Wednesday, October 2, 2013

Metasploit on BackTrack5, Revision 3 (BT5R3) - Update Issues

Metasploit on BackTrack5, Revision 3 (BT5R3)

Significantly easier than the Windows install, since you're pretty much already there. You just need to remove the broken SVN checkout and get onto the new Git hotness. If you just want the one-liner fix, scroll to the bottom of this page.

1) Load the Metasploit environment options

After opening a terminal session:

source /opt/metasploit/scripts/setenv.sh

This gets everything set in your path correctly -- namely, a path to a nicer ruby.

2) Remove the broken SVN checkout:

rm -rf /opt/metasploit/msf3 && mkdir /opt/metasploit/msf3

This is destructive, obviously. You will want to remake the directory in the same place so BackTrack doesn't loose track of where your Metasploit install lives.

3) Run the msfclone staging script from GitHub, with only a couple of minor alterations:

\curl -LO http://curl.haxx.se/ca/cacert.pem && \ 
  CURL_CA_BUNDLE=$PWD/cacert.pem curl -L http://r-7.co/UsEqxW > msfclone.rb &&  \
  MSFBASE=/opt/metasploit/msf3 ruby msfclone.rb
 
This fetches the most recent Certificate Authorities from Mozilla (hosted by those wacky curl devs), then fetches a Metasploit-upon-GitHub bootstrapper, then reinstalls Metasploit Framework as a Git repo to /opt/metasploit/msf3
Note, if you're in a restricted environment that doesn't allow connections over the Git protocol (for some reason) set a couple environment variables to use HTTPS instead:

export MSFPROTOCOL=HTTPS
export GIT=/usr/bin/git
That's it! You can now use the BackTrack menu item:

Applications > BackTrack > Exploitation > Network Exploitation > Metasploit Framework > msfconsole

Or type /opt/metasploit/msf3/msfconsole and you're off to the races. Note that using the menu item automatically connects to the database as well, so that's nice.
From this moment on, msfupdate will update using Git, not SVN, so life should be considerably better for you.
Caveat: This won't work on the LiveCD version of the BackTrack 5 ISO, looks like. There's not enough disk space by default. This only works on installed / VMWare versions of BackTrack 5

TL;DR

Copy paste this and hit [Enter] at the prompt if it looks right to you.

source /opt/metasploit/scripts/setenv.sh && \
rm -rf /opt/metasploit/msf3 && mkdir -p /opt/metasploit/msf3 && \
\curl -LO http://curl.haxx.se/ca/cacert.pem && \ 
CURL_CA_BUNDLE=$PWD/cacert.pem \curl -L http://r-7.co/UsEqxW > msfclone.rb && \
MSFBASE=/opt/metasploit/msf3 ruby msfclone.rb
Still too long? Try this, the unattended one-liner:

\curl -kL http://r-7.co/RWxizr | bash
 
If you need HTTPS instead of Git protocol, do this:

\curl -kL http://r-7.co/RWxizr | MSFPROTOCOL=HTTPS GIT=/usr/bin/git bash
 
This should work on any 4.4 or earlier installation of Metasploit. Metasploit 4.5 already uses GitHub as the primary source so there's no need to update. In fact, it'll work on Metasploit 4.5 as well, and is now being called automatically by apt-get install metasploit on B5R3 latest.

Source: github 
Posted by at

No comments:

Post a Comment

Please be gentle and nice.

Subscribe to: Post Comments (Atom)