如果要使用metasploit的高级功能或进行扩展开发的话,最好还是在linux下用。windows下的installer固然很方便,
但如果想要配合mysql数据库的话就太难了,说白了,metasploit在windows下的安装程序,其实就是在windows下
装了个 cygwin,模拟linux环境,速度奇慢不说,运行exploit还容易出错。最恼人的还是cygwin下与windows中mysql
数据库的连接问题,想装ruby-mysql,一个接一个的报错让人疯掉,浪费那么多时间真的不值。
########################################################
PART1
试验成功的版本:
OS:debian5.0.3, ubuntu8.04
mysql: 5.0.67, 5.0.51
ruby: 1.9.1
metasploit: 3.4.0
########################################################
PART2
总体步骤:
1. 安装mysql5.0.*,及开发包libmysqlclient15-dev
2.安装ruby1.9.1,rubygem,(rails), ruby-mysql 2.8.1
3.安装metasloit
1. 安装mysql5.0.*,及开发包libmysqlclient15-dev
apt-get ...
若不行,就去mysql官网下载安装包或源码包。
2. 安装ruby1.9.1,两种方法
(1)参照RUBY官网说明,apt-get install ruby1.9.1-full
(2)源码安装
先装依赖,再装ruby解释器
apt-get install build-essential libreadline-dev,libz-dev,autoconf,bison
从debian官网下载ruby源码包或.deb文件。http://packages.qa.debian.org/r/ruby1.9.1.html http://packages.debian.org/search?searchon=sourcenames&keywords=ruby1.9 事后发现下载的包里包含了相关依赖,上面的apt-get也许就不用了。
注:从ruby官网上下的包可能安装不成功,如果依赖没装齐的话。
3.源码安装metasploit3.4.0
先下载源码,再参照安装文档说明的步骤(前面步骤可跳过)进行安装。
Installation on Ubuntu Linux¶
The Metasploit Framework is well-supported on the Ubuntu platform. The following instructions should also apply to Kubuntu, Xubuntu, and Debian.
If these instructions do not work for your version of Ubuntu, please try the Generic Linux instructions instead.
Dependencies¶
Install the Ruby dependencies:
$ sudo apt-get install ruby libopenssl-ruby libyaml-ruby libdl-ruby libiconv-ruby libreadline-ruby irb ri rubygems
Install the Subversion client:
$ sudo apt-get install subversion
In order to build the native extensions (pcaprub, lorcon2, etc), the following packages need to be installed:
$ sudo apt-get build-dep ruby $ sudo apt-get install ruby-dev libpcap-dev
Database support¶
In order to use the database functionality, RubyGems along with the appropriate drivers must be installed:
$ sudo apt-get install rubygems libsqlite3-dev $ sudo gem install sqlite3-ruby
Or for MySQL:
$ sudo apt-get install rubygems libmysqlclient-dev $ sudo gem install mysql
Framework¶
Once the dependencies have been installed, download the Unix tarball from the download page and run the following commands:
$ tar xf framework-3.X.tar.gz $ sudo mkdir -p /opt/metasploit3 $ sudo cp -a msf3/ /opt/metasploit3/msf3 $ sudo chown root:root -R /opt/metasploit3/msf3 $ sudo ln -sf /opt/metasploit3/msf3/msf* /usr/local/bin/
Extensions¶
The framework includes a few native Ruby extensions that must be compiled in order to use certain types of modules.
To enable raw socket modules:
$ sudo apt-get install libpcap-dev $ sudo bash # cd /opt/metasploit3/msf3/external/pcaprub/ # ruby extconf.rb # make && make install
To enable WiFi modules:
$ sudo bash # cd /opt/metasploit3/msf3/external/ruby-lorcon2/ # svn co https://802.11ninja.net/svn/lorcon/trunk lorcon2 # cd lorcon2 # ./configure --prefix=/usr && make && make install # cd .. # ruby extconf.rb # make && make install
Updates¶
The Metasploit Framework is updated daily with the latest exploits, payloads, features, and bug fixes. To update your installation of the framework:
$ sudo svn update /opt/metasploit3/msf3/
This can also be installed into the root user's crontab:
$ sudo crontab -e -u root # enter the line below 1 * * * * /usr/bin/svn update /opt/metasploit3/msf3/ >> /var/log/msfupdate.log 2>&1
注:安装过程中,lorcon2可能更新失败,这是由于svn地址及参数错误,可goole一下lorcon,在其官网上找到正确的svn地址。
运行msfconsole会提示openssl-ruby没有安装,许多功能无法使用。。。
我尝试用apt-get install libopenssl-ruby1.9不行,就源码安装了,参考一位网友的做法(已转载至ruby栏目)。
成功运行后的界面如下:
msf > db_driver mysql
[*] Using database driver mysql
msf > db_driver
[*] Active Driver: mysql
[*] Available: mysql
[*] DB Support: Enable the sqlite3 driver with the following command:
[*] $ gem install sqlite3-ruby
[-] Note that sqlite is not supported due to numerous issues.
[-] It may work, but don't count on it
[*] DB Support: Enable the postgresql driver with the following command:
[*] * This requires libpq-dev and a build environment
[*] $ gem install postgres
[*] $ gem install pg # is an alternative that may work
msf > db_connect
[*] Usage: db_connect <user:pass>@<host:port>/<database>
[*] Examples:
[*] db_connect user@metasploit3
[*] db_connect user:pass@192.168.0.2/metasploit3
[*] db_connect user:pass@192.168.0.2:1500/metasploit3
msf > db_connect admin:0@msf3
msf > db_nmap
[*] Usage: db_nmap [nmap options]
msf > db_nmap 192.168.0.1
Starting Nmap 4.62 ( http://nmap.org ) at 2010-07-10 01:12 CST
Interesting ports on 192.168.0.1:
Not shown: 1708 closed ports
PORT STATE SERVICE
21/tcp open ftp
80/tcp open http
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
912/tcp open unknown
3306/tcp open mysql
MAC Address: 00:50:56:C0:00:01 (VMWare)
msfconsole已在本机成功创建一批数据库表,nmap的扫描结果就存放其中。。。