Installing Metasploit Framework on Ubuntu 18.04 LTS and Debian 7

This Guide covers the installation of Metasploit Framework OSS Project on Ubuntun Linux LTS. If you do not wish to run the Open Source version or set up a development environment and do not mind giving your email address to Rapid 7 for marketing I would recommend downloading their commercial installer from http://www.metasploit.com/ for Metasploit Express and Pro.

If you prefer an all in one installer only for framework the Metasploit team offers nightly built installers at https://github.com/rapid7/metasploit-framework/wiki/Nightly-Installers making a quick setup a breeze if you do not plan to pull separate branches to test experimental code or do development.

Install Oracle Java 8

We start by adding the Oracle Java Package source

sudo add-apt-repository -y ppa:webupd8team/java

Once added we can install the latest version

sudo apt-get update sudo apt-get -y install oracle-java8-installer

Installing Dependencies

We start by making sure that we have the latest packages by updating the system using apt-get:

sudo apt-get update sudo apt-get upgrade

Now that we know that we are running an updated system we can install all the dependent packages that are needed by Metasploit Framework:

sudo apt-get install build-essential libreadline-dev libssl-dev libpq5 libpq-dev libreadline5 libsqlite3-dev libpcap-dev git-core autoconf postgresql pgadmin3 curl zlib1g-dev libxml2-dev libxslt1-dev libyaml-dev curl zlib1g-dev gawk bison libffi-dev libgdbm-dev libncurses5-dev libtool sqlite3 libgmp-dev gnupg2 dirmngr

Installing a Proper Version of Ruby

The distribution sadly does not comes by default with a proper version of Linux for us to use with Metasploit Framework and we will have to download and compile a proper one. There 2 mains ways recommended for this are using RVM or rbenv (Do not install both choose one or the other). If installing using RVM be warned that symlinks will not work do to the way it places the binary stubs of the metasploit-framework gem

Installing Ruby using RVM:

gpg2 --keyserver hkp://pool.sks-keyservers.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB curl -L https://get.rvm.io | bash -s stable source ~/.rvm/scripts/rvm echo "source ~/.rvm/scripts/rvm" >> ~/.bashrc source ~/.bashrc RUBYVERSION=$(wget https://raw.githubusercontent.com/rapid7/metasploit-framework/master/.ruby-version -q -O - ) rvm install $RUBYVERSION rvm use $RUBYVERSION --default ruby -v

Installing Ruby using rbenv:

cd ~ git clone git://github.com/sstephenson/rbenv.git .rbenv echo 'export PATH="$HOME/.rbenv/bin:$PATH"' >> ~/.bashrc echo 'eval "$(rbenv init -)"' >> ~/.bashrc exec $SHELL git clone git://github.com/sstephenson/ruby-build.git ~/.rbenv/plugins/ruby-build echo 'export PATH="$HOME/.rbenv/plugins/ruby-build/bin:$PATH"' >> ~/.bashrc # sudo plugin so we can run Metasploit as root with "rbenv sudo msfconsole" git clone git://github.com/dcarley/rbenv-sudo.git ~/.rbenv/plugins/rbenv-sudo exec $SHELL RUBYVERSION=$(wget https://raw.githubusercontent.com/rapid7/metasploit-framework/master/.ruby-version -q -O - ) rbenv install $RUBYVERSION rbenv global $RUBYVERSION ruby -v

Installing Nmap

One of the external tools that Metasploit uses for scanning that is not included with the sources is Nmap. Here we will cover downloading the latest source code for Nmap, compiling and installing: