Linux Security metasploit Ubuntu

Install Metasploit Ubuntu

Metasploit is a cross platform and open source tool initially developed by H. D. Moore in 2003. It written in Ruby and is available for Windows, MacOS and Linux. Metasploit is commonly used for offensive security testing and research. It is used for following purposes:

  • Vulnerability Assessment and Pentesting
  • IDS signature development
  • Exploit development and research

The newest major Metasploit release has moved its core to an all Ruby programming base. Metasploit-framework uses Ruby as its core programming language because Ruby is a powerful interpreted language. The Metasploit Project is very famous because of its anti-forensic and  detection evasion features.

Metasploit generally offers a community and open source version of Metasploit Framework but it also has commercial versions like Metasploit Pro and Metasploit Express. It also has a shellcode database, these shellcodes can be used to perform reverse shell to the the attacker’s machine.

Like other similar products like Canvas or Core Impact and other commercial security products, Metasploit-Framework can be used to check the security of computer systems or to break into network and systems. Similar to many other security tools, Metasploit Framework can be used for both authorized and unauthorized activities.

Follow below steps to install Metasploit Framework in your Ubuntu OS

Installation

Metasploit Frame is easy to install and and has a few dependencies. Before installing, make sure to update your Ubuntu

$ sudo apt-get update
$ sudo apt-get upgrade

Installing dependencies

Before installing you need to install following dependencies using apt command

ubuntu@ubuntu:~$ sudo apt-get install -y curl gpgv2 autoconf bison build-essential
git-corelibapr1 postgresql libaprutil1 libcurl4openssl-dev libgmp3-dev libpcap-dev
openssl libpq-dev libreadline6-dev libsqlite3-dev libssl-dev locate libsvn1 libtool
libxml2 libxml2-dev libxslt-dev wget libyaml-dev ncurses-dev  postgresql-contrib xsel
zlib1g zlib1g-dev

Installing

curl is used to transfer files from remote computers and supports a lot of protocols, we will use it to download metasploit framework code.

ubuntu@ubuntu:~$ curl https://raw.githubusercontent.com/rapid7/metasploit
omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb
> msfinstall && \

Then change permissions of the executable code using chmod command then run it

Permissions:
owner = Read & Write (rw-)
group = Read (r--)
other = None (---)

Ownership:
owner = root
group = shadow

$ chmod 755 msfinstall

Metasploit Interfaces

Metasploit Framework has a web interface, GUI interface (Armitage and Cobal Strike) and Command Line interfaces (msfcli, msfconsole). It also offers APIs like msgrpc to control Metasploit remotely or to use it along with some some scripting language for automation purposes.

It also has some other tools and features that can generate shell codes and payloads and combine them with other legitimate executables.

Msfconsole is a powerful Command line interface of Metasploit. To run it, first start postgresql service, Type

ubuntu@ubuntu:~$ sudo service postgresql start
ubuntu@ubuntu:~$ sudo msfconsole

Metasploit Manual

Common commands for  Metasploit from the Manual

help (or ‘?’) – shows the available commands in msfconsole

show exploits – shows the exploits you can run (in our case here, the ms05_039_pnp exploit)

show payloads – shows the various payload options you can execute on the exploited system such as spawn a command shell, uploading programs to run, etc. (in our case here, the win32_reverse exploit)

info exploit [exploit name] – shows a description of a specific exploit name along with its various options and requirements (ex. info exploit ms05_039_pnp shows information on that specific attack)

info payload [payload name] – shows a description of a specific payload name along with its various options and requirements (ex. info payload win32_reverse shows information on spawning a command shell)

use [exploit name] – instructs msfconsole to enter into a specific exploit’s environment (ex. use ms05_039_pnp will bring up the command prompt ms05_039_pnp > for this specific exploit

show options – shows the various parameters for the specific exploit you’re working with

show payloads – shows the payloads compatible with the specific exploit you’re working with

set PAYLOAD – allows you to set the specific payload for your exploit (in this example, set PAYLOAD win32_reverse)

show targets – shows the available target OSs and applications that can be exploited

set TARGET – allows you to select your specific target OS/application (in this example, I’ll use set TARGET 0 to for all English versions of Windows 2000)

set RHOST – allows you to set your target host’s IP address (in this example, set RHOST 10.0.0.200)

set LHOST – allows you to set the local host’s IP address for the reverse communications needed to open the reverse command shell (in this example, set LHOST 10.0.0.201)

back – allows you to exit the current exploit environment you’ve loaded and go back to the main msfconsole prompt

Conclusion

Metasploit is a very useful framework that is used by Penetration testers and vulnerability researchers. Some other commercial tools offer similar functionality but Metasploit is popular due to its cross-platform support and easy-to-use GUI and CLI interfaces. This is particularly make for Penetration testers and Red Teamers but anyone can use this to secure their home or company’s network. If you are interested in learning Metasploit, here is a great free resource.

About the author

Usama Azad

A security enthusiast who loves Terminal and Open Source. My area of expertise is Python, Linux (Debian), Bash, Penetration testing, and Firewalls. I’m born and raised in Wazirabad, Pakistan and currently doing Undergraduation from National University of Science and Technology (NUST). On Twitter i go by @UsamaAzad14