Install Metasploit Framework on Fedora 29

koromicha
|
Last Updated:
|
Security, Metasploit, Vulnerability Scanners
|
Leave a Comment

Welcome to our guide on how to install Metasploit Framework on Fedora 29. Metasploit Framework is the opensource community version of the most popular penetration testing and system security assesement software platform, Metasploit. We covered the installation of the Metasploit combined version on Ubuntu 18.04 in our previous guide.

Installing Metasploit Framework on Fedora 29

The release of nightly build version of Metasploit which provides repositories for various Linux systems has made the installation Metasploit framework on Fedora 29 a very easy process. As a result, you don’t have to worry about Metasploit framework dependencies.

Update your system

To begin with, update and upgrade your Fedora 29 server.

dnf update
dnf upgrade

Once the upgrade is done, install Metasploit framework. Rapid7 provides MSF installer script that eases this process. Hence, execute the command below to install MSF.

curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall && \
> chmod 755 msfinstall && \
> ./msfinstall

The script will basically create the Rapid 7 YUM repository and install the Metasploit framework package and all the required dependencies.

Once the installation is complete, run the msfconsole command to start Metasploit framework. Do not run this command as root user. Instead switch to a standard user and execute it.

su - amos
msfconsole

When run, it will prompt you to set up MSF database. Therefore type yes at the prompt and press enter to setup the database. Also, create an initial MSF web service account username and password.

 ** Welcome to Metasploit Framework Initial Setup **
    Please answer a few questions to get started.


Would you like to use and setup a new database (recommended)? yes
Creating database at /home/amos/.msf4/db
Starting database at /home/amos/.msf4/db...success
Creating database users
Writing client authentication configuration file /home/amos/.msf4/db/pg_hba.conf
Stopping database at /home/amos/.msf4/db
Starting database at /home/amos/.msf4/db...success
Creating initial database schema
[?] Initial MSF web service account username? [amos]: username
[?] Initial MSF web service account password? (Leave blank for random password): password
Generating SSL key and certificate for MSF web service
Attempting to start MSF web service...success
MSF web service started and online
Creating MSF web service user amos

    ############################################################
    ##              MSF Web Service Credentials               ##
    ##                                                        ##
    ##        Please store these credentials securely.        ##
    ##    You will need them to connect to the webservice.    ##
    ############################################################
MSF web service username: amos
MSF web service password: P@ssw0rd
MSF web service user API token: 374931e81a8e013d3c822b8ed980f6aaa11fe1aea5bfa560847b82db4d43350334939f43c0daa04b


MSF web service configuration complete
The web service has been configured as your default data service in msfconsole with the name "local-https-data-service"

If needed, manually reconnect to the data service in msfconsole using the command:
db_connect --token 374931e81a8e013d3c822b8ed980f6aaa11fe1aea5bfa560847b82db4d43350334939f43c0daa04b --cert /home/amos/.msf4/msf-ws-cert.pem --skip-verify https://localhost:8080

The username and password are credentials for the API account:
https://localhost:8080/api/v1/auth/account

** Metasploit Framework Initial Setup Complete **

Once the setup completes, MSF launches automatically.

 ______________________________________________________________________________
|                                                                              |
|                          3Kom SuperHack II Logon                             |
|______________________________________________________________________________|
|                                                                              |
|                                                                              |
|                                                                              |
|                 User Name:          [   security    ]                        |
|                                                                              |
|                 Password:           [               ]                        |
|                                                                              |
|                                                                              |
|                                                                              |
|                                   [ OK ]                                     |
|______________________________________________________________________________|
|                                                                              |
|                                                       https://metasploit.com |
|______________________________________________________________________________|


       =[ metasploit v5.0.3-dev-                          ]
+ -- --=[ 1852 exploits - 1045 auxiliary - 325 post       ]
+ -- --=[ 541 payloads - 44 encoders - 10 nops            ]
+ -- --=[ 2 evasion                                       ]
+ -- --=[ ** This is Metasploit 5 development branch **   ]

msf5 >

MSF is now setup and is ready to perform penetration testing as well as other system security checks.

To verify that MSF is connected to the Metasploit REST API instance created above;

msf5 > db_status 
[*] Connected to remote_data_service: (https://localhost:8080). Connection type: http. Connection name: local-https-data-service.

Noe that to execute exploits and payloads, you need to disable firewalld and SELinux.

sudo systemctl stop firewalld.service
sudo systemctl disable firewalld.service
sudo systemctl mask  firewalld.service

Disable SELinux and reboot the server for the changed to effect.

sudo sed -i 's/=enforcing/=disabled/g' /etc/selinux/config
sudo systemctl reboot

Feel free to play with MSF and explore its potential.

Other Tutorials

Install Metasploit Framework on Ubuntu 22.04/Ubuntu 20.04

Installing Metasploit on Ubuntu 18.04 LTS

SUPPORT US VIA A VIRTUAL CUP OF COFFEE

We're passionate about sharing our knowledge and experiences with you through our blog. If you appreciate our efforts, consider buying us a virtual coffee. Your support keeps us motivated and enables us to continually improve, ensuring that we can provide you with the best content possible. Thank you for being a coffee-fueled champion of our work!

Photo of author
koromicha
I am the Co-founder of Kifarunix.com, Linux and the whole FOSS enthusiast, Linux System Admin and a Blue Teamer who loves to share technological tips and hacks with others as a way of sharing knowledge as: "In vain have you acquired knowledge if you have not imparted it to others".

Related Posts

How to Install and Setup AlienVault HIDS Agent on a Windows Host

Install and Configure Squid Proxy on Fedora 29/Fedora 28/CentOS 7

Easily Integrate Linux Malware Detect with ClamAV

Install and Setup Velociraptor on Ubuntu 20.04

Install GVM 21.04 on Rocky Linux 8

Install sysPass Password Manager on Ubuntu 18.04

Leave a Comment

© 2024 kifarunix.com

Home Advertise with us Privacy Policy