Created
December 9, 2014 08:11
-
-
Save illnino/a5de098e31e820bab4d7 to your computer and use it in GitHub Desktop.
Yosemite中安装 Metasploit Framework
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
笔者工作中使用的主力机器是 MacBookPro, 系统是 Yosemite. 下面简介在 Yosemite中安装Metasploit Framework. | |
## Install Commandline for XCode | |
``` | |
xcode-select --install | |
``` | |
## Install Java7 SDK & JRE | |
``` | |
http://download.oracle.com/otn-pub/java/jdk/8u25-b17/jdk-8u25-macosx-x64.dmg | |
http://download.oracle.com/otn-pub/java/jdk/8u25-b17/jre-8u25-macosx-x64.dmg | |
``` | |
## Install Homebrew | |
``` | |
➜ ~ ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)" | |
➜ ~ echo PATH=/usr/local/bin:/usr/local/sbin:$PATH >> ~/.oh-my-zsh | |
//or if you are using bash | |
➜ ~ echo PATH=/usr/local/bin:/usr/local/sbin:$PATH >> ~/.bash_profile | |
// load new $PATH by sourcing it | |
➜ ~ source ~/.oh-my-zsh | |
//or if you are using bash | |
➜ ~ source ~/.bash_profile | |
``` | |
## Install NMap | |
``` | |
brew install nmap | |
``` | |
## Install Ruby 1.9.3 | |
Yosemite 要安装 ruby 1.9.3的话, 需要一些[技巧](http://jasdeep.ca/2014/06/installing-ruby-1-9-3-mac-os-yosemite-rvm/) | |
``` | |
rvm reinstall 1.9.3 --disable-binary --with-gcc=clang | |
``` | |
## Install & configure PostgreSQL | |
``` | |
brew install postgresql --without-ossp-uuid | |
``` | |
正常来说, homebrew 会帮你创建 db, 若无则 | |
``` | |
initdb /usr/local/var/postgres | |
``` | |
确保 postgreSQL 在 boot 时自启动. | |
``` | |
➜ ~ mkdir -p ~/Library/LaunchAgents | |
➜ ~ cp /usr/local/Cellar/postgresql/9.3.5_1/homebrew.mxcl.postgresql.plist ~/Library/LaunchAgents/ | |
``` | |
启动 PostgreSQL service | |
``` | |
➜ ~ launchctl load -w ~/Library/LaunchAgents/homebrew.mxcl.postgresql.plist | |
``` | |
创建新用户 msf 和数据库 msf | |
``` | |
➜ ~ createuser msf -P -h localhost | |
➜ ~ createdb -O msf msf -h localhost | |
``` | |
###### *创建用户时, 需要输入密码, 此密码为新用户对应密码, 请牢记, 下面设置需要使用* | |
配置 VNCViewer | |
Metasploit 使用 vncviewer 作为其 VNC 的 payloads, 而 OS X 原生带有 VNC client, 我们只需要创建一些文件以调用 OS X 的 vncviewer. | |
``` | |
➜ ~ echo '#!/usr/bin/env bash'>> /usr/local/bin/vncviewer | |
➜ ~ echo open vnc://\$1 >> /usr/local/bin/vncviewer | |
➜ ~ chmod +x /usr/local/bin/vncviewer | |
``` | |
## 安装 Metasploit Framework | |
``` | |
➜ ~ gem install pg sqlite3 msgpack activerecord redcarpet rspec simplecov yard bundler | |
``` | |
下载 Framework, 并设置 | |
``` | |
➜ ~ cd /usr/local/share/ | |
➜ ~ git clone https://github.com/rapid7/metasploit-framework.git | |
➜ ~ cd metasploit-framework | |
➜ ~ for MSF in $(ls msf*); do ln -s /usr/local/share/metasploit-framework/$MSF /usr/local/bin/$MSF;done | |
➜ ~ sudo chmod go+w /etc/profile | |
➜ ~ sudo echo export MSF_DATABASE_CONFIG=/usr/local/share/metasploit-framework/config/database.yml >> /etc/profile | |
``` | |
### Install nokogiri | |
[教程](http://hackerforhire.com.au/installing-metasploit-framework-on-os-x-yosemite/)中写的安装方法, 笔者无法成功安装. 不过最重要的是, 安装nokogiri既可. | |
Yosemite中安装 nokogiri, 也是需要一些[技巧](http://www.nokogiri.org/tutorials/installing_nokogiri.html) | |
``` | |
➜ ~ gem install nokogiri -- --use-system-libraries | |
// cd 到 metasploit-framework | |
➜ ~ bundle install | |
``` | |
安装完毕后, 配置数据库连接文件 | |
``` | |
➜ ~ vi /usr/local/share/metasploit-framework/config/database.yml | |
``` | |
``` | |
production: | |
adapter: postgresql | |
database: msf | |
username: msf | |
password: <password> | |
host: 127.0.0.1 | |
port: 5432 | |
pool: 75 | |
timeout: 5 | |
``` | |
`source` `oh-my-zsh` 去 load 数据库的参数. | |
``` | |
➜ ~ source /etc/profile | |
➜ ~ source ~/.oh-my-zsh | |
// or if you use bash | |
➜ ~ source ~/.bash_profile | |
``` | |
``` | |
➜ metasploit-framework git:(master) ✗ msfconsole | |
[*] Starting the Metasploit Framework console...| | |
, , | |
/ \ | |
((__---,,,---__)) | |
(_) O O (_)_________ | |
\ _ / |\ | |
o_o \ M S F | \ | |
\ _____ | * | |
||| WW||| | |
||| ||| | |
=[ metasploit v4.10.1-dev [core:4.10.1.pre.dev api:1.0.0]] | |
+ -- --=[ 1375 exploits - 768 auxiliary - 222 post ] | |
+ -- --=[ 342 payloads - 37 encoders - 8 nops ] | |
+ -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ] | |
msf > | |
``` | |
## 参考 | |
1. [Installing Ruby 1.9.3 on Yosemite with RVM](http://jasdeep.ca/2014/06/installing-ruby-1-9-3-mac-os-yosemite-rvm/) | |
2. [Nokorigi wiki](http://www.nokogiri.org/tutorials/installing_nokogiri.html) | |
3. [Install Nokorigi manually](http://qiita.com/tarr1124/items/3ef609961b3c425a75b9) | |
4. [Installing metasploit framework on Yosemiste](http://hackerforhire.com.au/installing-metasploit-framework-on-os-x-yosemite/) | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
gj pal