Monday, December 19, 2011

Setting up Metasploit and Armitage on a Mac

In this guide we will do the following on OSX 10.7.2:
  1. Install Metasploit Framework/Armitage prerequisites:
    • Install Xcode
    • Install PostgreSQL 9.1.1-1 
    • Install MacPorts
    • Install other plugins/connectors
  2. Install Metasploit Framework 4.2
      • Install the latest Metasploit Framework
      • Update Metasploit
      • Link programs/modify PATH$
    • Configure everything
      • YMAL database settings file for armitage
      • Allow Armitage to run with privileges
    • Run Metasploit & Armitage
      • launch msfrpc
    • Optionally Create Services & Automatically update everything
      • Automatically update everything
      • Create a launchd

      1.Metasploit 4.2 prerequisites:  
      • Install Xcode - http://developer.apple.com/tools/xcode/
      • Install PostgreSQL - http://www.enterprisedb.com/products-services-training/pgdownload#osx
        • Fell free to install the mac ports version, BUT I'm using the GUI version in the next steps.
          • PostgreSQL may ask you to reboot if it needs to adjust your memory configuration. 
        • Give the postgres user a secure password
        • Configure a new user
          • Open pgAdmin III.app, connect to the local postgresql server (user postgres, if it asks, & whatever password from above), right-click on Login Roles and select New Login Role...
          • Set the role name (this will be the username) to whatever you want or use msfuser
            • This username will be stored in a plain-text file later!
          • Under the definition tab, set the password to whatever you want or use msfpassword
            • This password will be stored in a plain-text file later!
        • Configure the database
          • Still in pgAdmin III.app, right-click on Databases and select New Database...
          • Set the database Name to whatever you want or use metasploitdb
          • Set the database Owner to the new user from above (msfuser in the example above)
      • Install MacPorts - http://www.macports.org/
        • add "/opt/local" to your spotlight privacy settings to avoid excessive compile times & unnecessary indexing by spotlight. 
          • System Preferences->Spotlight->Privacy->"+"
          • Press "command+shift+G" and type in /opt/local
        • Update with sudo port selfupdate
        • Quit terminal & relaunch to accept new path settings added by MacPorts
      • Install other plug-ins
        • Install Ruby & RubyGems with sudo port install ruby19 +nosuffix
        • Install gem/PostgreSQL connector with
          • For 34-bit systems: sudo gem install pg -- --with-opt-include=/Library/PostgreSQL/9.1/include/ --with-opt-lib=/Library/PostgreSQL/9.1/lib/
          • For 64-bit systems: sudo env ARCHFLAGS='-arch x86_64' gem install pg -- --with-opt-include=/Library/PostgreSQL/9.1/include/ --with-opt-lib=/Library/PostgreSQL/9.1/lib/
        • Install the gsm msgpack with sudo gem install msgpack 
        • Add /opt/local/ to your anti-virus exclusion list
        2. Install Metasploit Framework 4.2 (includes armitage):  
        • Install MSF
          • Give metasploit a place to live with sudo mkdir /opt/local/msf
          • Download & install the latest framework with sudo svn co https://www.metasploit.com/svn/framework3/trunk/ /opt/local/msf/
            • permanently accept the certificate with p
        • Create a link to the msf applications with sudo ln -s /opt/local/msf/msf* /opt/local/bin
          • Optionally you can edit $path to include /opt/local/msf/ -- BUT this method never worked for me & you would have to do that for each user on the system... or change the system $path
        • Create a link to the armitage with sudo ln -s /opt/local/msf/armitage /opt/local/bin
          • Update MSF with sudo msfupdate
          3. Configure everything:

          • YMAL database settings file for armitage
            • create the configuration directory: sudo mkdir /opt/local/config
            • Create/Edit the following file: sudo vi /opt/local/config/database.yml

              # These settings are for the database used by the Metasploit Framework
              # unstable tree included in this installer, not the commercial editions.
              #

              production:
                adapter: "postgresql"
                database: "metasploitdb"
                username: "msfuser"
                password: "msfpassword"
                port: 5432
                host: "localhost"
                pool: 256
                timeout: 5</code>
          • Allow Armitage to run with privileges
            • SOMETHING GOES HERE
            4. Run Metasploit & Armitage:
            • Run Metasploit
              • Launch msfrpcd with sudo msfrpcd -U msfuser2 -P msfpassword2 -t Msg
                • feel free to use a different username & password here 
              • launch msfconsole with sudo msfconsole
                • db_connect -y /opt/local/config/database.yml
                  • The data will build now 
                  • how do I make this default (maybe just in armiatge)
                • exit out of msfconsole with exit
            • Launch Armitage from the command line
              • Enter the credentials from the msfrpc command above
              • Enjoy!
            5. Optional extras that will make your life better:
            • Make msfrpcd a launchd service:
              • Create/edit the following file: /Library/LaunchDaemons/org.metasploitframework.rpcd.plist

                <?xml version="1.0" encoding="UTF-8"?>
                <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
                <plist version="1.0">
                <dict>
                        <key>Disabled</key>
                        <false/>
                        <key>Label</key>
                        <string>org.metasploitframework.rpcd</string>
                        <key>RunAtLoad</key>
                        <true/>
                        <key>Debug</key>
                        <false/>
                        <key>ProgramArguments</key>
                        <array>
                                <string>/opt/local/bin/ruby</string>
                                <string>/opt/local/msf/msfrpcd</string>
                                <string>-f</string>
                                <string>-U</string>
                                <string>msfuser2</string>
                                <string>-P</string>
                                <string>msfpassword2</string>
                                <string>-t</string>
                                <string>Msg</string>
                        </array>
                        <key>WorkingDirectory</key>
                        <string>/opt/local/bin/</string>
                </dict>
                </plist>
              • Start the msfrpcd launchd with sudo launchctl load /Library/LaunchDaemons/org.metasploitframework.rpcd.plist
            • Automatically update everything you just installed:
              •  Edit you crontab & add the following lines:
                0 6 * * * /opt/local/msf/msfupdate -u
                0 5 * * * /opt/local/bin/port selfupdate; /opt/local/bin/port upgrade outdated
                0 5 * * * /opt/local/bin/gem update --system
              • If you don't know what this means then don't touch cron.

            Further reading:
            http://blog.metasploit.com/2010/05/introducing-metasploitable.html
            http://www.symantec.com/connect/articles/metasploit-framework-part-3
            http://www.fastandeasyhacking.com/manual#mac

            Sources:
            http://www.cedric-baillet.fr/IMG/pdf/armitage_configuration_on_macosx.pdf
            https://community.rapid7.com/docs/DOC-1037
            http://krypted.com/mac-os-x/mac-os-x-enable-and-disable-spotlight/

            9 comments:

            1. Thank you for your nice tutorial, I did install on Snow Leopard 10.6.8 64-bit and it's working fine.

              I'm with postgresql-9.1.2-1-osx and Xcode 3.2.6(1761).
              I needed to install also Nmap http://nmap.org/dist/nmap-5.51.dmg, to be able to use - Armitage ->Host ->Nmap Scans

              ReplyDelete
              Replies
              1. Faulty Logic: Setting Up Metasploit And Armitage On A Mac >>>>> Download Now

                >>>>> Download Full

                Faulty Logic: Setting Up Metasploit And Armitage On A Mac >>>>> Download LINK

                >>>>> Download Now

                Faulty Logic: Setting Up Metasploit And Armitage On A Mac >>>>> Download Full

                >>>>> Download LINK ef

                Delete
            2. Download SecurityTube Metasploit Framework Expert DVD FREE Enjoy ;)

              securitytube-training.com/certifications/securitytube-metasploit-framework-expert/?id=download ;)

              ReplyDelete
            3. Thanks for the great tutorial, but I am still stuck with the following line:
              ---
              msf > db_connect -y /opt/local/config/database.yml
              [-] No database driver installed. Try 'gem install pg'
              ---

              Even I have installed the followings (connectors) successfully:
              ---
              [g00rkha75:~] nprasetio% sudo gem install pg -- --with-opt-include=/Library/PostgreSQL/9.1/include/ --with-opt-lib=/Library/PostgreSQL/9.1/lib/
              Building native extensions. This could take a while...
              Successfully installed pg-0.14.0
              1 gem installed
              Installing ri documentation for pg-0.14.0...
              Installing RDoc documentation for pg-0.14.0...
              [g00rkha75:~] nprasetio% sudo gem install msgpack
              Building native extensions. This could take a while...
              Successfully installed msgpack-0.4.7
              1 gem installed
              Installing ri documentation for msgpack-0.4.7...
              Installing RDoc documentation for msgpack-0.4.7...
              ---

              Did I miss something?

              Thanks and really appreciate for the reply,
              NP

              ReplyDelete
              Replies
              1. I've already fixed it by uninstalling the PostgreSQL installer and installed it back from the mac port version.

                Delete
            4. Hey, this tutorial is great but I seem to have hit a brick wall with the gem/PostgreSQL connecter. This is the error terminal is spitting at me:

              Building native extensions. This could take a while...
              ERROR: Error installing pg:
              ERROR: Failed to build gem native extension.

              /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/bin/ruby extconf.rb --with-opt-include=/Library/PostgreSQL/9.1/include/ --with-opt-lib=/Library/PostgreSQL/9.1/lib/
              checking for pg_config... no
              No pg_config... trying anyway. If building fails, please try again with
              --with-pg-config=/path/to/pg_config
              checking for libpq-fe.h... no
              Can't find the 'libpq-fe.h header
              *** extconf.rb failed ***
              Could not create Makefile due to some reason, probably lack of
              necessary libraries and/or headers. Check the mkmf.log file for more
              details. You may need configuration options.

              Provided configuration options:
              --with-opt-dir
              --without-opt-dir
              --with-opt-include=${opt-dir}/include
              --with-opt-lib=${opt-dir}/lib
              --with-make-prog
              --without-make-prog
              --srcdir=.
              --curdir
              --ruby=/System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/bin/ruby
              --with-pg
              --without-pg
              --with-pg-dir
              --without-pg-dir
              --with-pg-include
              --without-pg-include=${pg-dir}/include
              --with-pg-lib
              --without-pg-lib=${pg-dir}/lib
              --with-pg-config
              --without-pg-config
              --with-pg_config
              --without-pg_config


              Gem files will remain installed in /Library/Ruby/Gems/1.8/gems/pg-0.14.1 for inspection.
              Results logged to /Library/Ruby/Gems/1.8/gems/pg-0.14.1/ext/gem_make.out

              any ideas?

              ReplyDelete
            5. Maybe a problem with gems? I used this and ran into no such problem:
              http://www.nightlionsecurity.com/blog/guides/2011/12/guide-to-installing-metasploit-4-and-armitage-on-mac-osx-lion/

              I am having a problem however with armitage being unwilling to launch, the "connect" prompt opens, then spends some time connecting ("with a note saying file was cut short") then never brings up a window.

              ReplyDelete
            6. When i Type : db_connect -y /opt/local/config/database.yml : It says : [-] File Not found :(
              Please Help Meee

              ReplyDelete
            7. Faulty Logic: Setting Up Metasploit And Armitage On A Mac >>>>> Download Now

              >>>>> Download Full

              Faulty Logic: Setting Up Metasploit And Armitage On A Mac >>>>> Download LINK

              >>>>> Download Now

              Faulty Logic: Setting Up Metasploit And Armitage On A Mac >>>>> Download Full

              >>>>> Download LINK dD

              ReplyDelete