public
Last active

Fixing and updating Metasploit on BackTrack5, R3

  • Download Gist
msf-backtrack5r3.md
Markdown

Metasploit on BackTrack5, Revision 3 (BT5R3)

Significantly easier than the Windows install, since you're pretty much already there. You just need to remove the broken SVN checkout and get onto the new Git hotness. If you just want the one-liner fix, scroll to the bottom of this page.

1) Load the Metasploit environment options

After opening a terminal session:

source /opt/metasploit/scripts/setenv.sh

This gets everything set in your path correctly -- namely, a path to a nicer ruby.

2) Remove the broken SVN checkout:

rm -rf /opt/metasploit/msf3 && mkdir /opt/metasploit/msf3

This is destructive, obviously. You will want to remake the directory in the same place so BackTrack doesn't loose track of where your Metasploit install lives.

3) Run the msfclone staging script from GitHub, with only a couple of minor alterations:

\curl -LO http://curl.haxx.se/ca/cacert.pem && \ 
  CURL_CA_BUNDLE=$PWD/cacert.pem curl -L http://r-7.co/UsEqxW > msfclone.rb &&  \
  MSFBASE=/opt/metasploit/msf3 ruby msfclone.rb

This fetches the most recent Certificate Authorities from Mozilla (hosted by those wacky curl devs), then fetches a Metasploit-upon-GitHub bootstrapper, then reinstalls Metasploit Framework as a Git repo to /opt/metasploit/msf3

Note, if you're in a restricted environment that doesn't allow connections over the Git protocol (for some reason) set a couple environment variables to use HTTPS instead:

export MSFPROTOCOL=HTTPS
export GIT=/usr/bin/git

That's it! You can now use the BackTrack menu item:

Applications > BackTrack > Exploitation > Network Exploitation > Metasploit Framework > msfconsole

Or type /opt/metasploit/msf3/msfconsole and you're off to the races. Note that using the menu item automatically connects to the database as well, so that's nice.

From this moment on, msfupdate will update using Git, not SVN, so life should be considerably better for you.

Caveat: This won't work on the LiveCD version of the BackTrack 5 ISO, looks like. There's not enough disk space by default. This only works on installed / VMWare versions of BackTrack 5

TL;DR

Copy paste this and hit [Enter] at the prompt if it looks right to you.

source /opt/metasploit/scripts/setenv.sh && \
rm -rf /opt/metasploit/msf3 && mkdir -p /opt/metasploit/msf3 && \
\curl -LO http://curl.haxx.se/ca/cacert.pem && \ 
CURL_CA_BUNDLE=$PWD/cacert.pem \curl -L http://r-7.co/UsEqxW > msfclone.rb && \
MSFBASE=/opt/metasploit/msf3 ruby msfclone.rb

Still too long? Try this, the unattended one-liner:

\curl -kL http://r-7.co/RWxizr | bash

If you need HTTPS instead of Git protocol, do this:

\curl -kL http://r-7.co/RWxizr | MSFPROTOCOL=HTTPS GIT=/usr/bin/git bash

This should work on any 4.4 or earlier installation of Metasploit. Metasploit 4.5 already uses GitHub as the primary source so there's no need to update. In fact, it'll work on Metasploit 4.5 as well, and is now being called automatically by apt-get install metasploit on B5R3 latest.

thanks ! it looks to be working ! well ..im doing that currently !

Thanks alot! You saved my life !

Im starting to comment on these things (online tutorials) as i learn more and things get harder...
thanx alot for this... you guys got me up and going..
i really dont like parroting commands tho... i understand what was done...
however, my experience was that i did not get the script to execute however i got the zip file...
that was enough for me to "feel my way in the dark" unzip :D
but really thanx, i was going thru a full install and i was determined to do it...
ran into this script but i got the concept and thats what matters...
install gems...
install rubies
get gold.

-The man that knows everything knows theres more to know

firstly
thanks a lot from a brand newbie ..lol
i found github when im trying to update
... apt/get update ...
and always got an error messege
yeah... learn to crawl before u learn to walk isn't it?
NB
i still dont know when i take "your step" is a right one
but thanks... i mean it

after fixing msfupdate problem,my msfconsole works fine.
but i am not able to open armitage.
when i click on armitage,a terminal with blinking cursor appears.
Nothing happens after that. :(
plz help me

after following the steps, I cannot start msfconsole. I get the following message:
Could not find bcrypt-ruby-3.1.2 in any of the sources
Run bundle install to install missing gems.

if I call opt/metasploit/msf3/msfconsole it throws the following error:
[*] Metasploit requires the Bundler gem to be installed
$ gem install bundler

I experience the very same issue as kirancse507 above :-(
This is my 3rd attempt from scratch now.
Is this 1 step forward and 5 steps backward a common experience using *NIX OSs?

In fact, here is the output from the command I ran `/opt/metasploit/msf3/msfupdate'

[] Attempting to update the Metasploit Framework...
[
] Checking for updates via git
[] Note: Updating from bleeding edge
HEAD is now at 1197426 Land PR #2881, @jvazquez-r7's mips stagers.
Already on 'master'
Already up-to-date.
[
] Updating gems...
/opt/metasploit/msf3/msfupdate:188:in require': no such file to load -- bundler (LoadError)
from /opt/metasploit/msf3/msfupdate:188:in
update_git!'
from /opt/metasploit/msf3/msfupdate:137:in block in run!'
from /opt/metasploit/msf3/msfupdate:135:in
chdir'
from /opt/metasploit/msf3/msfupdate:135:in run!'
from /opt/metasploit/msf3/msfupdate:292:in
'

In fact, here is the output from the command I ran `/opt/metasploit/msf3/msfupdate'

[] Attempting to update the Metasploit Framework...
[
] Checking for updates via git
[] Note: Updating from bleeding edge
HEAD is now at 1197426 Land PR #2881, @jvazquez-r7's mips stagers.
Already on 'master'
Already up-to-date.
[
] Updating gems...
/opt/metasploit/msf3/msfupdate:188:in require': no such file to load -- bundler (LoadError)
from /opt/metasploit/msf3/msfupdate:188:in
update_git!'
from /opt/metasploit/msf3/msfupdate:137:in block in run!'
from /opt/metasploit/msf3/msfupdate:135:in
chdir'
from /opt/metasploit/msf3/msfupdate:135:in run!'
from /opt/metasploit/msf3/msfupdate:292:in
'

Please sign in to comment on this gist.

Something went wrong with that request. Please try again.