How to Install Metasploit Framework on Ubuntu Linux

|

|

The tutorial provides a step-by-step guide on how to install the Metasploit Framework, a popular open-source penetration testing tool, on Ubuntu 18.04 and 16.04. The installation process involves updating the Ubuntu system, downloading and installing the framework from the Rapid7 site, and setting up a new database.

This brief tutorial shows students and new users how to install Metasploit Framework on Ubuntu 18.04 | 16.04.

Metasploit Framework is one of the most popular open-source penetration testing tools used by security professionals and ethical hackers worldwide. It is an extensive tool that can help you find vulnerabilities, manage security assessments, improve security awareness, and perform other security testing tasks.

Installing Metasploit Framework on Ubuntu Linux can help you create a secure and powerful environment for running security tests and assessments. It is easy to install and provides you with all the necessary dependencies that you need to run Metasploit Framework smoothly.

Furthermore, using Ubuntu Linux as your operating system provides a secure and reliable platform to perform security testing tasks.

For more about Metasploit, please visit its homepage.

Update Ubuntu

Before installing packages on Ubuntu, updating the system is recommended. To do that, run the commands below:

sudo apt update
sudo apt dist-upgrade
sudo apt autoremove

Install Metasploit Framework

Now that Ubuntu has been updated, you can continue installing Metasploit.

The easiest way to get the Metasploit Framework is to download the installer from the Rapid7 site. Using the installer, all the necessary dependencies are installed and configured for you during the installation process.

To get the installer, run the commands below:

cd /tmp
curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall

After downloading the installer, simply run the commands below to make it executable, then install it.

chmod +x msfinstall
sudo ./msfinstall

The prompt asks if you want to use and set up a new database. Type y or yes to run the initial configuration script to create the database.

To check to see if the database was set up, run the following command:

db_status

If the Metasploit Framework successfully connected to the database, the following status displays:

Output:
[*] postgresql connected to msf

If you did not opt to create a database when msfconsole loaded for the first time, you could use the msfdb script to configure postgresql to run as your local user and store the database in ~/.msf4/db/.

To enable and start using the local database, run the commands below:

msfdb init

After successfully installing, you will end up with a message similar to the one below:

Creating database users
Writing client authentication configuration file /home/richard/.msf4/db/pg_hba.conf
Stopping database at /home/richard/.msf4/db
Starting database at /home/richard/.msf4/db.success
Creating initial database schema
[?] Initial MSF web service account username? [richard]: 
[?] Initial MSF web service account password? (Leave blank for random password): 
Generating SSL key and certificate for MSF web service
Attempting to start MSF web service.success
MSF web service started and online
Creating MSF web service user richard

    ############################################################
    ##              MSF Web Service Credentials               ##
    ##                                                        ##
    ##        Please store these credentials securely.        ##
    ##    You will need them to connect to the webservice.    ##
    ############################################################

MSF web service username: richard
MSF web service password: user_password_here
MSF web service user API token: 551f065fee5e690113b004354f7ccea274491ab7598ef26ec0253c8f8706fde4c634b04404863857

MSF web service configuration complete
The web service has been configured as your default data service in msfconsole with the name "local-https-data-service"

If needed, manually reconnect to the data service in msfconsole using the command:
db_connect --token 551f065fee5e690113b004354f7ccea274491ab7598ef26ec0253c8f8706fde4c634b04404863857 --cert /home/richard/.msf4/msf-ws-cert.pem --skip-verify https://localhost:5443

The username and password are credentials for the API account:
https://localhost:5443/api/v1/auth/account

Now that the database is initialized, run the commands below to configure Metasploit.

msfconsole

After running that, you should get a screen similar to the one below:

                                                  
               .;lxO0KWWWWK0Oxl:.
           ,o0WMMMMMMMMMMMMMMMMMMKd,
        'xNMMMMMMMMMMMMMMMMMMMMMMMMMWx,
      :KMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMK:
    .KMMMMMMMMMMMMMMMWNNNWMMMMMMMMMMMMMMMX,
   lWMMMMMMMMMMMXd:.     .;dKMMMMMMMMMMMMo
  xMMMMMMMMMMWd.               .oNMMMMMMMMMMk
 oMMMMMMMMMMx.                    dMMMMMMMMMMx
.WMMMMMMMMM:                       :MMMMMMMMMM,
xMMMMMMMMMo                         lMMMMMMMMMO
NMMMMMMMMW                    ,cccccoMMMMMMMMMWlccccc;
MMMMMMMMMX                     ;KMMMMMMMMMMMMMMMMMMX:
NMMMMMMMMW.                      ;KMMMMMMMMMMMMMMX:
xMMMMMMMMMd                        ,0MMMMMMMMMMK;
.WMMMMMMMMMc                         'OMMMMMM0,
 lMMMMMMMMMMk.                         .kMMO'
  dMMMMMMMMMMWd'                         .
   cWMMMMMMMMMMMNxc'.                ##########
    .0MMMMMMMMMMMMMMMMWc            #+#    #+#
      ;0MMMMMMMMMMMMMMMo.          +:+
        .dNMMMMMMMMMMMMo          +#++:++#+
           'oOWMMMMMMMMo                +:+
               .,cdkO0K;        :+:    :+:                                
                                :::::::+:
                      Metasploit

       =[ metasploit v5.0.82-dev-                         ]
+ -- --=[ 1988 exploits - 1089 auxiliary - 339 post       ]
+ -- --=[ 559 payloads - 45 encoders - 10 nops            ]
+ -- --=[ 7 evasion                                       ]

Metasploit tip: Use the edit command to open the currently active module in your editor

msf5 > 

To update your Metasploit, run the commands below:

sudo msfupdate

To check the version installed, simply run the commands below:

msfconsole --version

The command should output a similar line as shown below:

Framework Version: 5.0.82-dev-

That’s it!

Conclusion:

This post showed you how to install Metasploit Framework on Ubuntu 18.04 | 16.04. If you find any error, please report it in the comment form below.

Thanks,

You may also like the post below:

Like this:



11 responses to “How to Install Metasploit Framework on Ubuntu Linux”

  1. Arulsuju Avatar
    Arulsuju

    After installing msfconsole , i am nable to run msfvenum command. it shows “command unknown : msfvenum”

    1. Jeremiah Avatar
      Jeremiah

      I just followed the entire guide and msfvenom works perfectly.

    2. ADITYA MANDAL Avatar
      ADITYA MANDAL

      msfvenom* spell corrrectly

    3. Logoc Avatar
      Logoc

      its msfvenom

  2. Rudra16 Avatar
    Rudra16

    Thanks bro it really helps and i truly appreciate it.

  3. Mohamed Avatar
    Mohamed

    Hello,
    How did you configured the ssl certificate for the web api
    Thank you

  4. Bartdk Avatar
    Bartdk

    hi,
    it works also on ubuntu 20.04

  5. sadikul islam Avatar
    sadikul islam

    thanks, i am gonna try… my terminal is just updating

  6. Justin Avatar
    Justin

    Thanks 👍👍 it works

  7. MrFool Avatar
    MrFool

    it’s Work with Ubuntu 20.04.2 LTS ..
    Thanks …
    have nice day …
    have Fun …

  8. the.mandroid Avatar
    the.mandroid

    db_status was replied with “Command not found” and msfdb init brought no results, msfconsole as well

Leave a Reply to Mohamed Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.