Monday, December 19, 2011

Setting up Metasploit and Armitage on a Mac

In this guide we will do the following on OSX 10.7.2:
  1. Install Metasploit Framework/Armitage prerequisites:
    • Install Xcode
    • Install PostgreSQL 9.1.1-1 
    • Install MacPorts
    • Install other plugins/connectors
  2. Install Metasploit Framework 4.2
      • Install the latest Metasploit Framework
      • Update Metasploit
      • Link programs/modify PATH$
    • Configure everything
      • YMAL database settings file for armitage
      • Allow Armitage to run with privileges
    • Run Metasploit & Armitage
      • launch msfrpc
    • Optionally Create Services & Automatically update everything
      • Automatically update everything
      • Create a launchd

      1.Metasploit 4.2 prerequisites:  
      • Install Xcode - http://developer.apple.com/tools/xcode/
      • Install PostgreSQL - http://www.enterprisedb.com/products-services-training/pgdownload#osx
        • Fell free to install the mac ports version, BUT I'm using the GUI version in the next steps.
          • PostgreSQL may ask you to reboot if it needs to adjust your memory configuration. 
        • Give the postgres user a secure password
        • Configure a new user
          • Open pgAdmin III.app, connect to the local postgresql server (user postgres, if it asks, & whatever password from above), right-click on Login Roles and select New Login Role...
          • Set the role name (this will be the username) to whatever you want or use msfuser
            • This username will be stored in a plain-text file later!
          • Under the definition tab, set the password to whatever you want or use msfpassword
            • This password will be stored in a plain-text file later!
        • Configure the database
          • Still in pgAdmin III.app, right-click on Databases and select New Database...
          • Set the database Name to whatever you want or use metasploitdb
          • Set the database Owner to the new user from above (msfuser in the example above)
      • Install MacPorts - http://www.macports.org/
        • add "/opt/local" to your spotlight privacy settings to avoid excessive compile times & unnecessary indexing by spotlight. 
          • System Preferences->Spotlight->Privacy->"+"
          • Press "command+shift+G" and type in /opt/local
        • Update with sudo port selfupdate
        • Quit terminal & relaunch to accept new path settings added by MacPorts
      • Install other plug-ins
        • Install Ruby & RubyGems with sudo port install ruby19 +nosuffix
        • Install gem/PostgreSQL connector with
          • For 34-bit systems: sudo gem install pg -- --with-opt-include=/Library/PostgreSQL/9.1/include/ --with-opt-lib=/Library/PostgreSQL/9.1/lib/
          • For 64-bit systems: sudo env ARCHFLAGS='-arch x86_64' gem install pg -- --with-opt-include=/Library/PostgreSQL/9.1/include/ --with-opt-lib=/Library/PostgreSQL/9.1/lib/
        • Install the gsm msgpack with sudo gem install msgpack 
        • Add /opt/local/ to your anti-virus exclusion list
        2. Install Metasploit Framework 4.2 (includes armitage):  
        • Install MSF
          • Give metasploit a place to live with sudo mkdir /opt/local/msf
          • Download & install the latest framework with sudo svn co https://www.metasploit.com/svn/framework3/trunk/ /opt/local/msf/
            • permanently accept the certificate with p
        • Create a link to the msf applications with sudo ln -s /opt/local/msf/msf* /opt/local/bin
          • Optionally you can edit $path to include /opt/local/msf/ -- BUT this method never worked for me & you would have to do that for each user on the system... or change the system $path
        • Create a link to the armitage with sudo ln -s /opt/local/msf/armitage /opt/local/bin
          • Update MSF with sudo msfupdate
          3. Configure everything:

          • YMAL database settings file for armitage
            • create the configuration directory: sudo mkdir /opt/local/config
            • Create/Edit the following file: sudo vi /opt/local/config/database.yml

              # These settings are for the database used by the Metasploit Framework
              # unstable tree included in this installer, not the commercial editions.
              #

              production:
                adapter: "postgresql"
                database: "metasploitdb"
                username: "msfuser"
                password: "msfpassword"
                port: 5432
                host: "localhost"
                pool: 256
                timeout: 5</code>
          • Allow Armitage to run with privileges
            • SOMETHING GOES HERE
            4. Run Metasploit & Armitage:
            • Run Metasploit
              • Launch msfrpcd with sudo msfrpcd -U msfuser2 -P msfpassword2 -t Msg
                • feel free to use a different username & password here 
              • launch msfconsole with sudo msfconsole
                • db_connect -y /opt/local/config/database.yml
                  • The data will build now 
                  • how do I make this default (maybe just in armiatge)
                • exit out of msfconsole with exit
            • Launch Armitage from the command line
              • Enter the credentials from the msfrpc command above
              • Enjoy!
            5. Optional extras that will make your life better:
            • Make msfrpcd a launchd service:
              • Create/edit the following file: /Library/LaunchDaemons/org.metasploitframework.rpcd.plist

                <?xml version="1.0" encoding="UTF-8"?>
                <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
                <plist version="1.0">
                <dict>
                        <key>Disabled</key>
                        <false/>
                        <key>Label</key>
                        <string>org.metasploitframework.rpcd</string>
                        <key>RunAtLoad</key>
                        <true/>
                        <key>Debug</key>
                        <false/>
                        <key>ProgramArguments</key>
                        <array>
                                <string>/opt/local/bin/ruby</string>
                                <string>/opt/local/msf/msfrpcd</string>
                                <string>-f</string>
                                <string>-U</string>
                                <string>msfuser2</string>
                                <string>-P</string>
                                <string>msfpassword2</string>
                                <string>-t</string>
                                <string>Msg</string>
                        </array>
                        <key>WorkingDirectory</key>
                        <string>/opt/local/bin/</string>
                </dict>
                </plist>
              • Start the msfrpcd launchd with sudo launchctl load /Library/LaunchDaemons/org.metasploitframework.rpcd.plist
            • Automatically update everything you just installed:
              •  Edit you crontab & add the following lines:
                0 6 * * * /opt/local/msf/msfupdate -u
                0 5 * * * /opt/local/bin/port selfupdate; /opt/local/bin/port upgrade outdated
                0 5 * * * /opt/local/bin/gem update --system
              • If you don't know what this means then don't touch cron.

            Further reading:
            http://blog.metasploit.com/2010/05/introducing-metasploitable.html
            http://www.symantec.com/connect/articles/metasploit-framework-part-3
            http://www.fastandeasyhacking.com/manual#mac

            Sources:
            http://www.cedric-baillet.fr/IMG/pdf/armitage_configuration_on_macosx.pdf
            https://community.rapid7.com/docs/DOC-1037
            http://krypted.com/mac-os-x/mac-os-x-enable-and-disable-spotlight/
            Posted by at
            Labels: , , , , , , , , , , , , , , , ,

            9 comments:

            1. mveJanuary 18, 2012 at 12:31 AM

              Thank you for your nice tutorial, I did install on Snow Leopard 10.6.8 64-bit and it's working fine.

              I'm with postgresql-9.1.2-1-osx and Xcode 3.2.6(1761).
              I needed to install also Nmap http://nmap.org/dist/nmap-5.51.dmg, to be able to use - Armitage ->Host ->Nmap Scans

              ReplyDelete
              Replies
              1. AnonymousApril 7, 2022 at 7:18 PM

                Faulty Logic: Setting Up Metasploit And Armitage On A Mac >>>>> Download Now

                >>>>> Download Full

                Faulty Logic: Setting Up Metasploit And Armitage On A Mac >>>>> Download LINK

                >>>>> Download Now

                Faulty Logic: Setting Up Metasploit And Armitage On A Mac >>>>> Download Full

                >>>>> Download LINK ef

                Delete
            2. Penetration TesterMarch 7, 2012 at 1:53 AM

              Download SecurityTube Metasploit Framework Expert DVD FREE Enjoy ;)

              securitytube-training.com/certifications/securitytube-metasploit-framework-expert/?id=download ;)

              ReplyDelete
            3. Nico PrasetioAugust 24, 2012 at 5:27 PM

              Thanks for the great tutorial, but I am still stuck with the following line:
              ---
              msf > db_connect -y /opt/local/config/database.yml
              [-] No database driver installed. Try 'gem install pg'
              ---

              Even I have installed the followings (connectors) successfully:
              ---
              [g00rkha75:~] nprasetio% sudo gem install pg -- --with-opt-include=/Library/PostgreSQL/9.1/include/ --with-opt-lib=/Library/PostgreSQL/9.1/lib/
              Building native extensions. This could take a while...
              Successfully installed pg-0.14.0
              1 gem installed
              Installing ri documentation for pg-0.14.0...
              Installing RDoc documentation for pg-0.14.0...
              [g00rkha75:~] nprasetio% sudo gem install msgpack
              Building native extensions. This could take a while...
              Successfully installed msgpack-0.4.7
              1 gem installed
              Installing ri documentation for msgpack-0.4.7...
              Installing RDoc documentation for msgpack-0.4.7...
              ---

              Did I miss something?

              Thanks and really appreciate for the reply,
              NP

              ReplyDelete
              Replies
              1. Nico PrasetioAugust 25, 2012 at 6:09 PM

                I've already fixed it by uninstalling the PostgreSQL installer and installed it back from the mac port version.

                Delete
            4. PhilSeptember 16, 2012 at 8:37 AM

              Hey, this tutorial is great but I seem to have hit a brick wall with the gem/PostgreSQL connecter. This is the error terminal is spitting at me:

              Building native extensions. This could take a while...
              ERROR: Error installing pg:
              ERROR: Failed to build gem native extension.

              /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/bin/ruby extconf.rb --with-opt-include=/Library/PostgreSQL/9.1/include/ --with-opt-lib=/Library/PostgreSQL/9.1/lib/
              checking for pg_config... no
              No pg_config... trying anyway. If building fails, please try again with
              --with-pg-config=/path/to/pg_config
              checking for libpq-fe.h... no
              Can't find the 'libpq-fe.h header
              *** extconf.rb failed ***
              Could not create Makefile due to some reason, probably lack of
              necessary libraries and/or headers. Check the mkmf.log file for more
              details. You may need configuration options.

              Provided configuration options:
              --with-opt-dir
              --without-opt-dir
              --with-opt-include=${opt-dir}/include
              --with-opt-lib=${opt-dir}/lib
              --with-make-prog
              --without-make-prog
              --srcdir=.
              --curdir
              --ruby=/System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/bin/ruby
              --with-pg
              --without-pg
              --with-pg-dir
              --without-pg-dir
              --with-pg-include
              --without-pg-include=${pg-dir}/include
              --with-pg-lib
              --without-pg-lib=${pg-dir}/lib
              --with-pg-config
              --without-pg-config
              --with-pg_config
              --without-pg_config


              Gem files will remain installed in /Library/Ruby/Gems/1.8/gems/pg-0.14.1 for inspection.
              Results logged to /Library/Ruby/Gems/1.8/gems/pg-0.14.1/ext/gem_make.out

              any ideas?

              ReplyDelete
            5. RenmusxdNovember 19, 2012 at 8:58 PM

              Maybe a problem with gems? I used this and ran into no such problem:
              http://www.nightlionsecurity.com/blog/guides/2011/12/guide-to-installing-metasploit-4-and-armitage-on-mac-osx-lion/

              I am having a problem however with armitage being unwilling to launch, the "connect" prompt opens, then spends some time connecting ("with a note saying file was cut short") then never brings up a window.

              ReplyDelete
            6. UnknownMarch 9, 2013 at 1:20 PM

              When i Type : db_connect -y /opt/local/config/database.yml : It says : [-] File Not found :(
              Please Help Meee

              ReplyDelete
            7. AnonymousApril 7, 2022 at 7:17 PM

              Faulty Logic: Setting Up Metasploit And Armitage On A Mac >>>>> Download Now

              >>>>> Download Full

              Faulty Logic: Setting Up Metasploit And Armitage On A Mac >>>>> Download LINK

              >>>>> Download Now

              Faulty Logic: Setting Up Metasploit And Armitage On A Mac >>>>> Download Full

              >>>>> Download LINK dD

              ReplyDelete

            Subscribe to: Post Comments (Atom)