In this tutorial, you will learn how to install Metasploit Framework on Ubuntu 22.04/Ubuntu 20.04 LTS. Metasploit Framework provides a platform and tools for performing deep system security auditing as well as penetration testing to unearth, exploit and validate every other would-be vulnerability.
Install Metasploit Framework on Ubuntu 22.04/Ubuntu 20.04
Metasploit is available in both the commercial and opensource version (thanks to Rapid 7 for teaming up with OSS community).
In this tutorial, we will install the opensource version of Metasploit using the Nightly build installers. The Nightly installers ship with all the dependencies required for a successful installation and all you need to do the installation is just a simple script.
Before you proceed, check the minimum system requirements.
RUn System Update
To begin with, update and upgrade your system.
sudo apt updatesudo apt upgrade -yInstall PostgreSQL Metasploit Database Backend;
Run the command below to install PostgreSQL database backend for Metasploit.
sudo apt install postgresql postgresql-contrib -yNext, run start and enable PostgreSQL service to run on boot;
sudo systemctl enable --now postgresqlDownload Metasploit Opensource Installer
If you want to install the Pro versions, installers are available on Metasploit framework wiki’s page or Metasploit Download’s page.
For our opensource versions, run the command below to download installer script.
curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstallInstall Metasploit Framework on Ubuntu
Once the download completes, make the installer executable by running the command below;
chmod +x msfinstallNext, launch the Metasploit installer.
sudo ./msfinstallThe command will create Metasploit Framework repository from where Metasploit can be installed.
According to the Wiki’s page;
Once installed, you can launch msfconsole as
/opt/metasploit-framework/bin/msfconsolefrom a terminal window, or depending on your environment, it may already be in your path and you can just run it directly. On first run, a series of prompts will help you setup a database and add Metasploit to your local PATH if it is not already.These packages integrate into your package manager and can be updated with the
msfupdatecommand, or with your package manager. On first start, these packages will automatically setup the database or use your existing database.
Sample installation command output;
Adding metasploit-framework to your repository list..OK
Updating package cache..OK
Checking for and installing update..
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
metasploit-framework
0 upgraded, 1 newly installed, 0 to remove and 142 not upgraded.
Need to get 266 MB of archives.
After this operation, 655 MB of additional disk space will be used.
Get:1 http://downloads.metasploit.com/data/releases/metasploit-framework/apt lucid/main amd64 metasploit-framework amd64 6.1.29+20220206112545~1rapid7-1 [266 MB]
Fetched 266 MB in 6min 22s (696 kB/s)
Selecting previously unselected package metasploit-framework.
(Reading database ... 71317 files and directories currently installed.)
Preparing to unpack .../metasploit-framework_6.1.29+20220206112545~1rapid7-1_amd64.deb ...
Unpacking metasploit-framework (6.1.29+20220206112545~1rapid7-1) ...
Setting up metasploit-framework (6.1.29+20220206112545~1rapid7-1) ...
update-alternatives: using /opt/metasploit-framework/bin/msfbinscan to provide /usr/bin/msfbinscan (msfbinscan) in auto mode
update-alternatives: using /opt/metasploit-framework/bin/msfconsole to provide /usr/bin/msfconsole (msfconsole) in auto mode
update-alternatives: using /opt/metasploit-framework/bin/msfd to provide /usr/bin/msfd (msfd) in auto mode
update-alternatives: using /opt/metasploit-framework/bin/msfdb to provide /usr/bin/msfdb (msfdb) in auto mode
update-alternatives: using /opt/metasploit-framework/bin/msfelfscan to provide /usr/bin/msfelfscan (msfelfscan) in auto mode
update-alternatives: using /opt/metasploit-framework/bin/msfmachscan to provide /usr/bin/msfmachscan (msfmachscan) in auto mode
update-alternatives: using /opt/metasploit-framework/bin/msfpescan to provide /usr/bin/msfpescan (msfpescan) in auto mode
update-alternatives: using /opt/metasploit-framework/bin/msfrop to provide /usr/bin/msfrop (msfrop) in auto mode
update-alternatives: using /opt/metasploit-framework/bin/msfrpc to provide /usr/bin/msfrpc (msfrpc) in auto mode
update-alternatives: using /opt/metasploit-framework/bin/msfrpcd to provide /usr/bin/msfrpcd (msfrpcd) in auto mode
update-alternatives: using /opt/metasploit-framework/bin/msfupdate to provide /usr/bin/msfupdate (msfupdate) in auto mode
update-alternatives: using /opt/metasploit-framework/bin/msfvenom to provide /usr/bin/msfvenom (msfvenom) in auto mode
Run msfconsole to get started
When the installation is done, all binary files related to Metasploit should now be under your path;
ls -1 /bin/msf*
/bin/msfbinscan
/bin/msfconsole
/bin/msfd
/bin/msfdb
/bin/msfelfscan
/bin/msfmachscan
/bin/msfpescan
/bin/msfrop
/bin/msfrpc
/bin/msfrpcd
/bin/msfupdate
/bin/msfvenom
Initialize Metasploit Database
Your Metasploit is now ready.
Create and initialize the msf database as well create the MSF web service. As non root user, run the command below
msfdb init
[?] Would you like to init the webservice? (Not Required) [no]: yes
====================================================================
Running the 'init' command for the database:
Creating database at /home/kifarunix/.msf4/db
Starting database at /home/kifarunix/.msf4/db...success
Creating database users
Writing client authentication configuration file /home/kifarunix/.msf4/db/pg_hba.conf
Stopping database at /home/kifarunix/.msf4/db
Starting database at /home/kifarunix/.msf4/db...success
Creating initial database schema
====================================================================
====================================================================
Running the 'init' command for the webservice:
[?] Initial MSF web service account username? [kifarunix]:
[?] Initial MSF web service account password? (Leave blank for random password):
Generating SSL key and certificate for MSF web service
Attempting to start MSF web service...success
MSF web service started and online
Creating MSF web service user kifarunix
############################################################
## MSF Web Service Credentials ##
## ##
## Please store these credentials securely. ##
## You will need them to connect to the webservice. ##
############################################################
MSF web service username: kifarunix
MSF web service password: password
MSF web service user API token: 2906c3a503f549528b725187f283254af87554e86fc8897b875883db3b3e6a62665cc715a583fb72
MSF web service configuration complete
The web service has been configured as your default data service in msfconsole with the name "local-https-data-service"
If needed, manually reconnect to the data service in msfconsole using the command:
db_connect --name local-https-data-service --token 2906c3a503f549528b725187f283254af87554e86fc8897b875883db3b3e6a62665cc715a583fb72 --cert /home/kifarunix/.msf4/msf-ws-cert.pem --skip-verify https://localhost:5443
The username and password are credentials for the API account:
https://localhost:5443/api/v1/auth/account
Persisting http web data service credentials in msfconsole
====================================================================
You can see other command options by running;
msfdbCheck database/web service status;
msfdb status
====================================================================
Running the 'status' command for the database:
Database started
====================================================================
====================================================================
Running the 'status' command for the webservice:
MSF web service is running as PID 83935
====================================================================
Launch Msfconsole on Ubuntu
The Metasploit Framework is available on command line. To launch it, just execute the command below;
msfconsole
______________________________________________________________________________
| |
| METASPLOIT CYBER MISSILE COMMAND V5 |
|______________________________________________________________________________|
\ / /
\ . / / x
\ / /
\ / + /
\ + / /
* / /
/ . /
X / / X
/ ###
/ # % #
/ ###
. /
. / . * .
/
*
+ *
^
#### __ __ __ ####### __ __ __ ####
#### / \ / \ / \ ########### / \ / \ / \ ####
################################################################################
################################################################################
# WAVE 5 ######## SCORE 31337 ################################## HIGH FFFFFFFF #
################################################################################
https://metasploit.com
=[ metasploit v6.1.29-dev- ]
+ -- --=[ 2197 exploits - 1164 auxiliary - 400 post ]
+ -- --=[ 596 payloads - 45 encoders - 11 nops ]
+ -- --=[ 9 evasion ]
Metasploit tip: View a module's description using
info, or the enhanced version in your browser with
info -d
msf6 >
Run Example Port Scan on msfconsole
For Example to launch TCP Scans;
- List available scanners
search portscan
msf6 > search portscan
Matching Modules
================
# Name Disclosure Date Rank Check Description
- ---- --------------- ---- ----- -----------
0 auxiliary/scanner/portscan/ftpbounce normal No FTP Bounce Port Scanner
1 auxiliary/scanner/natpmp/natpmp_portscan normal No NAT-PMP External Port Scanner
2 auxiliary/scanner/sap/sap_router_portscanner normal No SAPRouter Port Scanner
3 auxiliary/scanner/portscan/xmas normal No TCP "XMas" Port Scanner
4 auxiliary/scanner/portscan/ack normal No TCP ACK Firewall Scanner
5 auxiliary/scanner/portscan/tcp normal No TCP Port Scanner
6 auxiliary/scanner/portscan/syn normal No TCP SYN Port Scanner
7 auxiliary/scanner/http/wordpress_pingback_access normal No WordPress Pingback Locator
Interact with a module by name or index. For example info 7, use 7 or use auxiliary/scanner/http/wordpress_pingback_access
info 5
Name: TCP Port Scanner
Module: auxiliary/scanner/portscan/tcp
License: Metasploit Framework License (BSD)
Rank: Normal
Provided by:
hdm
kris katterjohn
Check supported:
No
Basic options:
Name Current Setting Required Description
---- --------------- -------- -----------
CONCURRENCY 10 yes The number of concurrent ports to check per host
DELAY 0 yes The delay between connections, per thread, in milliseconds
JITTER 0 yes The delay jitter factor (maximum value by which to +/- DELAY) in milliseconds.
PORTS 1-10000 yes Ports to scan (e.g. 22-25,80,110-900)
RHOSTS yes The target host(s), see https://github.com/rapid7/metasploit-framework/wiki/Using-Metasploit
THREADS 1 yes The number of concurrent threads (max one per host)
TIMEOUT 1000 yes The socket connect timeout in milliseconds
Description:
Enumerate open TCP services by performing a full TCP connect on each
port. This does not need administrative privileges on the source
machine, which may be useful if pivoting.
msf6 >
- Launch TCP Scans;
use 5Define the hosts range to scan;
set RHOST 192.168.59.23Sets the number of concurrent threads to use while scanning;
set THREADS 10Run the scan;
run
msf6 auxiliary(scanner/portscan/tcp) > set RHOST 192.168.59.23
RHOST => 192.168.59.23
msf6 auxiliary(scanner/portscan/tcp) > set THREADS 10
THREADS => 10
msf6 auxiliary(scanner/portscan/tcp) > run
[+] 192.168.59.23: - 192.168.59.23:22 - TCP OPEN
[+] 192.168.59.23: - 192.168.59.23:80 - TCP OPEN
[+] 192.168.59.23: - 192.168.59.23:443 - TCP OPEN
[*] 192.168.59.23: - Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
msf6 auxiliary(scanner/portscan/tcp) >
And there you go. That is all on how to install Metasploit Framework on Ubuntu.
Happy pentesting…
Read More on Getting started page.
