Install Metasploit on Debian 11/Debian 10

0
424
Install MetaSploit Community Versio...
Install MetaSploit Community Version on Windows 10

Follow through this guide to learn how to install Metasploit on Debian 11/Debian 10. Metasploit Framework provides a platform and tools for performing deep system security auditing as well as penetration testing to unearth, exploit and validate every other would-be vulnerability.

Install Metasploit on Debian 11/Debian 10

Metasploit is available in both the commercial and opensource version (thanks to Rapid 7 for teaming up with OSS community). As such, it is upon you to choose which version to go with.

This guide presents installation of the Metasploit Free trial version. However, if you do not want to take this route, you can use the Nightly build versions. The Nightly build versions ship with all the dependencies required for a successful installation and all you need to do the installation is just a simple script.

Run System Update

Update and upgrade your system.

sudo apt update

Download Metasploit Pro Installer

On the download’s page, click Free trial to create an account to enable you download the installer and an activation key for your Metasploit Pro version.

You can as well execute the command below to download Metasploit Pro installer.

wget https://downloads.metasploit.com/data/releases/metasploit-latest-linux-x64-installer.run

Install Metasploit on Debian 11/Debian 10

Once the download completes, make the installer executable by running the command below;

chmod +x metasploit-latest-linux-x64-installer.run

Next, launch the Metasploit installer.

./metasploit-latest-linux-x64-installer.run

When the installer runs, press Enter and scroll through the License. For the installation to proceed, you need to accept the License.

----------------------------------------------------------------------------
Welcome to the Metasploit Setup Wizard.

----------------------------------------------------------------------------
Please read the following License Agreement. You must accept the terms of this 
agreement before continuing with the installation.

Press [Enter] to continue: Enter
RAPID7 END USER LICENSE AGREEMENT
...
Last Modified April 2018

Press [Enter] to continue:

Do you accept this license? [y/n]: y

Next, choose the installation folder. Press Enter to accept the default, /opt/metasploit.

----------------------------------------------------------------------------
Installation folder

Please, choose a folder to install Metasploit

Select a folder [/opt/metasploit]: 

----------------------------------------------------------------------------

Install Metasploit as a service to make it easy to start started on system reboot.

----------------------------------------------------------------------------
Install as a service

You can optionally register Metasploit as a service. This way it will 
automatically be started every time the machine is started.

Install Metasploit as a service? [Y/n]: y
...

Next, you are asked to disable the anti-virus and firewall solutions if any is installed on the server.

Disable Anti-Virus and Firewall



*** Disable Anti-Virus! ***
This product is not compatible with common anti-virus solutions. Before 
continuing, please disable any installed anti-virus software or add an exclusion 
for the Metasploit installation directory. Failure to do so can lead to a 
corrupt installation and the malfunctioning of certain exploit modules.

*** Disable Firewall! ***
This product is not compatible with common firewall applications. Although it is 
possible to use Metasploit with a firewall in place, a firewall will interfere 
with the function of certain exploits and payloads. Please ensure that your 
firewall is disabled prior to using this product for a penetration test.
Press [Enter] to continue:

----------------------------------------------------------------------------

Since Metasploit will be running as a service, define a port in which it is listening on. Press Enter to accept TCP port 3790 as the default port.

----------------------------------------------------------------------------
Metasploit Service

Please enter the port that the Metasploit service will use.

SSL Port [3790]: Enter

Set the server FQDN of your server for the purpose of SSL certificate that is generated. Set the validity of the SSL of the certificate. You can press Enter to accept the default period.

----------------------------------------------------------------------------
Generate an SSL Certificate

Please provide the fully qualified domain name of this system below (e.g. 
metasploit.example.com). A certificate is generated for a specific server name 
and web browsers will alert users if the name does not match.

Server Name [localhost]: msf.kifarunix-demo.com

Days of validity [3650]: 

Should the generated certificate be added to the operating system's trusted 
store?

Yes, trust certificate [Y/n]: y


----------------------------------------------------------------------------
Setup is now ready to begin installing Metasploit on your computer.

Do you want to continue? [Y/n]: y

After that, proceed with installing Metasploit on Debian 11/Debian 10.

Once the installation is done, you will be given a URL to access the Metasploit UI.

----------------------------------------------------------------------------
Please wait while Setup installs Metasploit on your computer.

 Installing
 0% ______________ 50% ______________ 100%
 #########################################

----------------------------------------------------------------------------
Setup has finished installing Metasploit on your computer.

Info: To access Metasploit, go to
        https://localhost:3790 from your browser.

The Metasploit is now ready to carry on its Magics.

Create Metasploit Initial User Account

To login to Metasploit UI, you need to create Metasploit initial user account by running the script below. The script will prompt you for the username and auto-generate the password. You are required to reset this password upon login.

/opt/metasploit/createuser -u kifarunix
[*] User Creation Script has started, this may take a moment.

[*] Creating user 'kifarunix' with password '?#{S#87P' ...

[*] User kifarunix has been created, please change your password on login.

Accessing Metasploit Web UI

To access Metasploit UI, navigate to https://<msf-server-IP>:3790, if you are not accessing it from the locally.

Note that if UFW is running, you need to open access to port 3790. You can use iptables if need be.

ufw allow 3790/tcp

Add the SSL error on the browser to exception and proceed to Metasploit UI.

Install Metasploit on Debian 11/Debian 10

Enter the activation key. You can obtain the key by submitting a request.

Install Metasploit on Debian 11/Debian 10

Once your activation is successful, you will land on Metasploit Pro web interface.

Install Metasploit on Debian 11/Debian 10

Your Metasploit is now ready.

Global Settings;

Install Metasploit on Debian 11/Debian 10

You can now run a phishing campaign, quick pentest, web app test, vulnerability validation,generate payloads, e.t.c.

The Metasploit Framework is also available on command line. To launch it, just execute the command below;

msfconsole
                                                  
                                   ____________
 [%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%| $a,        |%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%]
 [%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%| $S`?a,     |%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%]
 [%%%%%%%%%%%%%%%%%%%%__%%%%%%%%%%|       `?a, |%%%%%%%%__%%%%%%%%%__%%__ %%%%]
 [% .--------..-----.|  |_ .---.-.|       .,a$%|.-----.|  |.-----.|__||  |_ %%]
 [% |        ||  -__||   _||  _  ||  ,,aS$""`  ||  _  ||  ||  _  ||  ||   _|%%]
 [% |__|__|__||_____||____||___._||%$P"`       ||   __||__||_____||__||____|%%]
 [%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%| `"a,       ||__|%%%%%%%%%%%%%%%%%%%%%%%%%%]
 [%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%|____`"a,$$__|%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%]
 [%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%        `"$   %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%]
 [%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%]


       =[ metasploit v6.1.27-dev                          ]
+ -- --=[ 2196 exploits - 1162 auxiliary - 400 post       ]
+ -- --=[ 596 payloads - 45 encoders - 10 nops            ]
+ -- --=[ 9 evasion                                       ]

Metasploit tip: Save the current environment with the 
save command, future console restarts will use this 
environment again

msf6 > db_status
[*] Connected to msf3. Connection type: postgresql.
msf6 > 

Great. You can now run you Pentests projects. That is all about how to install Metasploit on Debian 11/Debian 10.

Happy pentesting…

Other Tutorials

Install Metasploit Framework on Ubuntu 22.04/Ubuntu 20.04

Installing Metasploit on Ubuntu 18.04 LTS

LEAVE A REPLY

Please enter your comment!
Please enter your name here