installing metasploit framework on os x el capitan
This Guide is adapted from Carlos Perez’s Blog (http://www.darkoperator.com/installing-metasploit-framewor/) (which is a must read) with some additions and fixes to make the setup work on OS X El Capitan.
This post should help to alleviate some common issues with installing ruby and the Metasploit Framework on OS X. The main issues being that OS X ships with it’s own versions of Ruby that is not compatible with Metasploit and the version of libiconv installed with OS X causes issues installing the Nokogiri gem.
Xcode and Command Line Development Tools
The first step is to ensure that Software Update has been run and that OS X is updated. Once OS X has been updated, It is time to install Xcode.
Once Xcode has been installed launch Xcode from Applications and agree to the SDK License Agreement.
Install Xcode developer tools by typing:
xcode-select --install
Click Install in the dialog box that pops up and the package will be installed.
Java
Ensure that the latest versions of the Java 8 JRE and JDK are installed.
http://download.oracle.com/otn-pub/java/jdk/8u65-b17/jdk-8u65-macosx-x64.dmg
http://download.oracle.com/otn-pub/java/jdk/8u65-b17/jre-8u65-macosx-x64.dmg
Homebrew
Install homebrew by running the following command:
ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
Once Homebrew installs, run brew doctor to finalize the installation of homebrew.
brew doctor
Once homebrew is installed and set up, the PATH needs to be updated to ensure that all homebrew binaries are executed correctly.
echo PATH=/usr/local/bin:/usr/local/sbin:$PATH >> ~/.bash_profile
Once this is done, load the new $PATH by sourcing it.
source ~/.bash_profile
From here we need to ensure that both versions and dupes are loaded into homebrew (We load in dupes for later, as a dependency for nokogiri is located in here.)
brew tap homebrew/versions
brew tap homebrew/dupes
Homebrew Installs
Before Metasploit can be installed, some more dependencies should be installed via homebrew.
Nmap
This can be installed either via the dmg from their site, or via homebrew. Homebrew tends to keep their packages updated and it is quite easy to install and manage.
brew install nmap
Install Ruby 2.1.8
Now time for the part the most frequently causes issues. Ruby 2.1.7 is recommended as seen in this file. Since Homebrew doesn’t have 2.1.7 as an option, we’re going to take whatever 2.1.x it can give us. At the time of writing this, the version pulled was 2.1.8 which works perfectly for us.
brew install homebrew/versions/ruby21
Now, the most important part of the ruby installation…ensuring that the ruby version you are running is in fact 2.1.8.
ruby –v
If the version of ruby is not version 2.1.8, check which ruby binary is being run by default.
which ruby
If the binary being run is not the one from the usr/local/Cellar/ruby21/2.1.8/bin/ directory, then you will need to modify the ~/.bash_profile file to adjust your path.
nano ~/.bash_profile
Installing and configuring PostgreSQL
Now, time to install the backend database that Metasploit uses.
brew install postgresql --without-ossp-uuid
If the Homebrew install did NOT complete this for you, the next step is to initialize the database for first time usage.
initdb /usr/local/var/postgres
As of 9.3.5_1 it looks like the homebrew installer wraps up by running this command for you.
Ensure that PostgreSQL is set to launch on boot by issuing the following:
mkdir -p ~/Library/LaunchAgents
cp /usr/local/Cellar/postgresql/9.4.5_2/homebrew.mxcl.postgresql.plist ~/Library/LaunchAgents/
Start the PostgreSQL service:
launchctl load -w ~/Library/LaunchAgents/homebrew.mxcl.postgresql.plist
Create a new user msf and a database msf with the user msf as the owner.
createuser msf -P -h localhost
createdb -O msf msf -h localhost
Remember this password as it will be used when configuring Metasploit
Configuring VNCViewer
As Metasploit uses vncviewer for its VNC payloads, and OS X comes with a VNC client, we need to create the needed vncviewer file that will call the OS X vnc viewer.
echo '#!/usr/bin/env bash'>> /usr/local/bin/vncviewer
echo open vnc://\$1 >> /usr/local/bin/vncviewer
chmod +x /usr/local/bin/vncviewer
Installing Metasploit Framework
Installing the following gems needed for running the framework:
gem install pg sqlite3 msgpack activerecord redcarpet rspec simplecov yard bundler
Download the framework and prepare the directories:
cd /usr/local/share/
git clone https://github.com/rapid7/metasploit-framework.git
cd metasploit-framework
for MSF in $(ls msf*); do ln -s /usr/local/share/metasploit-framework/$MSF /usr/local/bin/$MSF;done
sudo chmod go+w /etc/profile
sudo echo export MSF_DATABASE_CONFIG=/usr/local/share/metasploit-framework/config/database.yml >> /etc/profile
Using brew and bundler the properly supported gems need to be installed.
bundle install
NOTE: Bundler $PATH seems to be screwed at the moment. If bundler is not in your $PATH try running it from the installed location:
$ find /usr/local/lib/ruby -type f -name bundle
/usr/local/lib/ruby/gems/2.1.0/bin/bundle
$ /usr/local/lib/ruby/gems/2.1.0/bin/bundle install
Now that the framework has been installed, and proper bundles installed. The database connection needs to be configured.
Save the following into /usr/local/share/metasploit-framework/config/database.yml replace <password> with the msf user’s password you set earlier.
vi /usr/local/share/metasploit-framework/config/database.yml
production:<br />
adapter: postgresql
database: msf
username: msf
password: <password>
host: 127.0.0.1
port: 5432
pool: 75
timeout: 5
Now that this file has been created, source bash_profile to load the variables for the database.
source /etc/profile
source ~/.bash_profile
Now, to start Metasploit Framework as YOUR USER to it initializes the schema for the database for the first time as a NON ROOT user. Run this from within the /usr/local/share/metasploit-framework directory.
./msfconsole
Once the console loads, ensure that the database is connected by issuing:
msf> db_status
it should return:
> [*] postgresql connected to msf
Installing Armitage
Execute the following commands to prepare the environment and download armitage to the correct location:
brew install pidof
curl -# -o /tmp/armitage.tgz http://www.fastandeasyhacking.com/download/armitage-latest.tgz
tar -xvzf /tmp/armitage.tgz -C /usr/local/share
bash -c "echo \'/usr/bin/java\' -jar /usr/local/share/armitage/armitage.jar \$\*" > /usr/local/share/armitage/armitage
perl -pi -e 's/armitage.jar/\/usr\/local\/share\/armitage\/armitage.jar/g' /usr/local/share/armitage/teamserver
Lastly, create sym links for Armitage:
ln -s /usr/local/share/armitage/armitage /usr/local/bin/armitage
ln -s /usr/local/armitage/teamserver /usr/local/bin/teamserver
Due to the way variables are handled when using sudo, you will need to give the –E option.
sudo –E armitage
sudo –E msfconsole