Penetration testing helps you to evaluate the security of your systems by simulating an attack from a malicious source.
Metasploit Framework is a popular penetration testing platform that lets you find and exploit vulnerabilities in your systems. It is an open-source platform that provides a complete environment and set of tools which are required for penetration testing.
Here at LinuxAPT, as part of our Server Management Services, we regularly help our Customers to perform related Software Installation queries on Linux systems.
In this context, we shall look into how to install Metasploit Framework on Ubuntu 20.04 LTS.
Note that You should have sudo privileges on the system where you want to install and run the Metasploit framework.
Steps to install Metasploit Framework on Ubuntu Linux system
To install Metasploit Framework on Ubuntu system, we will use the installer file provided by the Rapid7 site. This installer file contains all the necessary tools required for the running of Metasploit Framework. To install Metasploit Framework on Ubuntu OS, simply follow the below steps.
1. Perform System Update
First, update your system repository index using the command below:
$ sudo apt update
2. Download Metasploit Framework installer
Now, we will download the Metasploit Framework installer on our Ubuntu machine. Move to the /tmp dir using the command below:
$ cd /tmp/
Then download the installer file for the Metasploit Framework using this command:
$ curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall
3. Make Metasploit installer file executable
Here, Make the installer file executable using the command below:
$ sudo chmod 755 msfinstall
4. Run Metasploit Framework installer
Now, run the Metasploit Framework installer:
$ sudo ./msfinstall
This will start installing the Metasploit Framework package on your system.
After the installation is completed, start msfconsole using the command below:
$ sudo msfconsole
- You will be asked if you want to setup a new database. Type yes and hit Enter.
- Then it will ask if you would like to initiate the web service. Type yes and hit Enter. After that, it will create the database.
- Then it will ask more information for the web service initiation. For web service account username, hit Enter to accept the default selected username or you can enter any other user account name. For web service account password, type any password or just hit Enter to set any random password.
- It will then display web service credentials that can be used to connect to the Metasploit Framework web service.
How to test Metasploit database connection ?
To test the database connection, use the below command in the msf prompt:
Remember, if you have not setup the database when running the msfconsole for the first time, you can setup it later using the command below:
$ msfdb init
How to Access Metasploit Web Interface ?
At this point, Metasploit is installed and listen on port 3790. You can access it using the URL https://localhost:3790. You should see the "New User Setup" screen.
Provide your login information, other settings, and click on the Create Account button. You should see the "Activate Your Metasploit License" page.
You can now get the product key, activate the License, and start working on the Metasploit framework.
[Need to fix Linux system Database issues ? We can help you. ]
This article covers how to install Metasploit Framework on Ubuntu 20.04 LTS OS. In fact, the Metasploit Framework is an open-source project that provides public resources for vulnerability research and code development. It allows security professionals to detect intrusions into their network and identify threats and vulnerabilities in various areas such as software, systems, or networks. Metasploit comes jam-packed with existing exploits but gives the framework to create your own custom exploits.
How to Access Metasploit Console ?
Metasploit provides a command-line utility called mfconsole to manage the Metasploit. You can access it using the following command:
You should see the Metasploit console.
Now, run the following command to show all available commands in msfconsole:
To display all available exploits, run the following command:
$ show exploits
To display all available payloads, run the following command:
$ show payloads
To show more information of any exploit, run the following command:
$ info exploit exploit-name
To show more information of any payload, run the following command:
$ info payload payload-name
To set the specific payload for your exploit, run the following command:
$ set PAYLOAD windows
To display all available target operating systems that can be exploited, run the following command:
$ show targets
To set your target's IP address, run the following command:
$ set RHOST target-ip-address
To set the local IP address for the reverse communications, run the following command:
$ set LHOST ip-address