This entry was posted on Monday, April 16th, 2007 at 7:45 PM and is filed under Apple, Friends & Family, Hacking, Mac, Microsoft, Security, Software, Windows. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
I have known about the Metasploit framework for quite some time but have never really known how to use it or taken the time to learn. Recently, Chris inspired me to try it by showing me a movie explaining how to exploit a vulnerability in Microsoft Windows related to the .ANI Header Stack Overflow Vulnerability (more on this in my next post).
Before I could begin working with this nifty little exploit in Metaspolit I had to get the framework installed on my MacBook. Metasploit is a suite of Ruby scripts and will run on virtually any Unix based operating system and Windows (with some minor tweaking). I checked the MacPorts for Metasploit and it was available as a port install but the latest version in the ports tree was 2.7. I needed at least version 3.0, and later determined I needed a development version, version 3.1, from the trunk to get the exploit I was after.
The first thing I did was upgrade my Subversion client on Mac OS X. I got the universal binary from here and installing and upgrading my Subversion was pretty painless. It installed like most other Mac applications from a package.
Once my Subversion client was up to date, I downloaded the Metasploit framework and unpcked it into /usr/local/msf/. I then made symbolic links to the different Metasploit related applications in /opt/local/bin/, the directory where MacPorts installs binaries and application related scripts. I did this by running the following command as root (or using sudo):
% sudo ln -s /usr/local/msf/msf* /opt/local/bin/Now that I had the framework downloaded and in place, I installed an updated version of Ruby from MacPorts by running the following command:
% sudo port install rubyI then downloaded the latest version of RubyGems, uncompressed it, changed into the uncompressed directory and ran the following command to install Ruby Gems:
% sudo ruby setup.rbOnce that operation had completed, I installed the latest version of Rails by issuing the following command:
gem install -v=1.2.3 railsThe original instructions for the steps performed above are available on the Metasploit wiki but I had to modify their instructions a bit due to some errors. The first error I encountered while using the MetaSploit instructions was with installing RubyGems. When following the instructions in the Metasploit wiki I received the following error:
ruby: No such file or directory -- setup (LoadError))I found some instructions in the RubyGems User Guide that led me to the ruby setup.rb command to install Gems.
The next issue I encountered when using the instructions in the Metaploit wiki was an error when trying to run gem install -v=1.2.2 rails I don’t have the exact error to give you but it was basically something to the effect that version 1.2.2 wasn’t found i the repository. I browsed the repository and saw that a newer version, version 1.2.3, was available so that is why I issued the command with -v=1.2.3.
Once all of the above was completed, I tried to run the exploit I was hoping to run and version 3.0 of the Metasploit framework. I tried to update Metasploit to a higher version but was returned the following:
% sudo svn update
Skipped '.'I then grabbed a development snapshot by running the following command:
% sudo svn co http://metasploit.com/svn/framework3/trunk/I placed the trunk/ directory in my /usr/local/msf/ directory and changed my symbolic links to point to the newly downloaded Metasploit components by issuing the following command:
% sudo ln -sf /usr/local/msf/trunk/msf* /opt/local/bin/I hope this helps other Mac users if and when they get ready to install the Metasploit framework, or Ruby, RubyGems, and Ruby on Rails on their Mac. It is also good for me to have things like this documented somewhere in case I need to revisit it in the future. Either way, Enjoy!
Until next time…
Bookmark to:
12 Responses to “Installing Metasploit on Mac OS X”
Leave a Reply
Flickr Updates
April 16th, 2007 at 7:46 PM
[...] post is the reason I posted my previous blog entry on installing the Metasploit framework on my Apple MacBook. Chris sent me a link to this movie [...]
FromApril 18th, 2007 at 9:06 AM
[...] posted at cocoacrusty.com on Monday, April 16th, [...]
FromApril 20th, 2007 at 8:17 PM
Lots of thanks!, there are so many errors installing Metasploit and now (after read your post) that’s running so well (educational purpose only) ;).
FromApril 20th, 2007 at 10:44 PM
Glad I could help, r0sk!
Take care!
Cocoa
FromJuly 10th, 2007 at 10:39 PM
[...] Installing Metasploit on Mac OS X | Cocoa Crusty (tags: metasploit macosx) [...]
FromAugust 15th, 2007 at 5:35 AM
gem install rails –include-dependencies
works best
FromAugust 25th, 2007 at 4:41 AM
Great! I had to use 1.2.2 version of rails though, but it’s working fine now.
FromAugust 26th, 2007 at 12:12 PM
I’m installing right now
Thanks alot
FromOctober 1st, 2007 at 6:10 AM
The reason why you were getting this error:
# sudo svn update
Skipped ‘.’
is because you executed the command from the wrong directory. You have to be in the following directory for it to be successful:
…Metasploit/Framework3/framework
Cocoa are you Australia ? If so, are there any Hack OS X groups in Sydney ?
r/
sist3m.
ps Ruxcon was canceled this year
FromOctober 1st, 2007 at 2:56 PM
Thanks for the heads up, sist3m. I am not from Australia. Good luck finding a group in Sydney!
Cocoa
FromOctober 17th, 2007 at 6:54 PM
I am a n00b. I have never used command line before. I got to the part of the metasploit install directions where you installed Ruby Gems. I am on a MacBook as well and it keeps telling me there is no such directory or file I don’t know what I did wrong. Can anyone help?
FromJune 11th, 2008 at 10:02 AM
[...] these people are searching for “metasploit mac osx” or something similar, and my post, found here, ranks number one on Google. People are also stumbling upon (pun intended) my Web site for queries [...]
From