First of all make sure you have installed the required packages.
$ sudo pacman -S git ruby gcc patch curl zlib readline autoconf automake diffutils make libtool bison
Then install the Ruby Version Manager (RVM) by downloading a shell script to bootstrap the environment.
$ wget -O rvm.sh https://get.rvm.io
Feel free to have a look at the script before executing it.
$ bash rvm.sh stable --autolibs=enabled --ruby=1.9.3 Downloading https://github.com/wayneeseguin/rvm/archive/stable.tar.gz [...] Please consider upgrading to ruby-2.1.1 which will have all of the latest security patches. Ruby was built without documentation, to build it run: rvm docs generate-ri Creating alias default for ruby-1.9.3-p545... * To start using RVM you need to run `source /home/user/.rvm/scripts/rvm` in all your open shell windows, in rare cases you need to reopen all shell windows.
Comment out the line starting with "gem:" in the /etc/gemrc file.
Install PostgreSQL to let the Metasploit Framework use it as cache and speed it up.
$ sudo pacman -S postgresql
If this is the first time you setup PostgreSQL you have to initialize a new database.
$ sudo -u postgres initdb --locale en_US.UTF-8 -E UTF8 -D '/var/lib/postgres/data' The files belonging to this database system will be owned by user "postgres". This user must also own the server process. [...] Success. You can now start the database server using: postgres -D /var/lib/postgres/data or pg_ctl -D /var/lib/postgres/data -l logfile start
Start the PostgreSQL server.
$ sudo systemctl start postgresql
Enable the service if you want to start the PostgreSQL server during bootup.
$ sudo systemctl enable postgresql
Create a database user 'msfgit' and set the password to 'msf'.
$ sudo -u postgres createuser msfgit -P -S -R -D Enter password for new role: Enter it again:
Create a database named 'msf' for the 'msfgit' user.
$ sudo -u postgres createdb -O msfgit msf
Setup the database connection by creating a 'database.yml' in your '~/.msf4/' direcoty.
$ cd ~ $ mkdir .msf4 $ cd .msf4 $ cat > database.yml production: adapter: postgresql database: msf username: msfgit password: msf host: 127.0.0.1 port: 5432 pool: 75 timeout: 5
Get the source from github.
$ cd ~ $ mkdir git $ cd git $ git clone https://github.com/rapid7/metasploit-framework.git
Enter the RVM environment ...
$ source ~/.rvm/scripts/rvm ruby-1.9.3-p484 is not installed. To install do: 'rvm install ruby-1.9.3-p484'
... and try to start the Metasploit console.
$ ./msfconsole -L Could not find rake-10.1.0 in any of the sources Run `bundle install` to install missing gems.
The start fails because some Ruby libraries are missing. So we install them by using bundler.
$ bundle install Fetching gem metadata from https://rubygems.org/......... Fetching additional metadata from https://rubygems.org/.. Installing rake 10.1.0 Installing i18n 0.6.5 [...] Installing yard 0.8.7 Using bundler 1.6.0 Your bundle is complete! Use `bundle show [gemname]` to see where a bundled gem is installed.
After the installation process has finished. It's time to start the Metasploit console again.
$ ./msfconsole -L [*] The initial module cache will be built in the background, this can take 2-5 minutes... # cowsay++ ____________ < metasploit > ------------ \ ,__, \ (oo)____ (__) )\ ||--|| * =[ metasploit v4.9.0-dev [core:4.9 api:1.0] ] + -- --=[ 1285 exploits - 700 auxiliary - 203 post ] + -- --=[ 334 payloads - 33 encoders - 8 nops ]
This time the startup should be successful. On the Metasploit console we can check the database connection.
msf > db_status [*] postgresql connected to msf
Try to search an exploit. If the caching process hasn't been finished it will take some time to list the available modules.
msf > search windows [!] Database not connected or cache not built, using slow search
After the cache has been initialized successfully the search should be much faster.
msf > search windows [...]
On the first startup Metasploit Framework automatically creates additional files and folders in the ~/.msf4 directory.
$ ls -l ~/.msf4 total 28 -rw-r--r-- 1 user user 150 31. Mar 09:13 database.yml -rw-r--r-- 1 user user 267 31. Mar 09:45 history drwxr-xr-x 2 user user 4096 31. Mar 09:32 local drwxr-xr-x 3 user user 4096 31. Mar 09:32 logs drwxr-xr-x 2 user user 4096 31. Mar 09:32 loot drwxr-xr-x 2 user user 4096 31. Mar 09:32 modules drwxr-xr-x 2 user user 4096 31. Mar 09:32 plugins
After a reboot make sure the database is running, enter the RVM environment and start the Metasploit console.
$ sudo systemctl status postgresql ● postgresql.service - PostgreSQL database server Loaded: loaded (/usr/lib/systemd/system/postgresql.service; disabled) Active: inactive (dead) $ sudo systemctl start postgresql $ cd ~/git/metasploit-framework/ $ source ~/.rvm/scripts/rvm $ ./msfconsole -L