Follow through this guide to learn how to install Metasploit on Debian 11/Debian 10. Metasploit Framework provides a platform and tools for performing deep system security auditing as well as penetration testing to unearth, exploit and validate every other would-be vulnerability.
Table of Contents
Install Metasploit on Debian 11/Debian 10
Metasploit is available in both the commercial and opensource version (thanks to Rapid 7 for teaming up with OSS community). As such, it is upon you to choose which version to go with.
This guide presents installation of the Metasploit Free trial version. However, if you do not want to take this route, you can use the Nightly build versions. The Nightly build versions ship with all the dependencies required for a successful installation and all you need to do the installation is just a simple script.
Run System Update
Update and upgrade your system.
sudo apt updateDownload Metasploit Pro Installer
On the download’s page, click Free trial to create an account to enable you download the installer and an activation key for your Metasploit Pro version.
You can as well execute the command below to download Metasploit Pro installer.
wget https://downloads.metasploit.com/data/releases/metasploit-latest-linux-x64-installer.runInstall Metasploit
Once the download completes, make the installer executable by running the command below;
chmod +x metasploit-latest-linux-x64-installer.runNext, launch the Metasploit installer.
./metasploit-latest-linux-x64-installer.runWhen the installer runs, press Enter and scroll through the License. For the installation to proceed, you need to accept the License.
----------------------------------------------------------------------------
Welcome to the Metasploit Setup Wizard.
----------------------------------------------------------------------------
Please read the following License Agreement. You must accept the terms of this
agreement before continuing with the installation.
Press [Enter] to continue: Enter
RAPID7 END USER LICENSE AGREEMENT
...
Last Modified April 2018
Press [Enter] to continue:
Do you accept this license? [y/n]: y
Next, choose the installation folder. Press Enter to accept the default, /opt/metasploit.
----------------------------------------------------------------------------
Installation folder
Please, choose a folder to install Metasploit
Select a folder [/opt/metasploit]:
----------------------------------------------------------------------------
Install Metasploit as a service to make it easy to start started on system reboot.
----------------------------------------------------------------------------
Install as a service
You can optionally register Metasploit as a service. This way it will
automatically be started every time the machine is started.
Install Metasploit as a service? [Y/n]: y
...
Next, you are asked to disable the anti-virus and firewall solutions if any is installed on the server.
Disable Anti-Virus and Firewall
*** Disable Anti-Virus! ***
This product is not compatible with common anti-virus solutions. Before
continuing, please disable any installed anti-virus software or add an exclusion
for the Metasploit installation directory. Failure to do so can lead to a
corrupt installation and the malfunctioning of certain exploit modules.
*** Disable Firewall! ***
This product is not compatible with common firewall applications. Although it is
possible to use Metasploit with a firewall in place, a firewall will interfere
with the function of certain exploits and payloads. Please ensure that your
firewall is disabled prior to using this product for a penetration test.
Press [Enter] to continue:
----------------------------------------------------------------------------
Since Metasploit will be running as a service, define a port in which it is listening on. Press Enter to accept TCP port 3790 as the default port.
----------------------------------------------------------------------------
Metasploit Service
Please enter the port that the Metasploit service will use.
SSL Port [3790]: Enter
Set the server FQDN of your server for the purpose of SSL certificate that is generated. Set the validity of the SSL of the certificate. You can press Enter to accept the default period.
----------------------------------------------------------------------------
Generate an SSL Certificate
Please provide the fully qualified domain name of this system below (e.g.
metasploit.example.com). A certificate is generated for a specific server name
and web browsers will alert users if the name does not match.
Server Name [localhost]: msf.kifarunix-demo.com
Days of validity [3650]:
Should the generated certificate be added to the operating system's trusted
store?
Yes, trust certificate [Y/n]: y
----------------------------------------------------------------------------
Setup is now ready to begin installing Metasploit on your computer.
Do you want to continue? [Y/n]: y
After that, proceed with installing Metasploit on Debian 11/Debian 10.
Once the installation is done, you will be given a URL to access the Metasploit UI.
----------------------------------------------------------------------------
Please wait while Setup installs Metasploit on your computer.
Installing
0% ______________ 50% ______________ 100%
#########################################
----------------------------------------------------------------------------
Setup has finished installing Metasploit on your computer.
Info: To access Metasploit, go to
https://localhost:3790 from your browser.
The Metasploit is now ready to carry on its Magics.
Create Metasploit Initial User Account
To login to Metasploit UI, you need to create Metasploit initial user account by running the script below. The script will prompt you for the username and auto-generate the password. You are required to reset this password upon login.
/opt/metasploit/createuser -u kifarunix[*] User Creation Script has started, this may take a moment.
[*] Creating user 'kifarunix' with password '?#{S#87P' ...
[*] User kifarunix has been created, please change your password on login.Accessing Metasploit Web UI
To access Metasploit UI, navigate to https://<msf-server-IP>:3790, if you are not accessing it from the locally.
Note that if UFW is running, you need to open access to port 3790. You can use iptables if need be.
ufw allow 3790/tcpAdd the SSL error on the browser to exception and proceed to Metasploit UI.
Enter the activation key. You can obtain the key by submitting a request.
Once your activation is successful, you will land on Metasploit Pro web interface.
Global Settings;
You can now run a phishing campaign, quick pentest, web app test, vulnerability validation,generate payloads, e.t.c.
The Metasploit Framework is also available on command line. To launch it, just execute the command below;
msfconsole
____________
[%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%| $a, |%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%]
[%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%| $S`?a, |%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%]
[%%%%%%%%%%%%%%%%%%%%__%%%%%%%%%%| `?a, |%%%%%%%%__%%%%%%%%%__%%__ %%%%]
[% .--------..-----.| |_ .---.-.| .,a$%|.-----.| |.-----.|__|| |_ %%]
[% | || -__|| _|| _ || ,,aS$""` || _ || || _ || || _|%%]
[% |__|__|__||_____||____||___._||%$P"` || __||__||_____||__||____|%%]
[%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%| `"a, ||__|%%%%%%%%%%%%%%%%%%%%%%%%%%]
[%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%|____`"a,$$__|%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%]
[%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% `"$ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%]
[%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%]
=[ metasploit v6.1.27-dev ]
+ -- --=[ 2196 exploits - 1162 auxiliary - 400 post ]
+ -- --=[ 596 payloads - 45 encoders - 10 nops ]
+ -- --=[ 9 evasion ]
Metasploit tip: Save the current environment with the
save command, future console restarts will use this
environment again
msf6 > db_status
[*] Connected to msf3. Connection type: postgresql.
msf6 >
Great. You can now run you Pentests projects. That is all on installing Metasploit on Debian 11/Debian 10.
Happy pentesting…
