Установка и настройка Metasploit в Debian Wheezy

Очень быстро, не вдаваясь особенно в подробности покажу как установить metasploit на Debian Wheezy. Что это и зачем нужно — читайте на вики!
Очень коротко: Metasploit Framework — удобная платформа для создания и отладки эксплойтов. Кроме того, проект включает в себя базу опкодов, архив шеллкодов и информацию по исследованиям компьютерной безопасности.

Итак, кому интересно попробовать — вперед!

root@deb13:~# curl -L https://get.rvm.io | bash -s stable --autolibs=enabled
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   184  100   184    0     0    175      0  0:00:01  0:00:01 --:--:--   181
100 20511  100 20511    0     0  12238      0  0:00:01  0:00:01 --:--:-- 12238
Downloading https://github.com/wayneeseguin/rvm/archive/stable.tar.gz
Creating group 'rvm'

Installing RVM to /usr/local/rvm/                                                                                                                      
Installation of RVM in /usr/local/rvm/ is almost complete:

  * First you need to add all users that will be using rvm to 'rvm' group,
    and logout - login again, anyone using rvm will be operating with `umask u=rwx,g=rwx,o=rx`.

  * To start using RVM you need to run `source /etc/profile.d/rvm.sh`
    in all your open shell windows, in rare cases you need to reopen all shell windows.

# Administrator,
#
#   Thank you for using RVM!
#   We sincerely hope that RVM helps to make your life easier and more enjoyable!!!
#
# ~Wayne, Michal & team.

In case of problems: http://rvm.io/help and https://twitter.com/rvm_io
root@deb13:~#

Но после этого команда rvm у меня не хотела работать, решил просто перелогиниться — помогло!

root@deb13:~# logout
black@deb13:~$ su -
password:
root@deb13:~#

Команда «увиделась» и заработала:

root@deb13:~# rvm
= rvm

* https://rvm.io/
* https://github.com/wayneeseguin/rvm/

== DESCRIPTION:

RVM is the Ruby enVironment Manager (rvm).

It manages Ruby application environments and enables switching between them.

== Installation

  curl -L https://get.rvm.io | bash -s stable --autolibs=enabled [--ruby] [--rails] [--trace]

stable     :: Install stable RVM, good for servers.
--ruby     :: Additionally install latest ruby version (MRI).
--rails    :: Install gem rails into default gemset (also installs ruby=).
--trace    :: Print trace of the installation, gist output when you have problems.
--autolibs :: Enable or disable autolibs see: https://rvm.io/rvm/autolibs

More details here: https://rvm.io/rvm/install/

== Usage

  rvm [Flags] [Options] Action [Implementation[,Implementation[,...]]

== Flags

--default         :: with 'rvm use X', sets the default ruby for new shells to X.
--debug           :: Toggle debug mode on for very verbose output.
--disable-binary  :: Install from source instead of using binaries
--trace           :: Toggle trace mode on to see EVERYTHING rvm is doing.
--force           :: Force install, removes old install & source before install.
--summary         :: Used with rubydo to print out a summary of the commands run.
--latest          :: with gemset --dump skips version strings for latest gem.
--gems            :: with uninstall/remove removes gems with the interpreter.
--docs            :: with install, attempt to generate ri after installation.
--reconfigure     :: Force ./configure on install even if Makefile already exists.
--skip-gemsets    :: with install, skip the installation of default gemsets.
--quiet-curl      :: Makes curl silent when fetching data

== Options

-v|--version     :: Emit rvm version loaded for current shell
-l|--level       :: patch level to use with rvm use / install
   --bin         :: path for binaries to be placed (~/.rvm/bin/)
-S               :: Specify a script file to attempt to load and run (rubydo)
-e               :: Execute code from the command line.
--gems           :: Used to set the 'gems_flag', use with 'remove' to remove
                    gems
--archive        :: Used to set the 'archive_flag', use with 'remove' to remove
                    archive
--patch          :: With MRI Rubies you may specify one or more full paths to
                    patches

                    for multiple, specify comma separated:

                      --patch /.../.../a.patch[%prefix],/.../.../.../b.patch

                    'prefix' is an optional argument, which will be bypassed
                    to the '-p' argument of the 'patch' command. It is separated
                    from patch file name with '%' symbol.
-C|--configure   :: custom configure options. If you need to pass several
                    configure options then append them comma separated:

                      -C --...,--...,--...

--nice           :: process niceness (for slow computers, default 0)
--ree-options    :: Options passed directly to ree's './installer' on the
                    command line.
--with-rubies    :: Specifies a string for rvm to attempt to expand for set
                    operations.

== Action

(Note: for most actions, '
rvm help action-name' may provide more information.)

*usage*     :: show this usage information
version     :: show the rvm version installed in rvm_path
use         :: setup current shell to use a specific ruby version
reload      :: reload rvm source itself (useful after changing rvm source)
implode     :: (seppuku) removes the rvm installation completely.

               This means everything in $rvm_path (~/.rvm || /usr/local/rvm).

               This does not touch your profiles. However, this means that you
               must manually clean up your profiles and remove the lines which
               source RVM.
get         :: {head,stable} upgrades rvm to latest head or stable version.

               Check '
rvm help get' for more details.

               (If you experience bugs try this first with head version, then
               ask for help in #rvm on irc.freenode.net and hang around)
reset       :: remove current and stored default & system settings.

               (If you experience odd behavior try this second)
info        :: show the *current* environment information for current ruby
current     :: print the *current* ruby version and the name of any gemset
               being used.
debug       :: show info plus additional information for common issues

install     :: install one or many ruby versions

               See also: https://rvm.io/rubies/installing/
uninstall   :: uninstall one or many ruby versions, leaves their sources
remove      :: uninstall one or many ruby versions and remove their sources
reinstall   :: reinstall ruby and runs gem pristine on all gems,
               make sure to read output, use '
all' for all rubies.

migrate     :: Lets you migrate all gemsets from one ruby to another.
upgrade     :: Lets you upgrade from one version of a ruby to another, including
               migrating your gemsets semi-automatically.

wrapper     :: generates a set of wrapper executables for a given ruby with the
               specified ruby and gemset combination. Used under the hood for
               passenger support and the like.

cleanup     :: Lets you remove stale source folders / archives and other
               miscellaneous data associated with rvm.
repair      :: Lets you repair parts of your environment e.g. wrappers, env
               files and and similar files (e.g. general maintenance).
fix-permissions :: Repairs broken permissions (e.g. by sudo or chef)
osx-ssl-certs :: Helps update certificates for OpenSSL installed by rvm on OSX.
snapshot    :: Lets you backup / restore an rvm installation in a lightweight
               manner.

alias       :: Lets you set shortcut strings for convenience with '
rvm use'.
disk-usage  :: Tells you how much disk space rvm install is using.
tools       :: Provides general information about the ruby environment,
               primarily useful when scripting rvm.
docs        :: Tools to make installing ri and rdoc documentation easier.
rvmrc       :: Tools related to managing rvmrc trust and loading.
patchset    :: Tools related to managing ruby patchsets.

do          :: runs an arbitrary command against specified and/or all rubies
cron        :: Manages setup for using ruby in cron tasks.

gemset      :: gemsets: https://rvm.io/gemsets/

rubygems    :: Switches the installed version of rubygems for the current ruby.

config-get  :: display values for RbConfig::CONFIG variables.
gemdir      :: display the path to the current gem directory (GEM_HOME).


fetch       :: Performs an archive / src fetch only of the selected ruby.
list        :: show currently installed rubies, interactive output.

               https://rvm.io/rubies/list/
autolibs    :: Controls settings for automatically installing dependencies.
pkg         :: Install a dependency package {readline,iconv,zlib,openssl}

               https://rvm.io/packages/
notes       :: Display notes, with operating system specifics.

export      :: Temporarily set an environment variable in the current shell.
unexport    :: Undo changes made to the environment by '
rvm export'.
requirements  :: Installs additional OS specific dependencies/requirements for
                 building various rubies. Usually run by install.
mount       :: Install rubies from external locations.

user        :: Tools for managing RVM mixed mode in multiuser installations.
group       :: Tools for managing groups in multiuser installations.

== Implementation

*ruby*     :: MRI/YARV Ruby (The Gold Standard) {1.8.6,1.8.7,1.9.1,1.9.2...}
jruby      :: JRuby, Ruby interpreter on the Java Virtual Machine.
rbx        :: Rubinius
ree        :: Ruby Enterprise Edition, MRI Ruby with several custom
              patches for performance, stability, and memory.
macruby    :: MacRuby, insanely fast, can make real apps (Mac OS X Only).
maglev     :: GemStone Ruby, awesome persistent ruby object store.
ironruby   :: IronRuby, NOT supported yet. Looking for volunteers to help.
system     :: use the system ruby (eg. pre-rvm state)
default    :: use the default ruby (or the system ruby if a default hasn'
t been set).

              https://rvm.io/rubies/default/

== Resources:

https://rvm.io/
https://www.pivotaltracker.com/projects/26822

== Contributions:

Any and all contributions offered in any form, past present or future, to the
RVM project are understood to be in complete agreement and acceptance with the
Apache License v2.0.

== LICENSE:

Copyright (c) 2009-2011 Wayne E. Seguin
Copyright (c) 2011-2014 Michal Papis

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

  Action documentation available with 'rvm help action-name':                                                                                          

      alias autolibs cleanup config-get cron current debug disk-usage do docs fetch fix-permissions gemdir gemset get group implode info install list migrate mount notes osx-ssl-certs patchset pkg prepare reinstall remove repair requirements reset rubygems rvmrc rvmrc/to rvmrc/warning snapshot srcdir tools uninstall upgrade use user wrapper  

  Other topics of documentation available with 'rvm help topic':                                                                                      

      alt color upgrade-notes                                                                                                                          
                                                                                                                                                       

  For additional information please visit RVM's documentation website:                                                                                

      https://rvm.io/                                                                                                                                  

  If you still cannot find an answer to your question, find                                                                                            
  '
wayneeseguin', 'mpapis', 'richo', 'lemoinem' or 'rys' in #rvm on irc.freenode.net:                                                                  

      http://webchat.freenode.net/?channels=rvm

Собственно, rvm нам нужен для установки подходящей версии ruby

root@deb13:~# rvm install ruby-1.9.3-p484
Searching for binary rubies, this might take some time.
Found remote file https://rvm.io/binaries/debian/7/x86_64/ruby-1.9.3-p484.tar.bz2
Checking requirements for debian.
Requirements installation successful.
ruby-1.9.3-p484 - #configure
ruby-1.9.3-p484 - #download
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 13.5M  100 13.5M    0     0   482k      0  0:00:28  0:00:28 --:--:--  462k
ruby-1.9.3-p484 - #validate archive
ruby-1.9.3-p484 - #extract
ruby-1.9.3-p484 - #validate binary
ruby-1.9.3-p484 - #setup
ruby-1.9.3-p484 - #making binaries executable..
ruby-1.9.3-p484 - #downloading rubygems-2.2.2
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  404k  100  404k    0     0   227k      0  0:00:01  0:00:01 --:--:--  231k
No checksum for downloaded archive, recording checksum in user configuration.
ruby-1.9.3-p484 - #extracting rubygems-2.2.2...
ruby-1.9.3-p484 - #removing old rubygems.........
ruby-1.9.3-p484 - #installing rubygems-2.2.2...............
ruby-1.9.3-p484 - #gemset created /usr/local/rvm/gems/ruby-1.9.3-p484@global
ruby-1.9.3-p484 - #importing gemset /usr/local/rvm/gemsets/global.gems.............................................
ruby-1.9.3-p484 - #generating global wrappers.........
ruby-1.9.3-p484 - #gemset created /usr/local/rvm/gems/ruby-1.9.3-p484
ruby-1.9.3-p484 - #importing gemsetfile /usr/local/rvm/gemsets/default.gems evaluated to empty gem list
ruby-1.9.3-p484 - #generating default wrappers.........

Теперь установим сам metasploit, точнее склоним его с github:

root@deb13:~# source /usr/local/rvm/scripts/rvm
root@deb13:~# mkdir /root/msf
root@deb13:~# cd msf/
root@deb13:~/msf# git clone https://github.com/rapid7/metasploit-framework.git
Cloning into 'metasploit-framework'...
remote: Reusing existing pack: 244159, done.
remote: Total 244159 (delta 0), reused 0 (delta 0)
Receiving objects: 100% (244159/244159), 226.63 MiB | 5.16 MiB/s, done.
Resolving deltas: 100% (171835/171835), done.

Установим необходимую библиотеку ruby

root@deb13:~/msf# gem install bundle
Fetching: bundle-0.0.1.gem (100%)
Successfully installed bundle-0.0.1
Installing ri documentation for bundle-0.0.1
1 gem installed
root@deb13:~/msf# cd /root/msf/metasploit-framework
ruby-1.9.3-p484 - #gemset created /usr/local/rvm/gems/ruby-1.9.3-p484@metasploit-framework
ruby-1.9.3-p484 - #generating metasploit-framework wrappers...........
root@deb13:~/msf/metasploit-framework# bundle install
Fetching gem metadata from https://rubygems.org/.........
Fetching gem metadata from https://rubygems.org/..
Installing rake (10.1.0)
Installing i18n (0.6.5)
Installing multi_json (1.0.4)
Installing activesupport (3.2.14)
Installing builder (3.0.4)
Installing activemodel (3.2.14)
Installing arel (3.0.2)
Installing tzinfo (0.3.37)
Installing activerecord (3.2.14)
Installing bcrypt (3.1.7)
Installing database_cleaner (1.1.1)
Installing diff-lcs (1.2.4)
Installing factory_girl (4.2.0)
Installing fivemat (1.2.1)
Installing json (1.8.0)
Installing pg (0.16.0)
Installing metasploit_data_models (0.17.0)
Installing mini_portile (0.5.1)
Installing msgpack (0.5.5)
Installing network_interface (0.0.1)
Installing nokogiri (1.6.0)
Installing packetfu (1.1.9)
Installing pcaprub (0.11.3)
Installing redcarpet (3.0.0)
Installing rkelly-remix (0.0.6)
Installing robots (0.10.1)
Installing rspec-core (2.14.5)
Installing rspec-expectations (2.14.2)
Installing rspec-mocks (2.14.3)
Installing rspec (2.14.1)
Installing shoulda-matchers (2.3.0)
Installing simplecov-html (0.5.3)
Installing simplecov (0.5.4)
Installing timecop (0.6.3)
Installing yard (0.8.7)
Using bundler (1.3.5)
Your bundle is complete!
Use `bundle show [gemname]` to see where a bundled gem is installed.

Для обмена полученными данными между различными инструментами в metasploit есть возможность работать с БД. Подготовим postgresql для этого:

root@deb13:~/msf/metasploit-framework# su - postgres
postgres@deb13:~$ createuser msfuser -P
Введите пароль для новой роли:
Повторите его:
Должна ли новая роль иметь полномочия суперпользователя? (y - да/n - нет) n
Новая роль должна иметь право создавать базы данных? (y - да/n - нет) n
Новая роль должна иметь право создавать другие роли? (y - да/n - нет) n
postgres@deb13:~$ createdb --owner=msfuser msfdb
postgres@deb13:~$ exit
logout
root@deb13:~/msf/metasploit-framework#

База подготовлена, пробуем запустить metasploit, а также настроить подключение metasploit к БД postgresql имея такие данные:
database: msfdb
user: msfuser
pass: T55RnMRLUArL
server: 127.0.0.1

root@deb13:~/msf/metasploit-framework# ./msfconsole
IIIIII    dTb.dTb        _.---._
  II     4'  v  'B   .'"".'/|\`.""'.
  II     6.     .P  :  .'
/ | \ `.  :
  II     'T;. .;P'  '.'  /  |  \  `.'
  II      '
T; ;P'    `. /   |   \ .'
IIIIII     'YvP'       `-.__|__.-'

I love shells --egypt


       =[ metasploit v4.9.2-dev [core:4.9 api:1.0] ]
+ -- --=[ 1294 exploits - 695 auxiliary - 207 post ]
+ -- --=[ 335 payloads - 35 encoders - 8 nops      ]

msf > db_status
[*] postgresql selected, no connection
msf > db_connect msfuser:T55RnMRLUArL@127.0.0.1:5432/msfdb
ЗАМЕЧАНИЕ:  CREATE TABLE создаст последовательность "hosts_id_seq" для колонки serial "hosts.id"
ЗАМЕЧАНИЕ:  CREATE TABLE / PRIMARY KEY создаст неявный индекс "hosts_pkey" для таблицы "hosts"
ЗАМЕЧАНИЕ:  CREATE TABLE создаст последовательность "clients_id_seq" для колонки serial "clients.id"
ЗАМЕЧАНИЕ:  CREATE TABLE / PRIMARY KEY создаст неявный индекс "clients_pkey" для таблицы "clients"
....... тут много пропускаю ........
ЗАМЕЧАНИЕ:  ALTER TABLE / ADD PRIMARY KEY создаст неявный индекс "hosts_tags_pkey" для таблицы "hosts_tags"
ЗАМЕЧАНИЕ:  CREATE TABLE создаст последовательность "task_sessions_id_seq" для колонки serial "task_sessions.id"
ЗАМЕЧАНИЕ:  CREATE TABLE / PRIMARY KEY создаст неявный индекс "task_sessions_pkey" для таблицы "task_sessions"
[*] Rebuilding the module cache in the background...
msf > db_status
[*] postgresql connected to msfdb
msf > Interrupt: use the '
exit' command to quit
msf >

Ну вот и все! Metasploit полностью установлен, настроен и готов к бою!

Хай щастить!

  1. Комментов пока нет

  1. Трэкбэков пока нет.

Why ask?