Skip to content

Instantly share code, notes, and snippets.

@todb-r7
Created Nov 18, 2012
Embed
What would you like to do?
Metasploit in Four (or Three) Easy Steps (Windows)

Metasploit on Windows?

Why not? The Windows installers for Ruby, Git, and Curl all seem to not suck any more, and PowerShell is kinda fun to use, so let's check it out...

1) Download and install Ruby

Get the 1.9.3 version of Ruby from http://rubyinstaller.org/

2) Download and install Git

Get the 1.8.0 (or later) version of Git from msysgit

3) Download and install cURL (optional)

The easiest way to run the auto-cloner on the command line is to install Curl. You'll probably want Curl around anyway, because it's useful. To get the 64-bit or 32-bit version. "Installation" steps vary based on which you get -- for 64-bit, it's as simple as extracting the zip and referencing where you extracted it to in your Path variable.

Technically, though, this is optional. Read on.

4) Metasploit!

If you have curl available, just run the following, which incidentally, should work on any operating system that has curl, git, and Ruby around:

curl -L http://r-7.co/UsEqxW > msfclone.rb && ruby msfclone.rb

Otherwise, if you're on Windows Vista, 7, or something later, you have PowerShell, so use that:

powershell "[System.IO.File]::WriteAllLines('msfclone.rb',[string](new-object System.Net.WebClient).DownloadString('http://r-7.co/UsEqxW'))" && ruby msfclone.rb

Here's what you should end up with:

My windows 7 cmd.exe console

Of course, this installation is lacking things like database connectivity (or a database), libpcap libraries, and some fairly crucial Ruby gems, but this will get you going for development hax0ring. You will be able to write most normal modules using this setup. You probably want an editor -- try gVim for Windows. Posh-Git is a popular method to decorate your git prompts in PowerShell, too.

If you are not an exploit developer and you're looking for a proper, supported, and most importantly, fully functional version of Metasploit for Windows, get it for free here: http://www.rapid7.com/downloads/metasploit.jsp . These instructions are merely for the framework, and are mostly useful for developers and researchers.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment