting a Linux distro for your existing laptop, there are many things to consider. Let's take you through some of the best Linux distros that are optimized for Laptops in this 2019 edition of the article. Read on.
best linux distros programmers
Linux distros have long been a favorite among programmers since the rise in popularity of the OS in the nineties. Programmers are technical by nature, and Linux distros appeal to that technical nature. Let's discuss why Linux is a great desktop OS for programmers and developers, and find out best distros suitable for them.
best linux distros beginners
Making the shift to Linux is not as complicated as some people make it out to be. There is a variety of Linux distributions available that cater to the needs of people who are planning on making the jump to Linux from any other operating system.
PDF EDITORS LINUX
In this article, we will take a look at 10 of the best PDF editors and tools out there in 2019 that are available for Linux platforms. The editors are going to be judged on the basis of their functionalities, portability, ease of installation, price, and convenience.