This tutorial is a combination of a number of different guides that I’ve compiled on the subject of getting Metasploit to work on OSX. I have not been able to find any other site with a complete working solution, so I decided to write one myself. This has been tested on multiple environments from beginning to end. If you have any problems, please leave a comment and I will do my best to help you get things working.
1. XCODE & COMMAND LINE TOOLS
First, install XCode using the App Store. Xcode is a free download.
1.1. Manually Install The Command Line Tools.
XCode 5 does not give me the option to install the command line tools from the app, so we have to do it via command line.
|
1
|
xcode-select--install
|
2. INSTALL HOMEBREW, RUBY, AND RVM
For this tutorial, I ended up going with Homebrew. I’ve always used MacPorts in the past, but I keep hearing more and more about Homebrew and wanted to give it a try. It turned out to be pretty painless.
2.1. Install HomeBrew
|
1
|
ruby-e"$(curl
-fsSL https://raw.github.com/mxcl/homebrew/go)"
|
Make sure to run your Brew Doctor as soon as Brew is installed to make sure everything is working properly
|
1
|
brew
doctor
|
2.2. Install Git And Wget
|
1
2
|
brew
install git
brew install wget
|
2.2. Install RVM (Ruby Version Manager)
|
1
|
curl-#L https://get.rvm.io |
bash -s stable --autolibs=3 --ruby
|
2.3. Install Ruby V1.9.3-P448
At the time of this tutorial, Metasploit requires package 448 of Ruby v1.9.3 in order to run properly, I’m sure that will change in the future, so please make sure to update your commands with the correct version number!!
|
1
2
3
4
|
rvm
requirements
rvm install ruby-1.9.3-p448
rvm
gemset create
msf
rvm useruby-1.9.3-p448--default
|
That last line is especially important since XCode 5.1 will default to Ruby 2.x.
2.4. Reload Your Source Information
You will now be asked to reload your source information.
|
1
|
source~/.rvm/scripts/rvm
|
3. INSTALL VARIOUS PACKAGES AND DEPENDENCIES
There are a number of packages and dependencies that need to be installed in order to get everything running smoothly.
3.1. Nmap
First, we need to install Nmap.
|
1
|
brew
install nmap
|
3.2. GCC
Next we need to install GNU GCC. This may time some time since we are compiling the latest version from source.
|
1
|
brew
tap homebrew/dupes;brew
install gcc--use-llvm
|
3.3. Install PostgreSQL
Next, we need PostgreSQL.
|
1
|
brew
install postgresql--without-ossp-uuid
|
3.4. Configure PostgreSQL
With PostgreSQL installed, we need to configure a few things. Don’t forget to make sure that the version numbers below match the ones that were installed.
|
1
2
3
4
5
6
|
initdb/usr/local/var/postgres
mkdir-p~/Library/LaunchAgents
cp/usr/local/Cellar/postgresql/9.2.1/homebrew.mxcl.postgresql.plist~/Library/LaunchAgents/
launchctl load-w~/Library/LaunchAgents/homebrew.mxcl.postgresql.plist
createuser
msf-P-hlocalhost
createdb-Omsf msf-hlocalhost
|
3.5. Install Ruby Gems
We need a few Ruby Gems to get Metasploit running.
|
1
|
gem
install pg
sqlite3 msgpack hpricot
|
4. INSTALL AND CONFIGURE METASPLOIT
We’re almost done. Now we just need to setup MSF to run in our new environment.
4.1. Install MSF
|
1
2
3
4
|
sudo
su
mkdir-p/opt/
cd/opt
git clonehttps://github.com/rapid7/metasploit-framework.git
msf
|
4.2. Configure The MSF Database
|
1
2
|
sudo
echoexport
MSF_DATABASE_CONFIG=/opt/msf/database.yml>>~/.bash_profile
nano/opt/msf/database.yml
|
Paste the following information into the database.ymp file:
|
1
2
3
4
5
6
7
8
9
|
production:
adapter:postgresql
database:msf
username:msf
password:
host:127.0.0.1
port:5432
pool:75
timeout:5
|
4.3 Install Required MSF Bundles
Bundle Install
|
1
2
3
|
cd/opt/msf/
bundle install
#if
this fails, run: sudo bundle install
|
4.4. Create A Few Symlinks
We need to create symlinks of the metasploit executables in the /usr/bin/ folder, as a safeguard against Armitage not being able to find the MSF files.
|
1
|
ln-s/opt/msf/msf*/opt/local/bin/
|
5. LAUNCH METASPLOIT!
Now that we are done installing everything, let’s test Metasploit to make sure everything went smoothly.
|
1
|
sudo
msfconsole
|
If all goes well, you should see the Metasploit console!
6.ARMITAGE
It’s really unfortunate that Armitage no longer ships with the Metasploit Framework. Luckly this is a very short process
6.1. Download & Install
Click here to to download Armitage for OSX.
Armitage should be installed the same way you would install any other OSX app. Open the DMG file, and drag the application to your Applications folder.
6.2. Launching Armitage
For Mac OSX systems, there seems to be an issue with launching Armitage directly using the icon. In order to work around this, Armitage can be launched from the command line:
|
1
|
sudo-Ejava-jar"armitage.jar"
|