
White hat or Black hat, hacking demands good grasp of all sysadmin works. The usage style we show on this website are intended for testing security of own servers – that is white hat way. We have a list of essential security tools for GNU/Linux servers. Metasploit framework needs Ruby, Postgre SQL, Java etc. Here is how to install Metasploit on Ubuntu 16.04 LTS to test security of servers.

Off Topic Warning : I am not teaching you moral science. Guides on this website are not designed to confer security a real black hat hacker needs in real situation. For black hat hacking you really need custom hardware and someone’s internet connection as long you are not working as Governmental agent for developing spyware, data theft etc. Goverment black hat can go up to sending some army and pushing few bullets inside your head upon suspicion, anger etc. Not funny.

How To Install Metasploit on Ubuntu 16.04 LTS To Test Security

We need to update, upgrade and install the dependencies :

Advertisement ---

apt update apt upgrade apt install build-essential libreadline-dev libssl-dev libpq5 libpq-dev libreadline5 libsqlite3-dev libpcap-dev git-core autoconf postgresql pgadmin3 curl zlib1g-dev libxml2-dev libxslt1-dev vncviewer libyaml-dev curl zlib1g-dev 1 2 3 apt update apt upgrade apt install build - essential libreadline - dev libssl - dev libpq5 libpq - dev libreadline5 libsqlite3 - dev libpcap - dev git - core autoconf postgresql pgadmin3 curl zlib1g - dev libxml2 - dev libxslt1 - dev vncviewer libyaml - dev curl zlib1g - dev

We will install Oracle Java :

sudo add-apt-repository -y ppa:webupd8team/java apt update apt install oracle-java8-installer 1 2 3 sudo add - apt - repository - y ppa : webupd8team / java apt update apt install oracle - java8 - installer

We need to install nmap, we can run :

apt install nmap 1 apt install nmap

Or can build from source :

cd /opt git clone https://github.com/nmap/nmap.git cd nmap ./configure make sudo make install make clean 1 2 3 4 5 6 7 cd / opt git clone https : / / github . com / nmap / nmap . git cd nmap . / configure make sudo make install make clean

We will install Ruby (using RVM; if you are new to Ruby, you can perform a search on how to install Ruby), I install in this way on server (I used same steps for Nikto & WPScan). Make sure all dependencies are installed :

apt install libcurl4-openssl-dev libxml2 libxml2-dev libxslt1-dev ruby-dev build-essential libgmp-dev zlib1g-dev 1 apt install libcurl4 - openssl - dev libxml2 libxml2 - dev libxslt1 - dev ruby - dev build - essential libgmp - dev zlib1g - dev

We can install with RVM, this is unsafe method, not really for production website for other purpose but unlikely to give any warning or issue, you’ll run as root :

cd ~ curl -sSL https://rvm.io/mpapis.asc | gpg --import - gpg --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 \curl -sSL https://get.rvm.io | bash -s stable --rails source /usr/local/rvm/scripts/rvm echo "source /usr/local/rvm/scripts/rvm" >> ~/.bashrc source ~/.bashrc rvm install 2.4.0 rvm use 2.4.0 --default echo "gem: --no-ri --no-rdoc" > ~/.gemrc git clone https://github.com/wpscanteam/wpscan.git cd wpscan gem install bundler bundle install --without test 1 2 3 4 5 6 7 8 9 10 11 12 13 14 cd ~ curl - sSL https : / / rvm . io / mpapis . asc | gpg -- import - gpg -- keyserver hkp : / / keys . gnupg . net -- recv - keys 409B6B1796C275462A1703113804BB82D39DC0E3 \ curl - sSL https : / / get . rvm . io | bash - s stable -- rails source / usr / local / rvm / scripts / rvm echo "source /usr/local/rvm/scripts/rvm" >> ~ / . bashrc source ~ / . bashrc rvm install 2.4.0 rvm use 2.4.0 -- default echo "gem: --no-ri --no-rdoc" > ~ / . gemrc git clone https : / / github . com / wpscanteam / wpscan . git cd wpscan gem install bundler bundle install -- without test

Next step is preparing PosgreSQL, a detailed guide here :

https://fedoraproject.org/wiki/Metasploit_Postgres_Setup 1 https : / / fedoraproject . org / wiki / Metasploit_Postgres_Setup

In short, you need to run these commands, where msf is database name, username :

sudo -s su postgres createuser msf -P -S -R -D createdb -O msf msf exit exit 1 2 3 4 5 6 sudo - s su postgres createuser msf - P - S - R - D createdb - O msf msf exit exit

As final step, install Metaexploit framework :

cd /opt sudo git clone https://github.com/rapid7/metasploit-framework.git sudo chown -R `whoami` /opt/metasploit-framework cd metasploit-framework rvm --default use ruby-${RUByVERSION}@metasploit-framework gem install bundler bundle install sudo bash -c 'for MSF in $(ls msf*); do ln -s /opt/metasploit-framework/$MSF /usr/local/bin/$MSF;done' 1 2 3 4 5 6 7 8 cd / opt sudo git clone https : / / github . com / rapid7 / metasploit - framework . git sudo chown - R ` whoami ` / opt / metasploit - framework cd metasploit - framework rvm -- default use ruby - $ { RUByVERSION } @metasploit - framework gem install bundler bundle install sudo bash - c 'for MSF in $(ls msf*); do ln -s /opt/metasploit-framework/$MSF /usr/local/bin/$MSF;done'

Armitage is a Java tool for management from Desktop with GUI or VNC :

http://www.fastandeasyhacking.com 1 http : / / www . fastandeasyhacking . com

Of course there is official guide :

https://github.com/rapid7/metasploit-framework/wiki/Setting-Up-a-Metasploit-Development-Environment 1 https : / / github . com / rapid7 / metasploit - framework / wiki / Setting - Up - a - Metasploit - Development - Environment

If you run :

msfconsole 1 msfconsole

Metaexploit framework will start and you’ll get a command prompt like this:

msf > 1 msf >

Tagged With

This Article Has Been Shared 730 Times! Pinterest

About Abhishek Ghosh Abhishek Ghosh is a Businessman, Orthopaedic Surgeon, Author and Blogger. You can keep touch with him on Twitter - @AbhishekCTRL.