//
you're reading...
howto, security

How to use metasploit framework

This is for Educational Purposes only !!

This Howto shows how to gain access on a remote PC (windows XP Pro SP2) exploiting a known Vulnerability bug with autopwn tool.

Installation Howto (ubuntu)


$ sudo apt-get install ruby libopenssl-ruby libyaml-ruby libdl-ruby libiconv-ruby
$ sudo apt-get install libreadline-ruby irb ri rubygems

$ sudo apt-get install subversion

$ sudo apt-get install build-essential ruby-dev libpcap-dev
$ sudo apt-get install build-essential ruby-dev libpcap-dev
$ su -
$ cd /tmp

$ wget http://updates.metasploit.com/data/releases/framework-3.5.2.tar.bz2
$ bzip2 -d framework-3.5.2.tar.bz2

$ tar xf framework-3.5.2.tar

$ mkdir -p /opt/metasploit3
$ cp -a msf3/ /opt/metasploit3/msf3

$ chown root:root -R /opt/metasploit3/msf3

$ ln -sf /opt/metasploit3/msf3/msf* /usr/local/bin/ $ apt-get install libpcap-dev

$ bash
$ cd /opt/metasploit3/msf3/external/pcaprub/
$ ruby extconf.rb
$ make && make install
$ sudo bash
$ cd  /opt/metasploit3/msf3/external/ruby-lorcon2/
$ svn co http://802.11ninja.net/svn/lorcon/trunk lorcon2
$ cd lorcon2
$ ./configure --prefix=/usr && make && make install
$ cd ..
$ ruby extconf.rb
$ make && make install

Install Postgres

$ sudo apt-get install postgresql-8.4

$ sudo apt-get install rubygems libpq-dev
$ sudo gem install pg
$ apt-get install libreadline-dev
$ apt-get install libssl-dev
$ apt-get install libpq5
$ apt-get install ruby-dev
$ su postgres

postgres@pilio-laptop:~$ createuser msf_user -P
Enter password for new role:
Enter it again:
Shall the new role be a superuser? (y/n) n
Shall the new role be allowed to create databases? (y/n) n
Shall the new role be allowed to create more new roles? (y/n) n
postgres@pilio-laptop:~$ createdb --owner=msf_user msf_database

startup file
root@pilio-laptop:~# cat .msf3/msfconsole.rc

db_driver postgresql

db_connect msf_user:123@127.0.0.1:5432/msf_database

db_workspace -a MyProject

for automatic updates, insert the following in /etc/crontab
1 * * * * root /usr/bin/svn update  /opt/metasploit3/msf3/ >> /var/log/msfupdate.log 2>&1

Discussion

Comments are closed.