illnino/install-metasploit-on-yosemite

## install-metasploit-on-yosemite
笔者工作中使用的主力机器是 MacBookPro, 系统是 Yosemite. 下面简介在 Yosemite中安装Metasploit Framework.

## Install Commandline for XCode
```
xcode-select --install
```

## Install Java7 SDK & JRE
```
http://download.oracle.com/otn-pub/java/jdk/8u25-b17/jdk-8u25-macosx-x64.dmg

http://download.oracle.com/otn-pub/java/jdk/8u25-b17/jre-8u25-macosx-x64.dmg
```

## Install Homebrew
```
➜  ~ ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"

➜  ~ echo PATH=/usr/local/bin:/usr/local/sbin:$PATH >> ~/.oh-my-zsh

//or if you are using bash

➜  ~ echo PATH=/usr/local/bin:/usr/local/sbin:$PATH >> ~/.bash_profile


// load new $PATH by sourcing it
➜  ~ source ~/.oh-my-zsh

//or if you are using bash
➜  ~ source ~/.bash_profile

```

## Install NMap

```
brew install nmap
```

## Install Ruby 1.9.3

Yosemite 要安装 ruby 1.9.3的话, 需要一些[技巧](http://jasdeep.ca/2014/06/installing-ruby-1-9-3-mac-os-yosemite-rvm/)
```
rvm reinstall 1.9.3 --disable-binary --with-gcc=clang
```


## Install & configure PostgreSQL

```
brew install postgresql --without-ossp-uuid
```

正常来说, homebrew 会帮你创建 db, 若无则
```
initdb /usr/local/var/postgres
```

确保 postgreSQL 在 boot 时自启动.
```
➜  ~ mkdir -p ~/Library/LaunchAgents
➜  ~ cp /usr/local/Cellar/postgresql/9.3.5_1/homebrew.mxcl.postgresql.plist ~/Library/LaunchAgents/
```

启动 PostgreSQL service
```
➜  ~ launchctl load -w ~/Library/LaunchAgents/homebrew.mxcl.postgresql.plist

```

创建新用户 msf 和数据库 msf

```
➜  ~ createuser msf -P -h localhost
➜  ~ createdb -O msf msf -h localhost
```
###### *创建用户时, 需要输入密码, 此密码为新用户对应密码, 请牢记, 下面设置需要使用*


配置 VNCViewer
Metasploit 使用 vncviewer 作为其 VNC 的 payloads, 而 OS X 原生带有 VNC client, 我们只需要创建一些文件以调用 OS X 的 vncviewer.

```
➜  ~ echo '#!/usr/bin/env bash'>> /usr/local/bin/vncviewer
➜  ~ echo open vnc://\$1 >> /usr/local/bin/vncviewer
➜  ~ chmod +x /usr/local/bin/vncviewer
```

## 安装 Metasploit Framework

```
➜  ~ gem install pg sqlite3 msgpack activerecord redcarpet rspec simplecov yard bundler
```
下载 Framework, 并设置
```
➜  ~ cd /usr/local/share/
➜  ~ git clone https://github.com/rapid7/metasploit-framework.git
➜  ~ cd metasploit-framework
➜  ~ for MSF in $(ls msf*); do ln -s /usr/local/share/metasploit-framework/$MSF /usr/local/bin/$MSF;done
➜  ~ sudo chmod go+w /etc/profile
➜  ~ sudo echo export MSF_DATABASE_CONFIG=/usr/local/share/metasploit-framework/config/database.yml >> /etc/profile
```

### Install nokogiri

[教程](http://hackerforhire.com.au/installing-metasploit-framework-on-os-x-yosemite/)中写的安装方法, 笔者无法成功安装. 不过最重要的是, 安装nokogiri既可.

Yosemite中安装 nokogiri, 也是需要一些[技巧](http://www.nokogiri.org/tutorials/installing_nokogiri.html)

```
➜  ~ gem install nokogiri -- --use-system-libraries

// cd 到 metasploit-framework
➜  ~ bundle install
```

安装完毕后, 配置数据库连接文件
```
➜  ~ vi /usr/local/share/metasploit-framework/config/database.yml
```
```
production:
  adapter: postgresql
  database: msf
  username: msf
  password: <password>
  host: 127.0.0.1
  port: 5432
  pool: 75
  timeout: 5
```


`source` `oh-my-zsh` 去 load 数据库的参数.

```
➜  ~ source /etc/profile
➜  ~ source ~/.oh-my-zsh

// or if you use bash
➜  ~ source ~/.bash_profile

```

```
➜  metasploit-framework git:(master) ✗ msfconsole
[*] Starting the Metasploit Framework console...|
     ,           ,
    /             \
   ((__---,,,---__))
      (_) O O (_)_________
         \ _ /            |\
          o_o \   M S F   | \
               \   _____  |  *
                |||   WW|||
                |||     |||


       =[ metasploit v4.10.1-dev [core:4.10.1.pre.dev api:1.0.0]]
+ -- --=[ 1375 exploits - 768 auxiliary - 222 post        ]
+ -- --=[ 342 payloads - 37 encoders - 8 nops             ]
+ -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]

msf >

```


## 参考
1. [Installing Ruby 1.9.3 on Yosemite with RVM](http://jasdeep.ca/2014/06/installing-ruby-1-9-3-mac-os-yosemite-rvm/)
2. [Nokorigi wiki](http://www.nokogiri.org/tutorials/installing_nokogiri.html)
3. [Install Nokorigi manually](http://qiita.com/tarr1124/items/3ef609961b3c425a75b9)
4. [Installing metasploit framework on Yosemiste](http://hackerforhire.com.au/installing-metasploit-framework-on-os-x-yosemite/)
	笔者工作中使用的主力机器是 MacBookPro, 系统是 Yosemite. 下面简介在 Yosemite中安装Metasploit Framework.

	## Install Commandline for XCode
	```
	xcode-select --install
	```

	## Install Java7 SDK & JRE
	```
	http://download.oracle.com/otn-pub/java/jdk/8u25-b17/jdk-8u25-macosx-x64.dmg

	http://download.oracle.com/otn-pub/java/jdk/8u25-b17/jre-8u25-macosx-x64.dmg
	```

	## Install Homebrew
	```
	➜ ~ ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"

	➜ ~ echo PATH=/usr/local/bin:/usr/local/sbin:$PATH >> ~/.oh-my-zsh

	//or if you are using bash

	➜ ~ echo PATH=/usr/local/bin:/usr/local/sbin:$PATH >> ~/.bash_profile


	// load new $PATH by sourcing it
	➜ ~ source ~/.oh-my-zsh

	//or if you are using bash
	➜ ~ source ~/.bash_profile

	```

	## Install NMap

	```
	brew install nmap
	```

	## Install Ruby 1.9.3

	Yosemite 要安装 ruby 1.9.3的话, 需要一些[技巧](http://jasdeep.ca/2014/06/installing-ruby-1-9-3-mac-os-yosemite-rvm/)
	```
	rvm reinstall 1.9.3 --disable-binary --with-gcc=clang
	```


	## Install & configure PostgreSQL

	```
	brew install postgresql --without-ossp-uuid
	```

	正常来说, homebrew 会帮你创建 db, 若无则
	```
	initdb /usr/local/var/postgres
	```

	确保 postgreSQL 在 boot 时自启动.
	```
	➜ ~ mkdir -p ~/Library/LaunchAgents
	➜ ~ cp /usr/local/Cellar/postgresql/9.3.5_1/homebrew.mxcl.postgresql.plist ~/Library/LaunchAgents/
	```

	启动 PostgreSQL service
	```
	➜ ~ launchctl load -w ~/Library/LaunchAgents/homebrew.mxcl.postgresql.plist

	```

	创建新用户 msf 和数据库 msf

	```
	➜ ~ createuser msf -P -h localhost
	➜ ~ createdb -O msf msf -h localhost
	```
	###### 创建用户时, 需要输入密码, 此密码为新用户对应密码, 请牢记, 下面设置需要使用


	配置 VNCViewer
	Metasploit 使用 vncviewer 作为其 VNC 的 payloads, 而 OS X 原生带有 VNC client, 我们只需要创建一些文件以调用 OS X 的 vncviewer.

	```
	➜ ~ echo '#!/usr/bin/env bash'>> /usr/local/bin/vncviewer
	➜ ~ echo open vnc://\$1 >> /usr/local/bin/vncviewer
	➜ ~ chmod +x /usr/local/bin/vncviewer
	```

	## 安装 Metasploit Framework

	```
	➜ ~ gem install pg sqlite3 msgpack activerecord redcarpet rspec simplecov yard bundler
	```
	下载 Framework, 并设置
	```
	➜ ~ cd /usr/local/share/
	➜ ~ git clone https://github.com/rapid7/metasploit-framework.git
	➜ ~ cd metasploit-framework
	➜ ~ for MSF in $(ls msf*); do ln -s /usr/local/share/metasploit-framework/$MSF /usr/local/bin/$MSF;done
	➜ ~ sudo chmod go+w /etc/profile
	➜ ~ sudo echo export MSF_DATABASE_CONFIG=/usr/local/share/metasploit-framework/config/database.yml >> /etc/profile
	```

	### Install nokogiri

	[教程](http://hackerforhire.com.au/installing-metasploit-framework-on-os-x-yosemite/)中写的安装方法, 笔者无法成功安装. 不过最重要的是, 安装nokogiri既可.

	Yosemite中安装 nokogiri, 也是需要一些[技巧](http://www.nokogiri.org/tutorials/installing_nokogiri.html)

	```
	➜ ~ gem install nokogiri -- --use-system-libraries

	// cd 到 metasploit-framework
	➜ ~ bundle install
	```

	安装完毕后, 配置数据库连接文件
	```
	➜ ~ vi /usr/local/share/metasploit-framework/config/database.yml
	```
	```
	production:
	adapter: postgresql
	database: msf
	username: msf
	password: <password>
	host: 127.0.0.1
	port: 5432
	pool: 75
	timeout: 5
	```


	`source` `oh-my-zsh` 去 load 数据库的参数.

	```
	➜ ~ source /etc/profile
	➜ ~ source ~/.oh-my-zsh

	// or if you use bash
	➜ ~ source ~/.bash_profile

	```

	```
	➜ metasploit-framework git:(master) ✗ msfconsole
	[*] Starting the Metasploit Framework console...\|
	, ,
	/ \
	((__---,,,---__))
	(_) O O (_)_________
	\ _ / \|\
	o_o \ M S F \| \
	\ _____ \| *
	\|\|\| WW\|\|\|
	\|\|\| \|\|\|


	=[ metasploit v4.10.1-dev [core:4.10.1.pre.dev api:1.0.0]]
	+ -- --=[ 1375 exploits - 768 auxiliary - 222 post ]
	+ -- --=[ 342 payloads - 37 encoders - 8 nops ]
	+ -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]

	msf >

	```


	## 参考
	1. [Installing Ruby 1.9.3 on Yosemite with RVM](http://jasdeep.ca/2014/06/installing-ruby-1-9-3-mac-os-yosemite-rvm/)
	2. [Nokorigi wiki](http://www.nokogiri.org/tutorials/installing_nokogiri.html)
	3. [Install Nokorigi manually](http://qiita.com/tarr1124/items/3ef609961b3c425a75b9)
	4. [Installing metasploit framework on Yosemiste](http://hackerforhire.com.au/installing-metasploit-framework-on-os-x-yosemite/)