If you have never heard of the Metasploit Framework or Armitage then this guide is especially for you! Metasploit is a UNIX-based program/framework/lifestyle that should be a primary tool in every aspiring "hacker" toolbox.
Metasploit can be described as a tool for developing and executing exploit code against a remote target machine. Armitage is a GUI to be used along with the Metasploit Framework. These are probably the absolute most generic descriptions and honestly do nowhere near the amount of justice these programs deserve, but you get the picture.
Typically the only way to gain access to Metasploit and Armitage is if you were to either install and configure them individually on Ubuntu/Debian (or other Linux Distro), or by running Kali Linux. Kali Linux comes with Metasploit and Armitage installed out-of-the-box and Ubuntu/Debian you can find how to install them from our good ol' Professor Google ;) This guide is for those of you whom wish to gain access to the endless potential these programs have to offer, but are either unable (or simply do not want to) install Linux on OS X.
Before we begin I'd just like to say a few things... Whatever you do with the tools provided is your own business, so it should go without saying that any repercussions of your actions you take using the information found here is ALSO your own to deal with. I can not, will not, and shall not, under any circumstances, be held accountable for any trouble you may get yourself into because of any irresponsibility. You have been warned.
INSTALLING METASPLOIT FRAMEWORK
This guide is written from the perspective of the latest OS X 10.11.5 El Capitan. If you are not running El Capitan then feel free to follow this guide anyways, but if you run into problems I will not be able to immediately help you because I do not have a copy of OS X 10.10 Yosemite (I wish I did!).
INSTALL XCODE AND THE XCODE COMMAND LINE DEVELOPMENT TOOLS
- Open up the Mac App Store and search for Xcode. The app is about 5-6 Gigabytes in size and takes quite a while to download, so definitely be sure to do this step right away if before reading ahead. The app icon is shown below for reference...
- Now open up the Terminal and type:
A window will pop up. Just click the blue "Install" box in the bottom right to proceed.
INSTALL JAVA AND HOMEBREW
Next you'll need to download and install Java Runtime Environment 8 (JRE) AND Java Develpment Kit 8 (JDK). Open a browser to the following links and make sure you download the OS X variants:
Now open up the terminal again and type the following:
ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
- Type the following commands to install everything from homebrew needed to run Metasploit:
brew tap homebrew/versions
brew tap homebrew/dupes
brew install nmap
brew install homebrew/versions/ruby22
- Configure your environment variables to use our new ruby version by typing:
echo PATH=/usr/local/Cellar/ruby22/2.2.5/bin:/usr/local/bin:/usr/local/sbin:$PATH >> ~/.bash_profile
- Now we install the database for Metasploit by typing:
brew install postgresql --without-ossp-uuid
- IF YOU ALREADY HAVE AN EXISTING POSTGRES INSTALLATION THEN IN ORDER TO PROCEED YOU MUST FOLLOW THESE STEPS! IF YOU DID NOT ALREADY HAVE A POSTGRES INSTALLATION THEN CONTINUE TO STEP 5!
sudo chown -R $(whoami) /usr/local/var/postgres
sudo rm -rf /usr/local/var/postgres
pg_ctl -D /usr/local/var/powtgres/ -l logfile start
initdb -D /usr/local/var/postgres/
- Now in order to make postgreSQL start up in the background at boot time type the following:
mkdir -p ~/Library/LaunchAgents
Now open up the Finder to /usr/local/Cellar/postgresql. Open the folder inside which will either be or look like "9.4.5". Locate the file inside "homebrew.mxcl.postgresql.plist" and copy this file into the folder ~/Library/LaunchAgents you just created. Now start postgreSQL by typing:
launchctl load -w ~/Library/LaunchAgents/homebrew.mxcl.postgresql.plist
Now create the users that you are going to call upon when logging in by typing:
createuser msf -P -h localhost && createdb msf msf -h localhost
- In order for Armitage to run it needs to operate on a specifically configured VNC. OS X has a built in VNC just for situations like this. Modify it to our liking by typing the following:
echo '#!/usr/bin/env bash'>> /usr/local/bin/vncviewer && echo open vnc://\$1 >> /usr/local/bin/vncviewer && chmod +x /usr/local/bin/vncviewer
- The following command will install all the necessary components for Metasploit:
gem install pg sqlite3 msgpack activerecord redcarpet rspec simplecov yard bundler
THE INFORMATION FROM THIS POINT I DID NOT CREATE MYSELF. I DO NOT CLAIM TO HAVE WRITTEN THIS NOR DO I CLAIM ANY OWNERSHIP OF SAID INFORMATION. THIS IS STRICTLY FOR INFORMATIONAL PURPOSES ONLY, ALL CREDIT GOES TO THE ORIGINAL GUIDE CREATOR AT hackerforhire.com
IN PREPARATION FOR METASPLOIT
- cd /usr/local/share/
- git clone https://github.com/rapid7/metasploit-framework.git
- for MSF in $(ls msf*); do ln -s /usr/local/share/metasploit-framework/$MSF /usr/local/bin/$MSF;done
- sudo chmod go+w /etc/profile
- sudo echo export MSF_DATABAST_CONFIG=/usr/local/share/metasploit-framework/config/database.yml >> /etc/profile
- /usr/local/Cellar/ruby22/2.2.5/bin/bundle install
After everything has finished installing open up a new terminal and type the following:
brew install nano && sudo nano /usr/local/share/metasploit-framework/config/database.yml
Now take a look at this example picture. Add the information that you see from the picture EXACTLY into your screen. Make sure you type the same password from the earlier "createuser" and "createdb" commands. To save and quit hit "Ctrl+O" "Enter" "Ctrl+X".
You're almost there! Just a few more commands into the terminal and you'll be hacking in no time! The next pages have commands that are intimidating. If you are unfamiliar with Perl then just make sure that you triple check that you are typing these commands EXACTLY as you see them. It is hard to follow but I have faith in you! Return to your Terminal and begin by typing:
source /etc/profile && source ~/.bash_profile
Now we are going to run Metasploit for a moment and initialize the database we just spent so much time creating. Don't get too excited yet though! We'll be exiting to install Armitage, at which point you can do whatever you'd like :) Issue the following command:
cd /usr/local/share/metasploit-framework && ./msfconsole
Close the screen after you see a successful login into the Metasploit Framework (see example below!)
Open up your terminal for the final time of this tutorial and issue the following commands CAREFULLY:
brew install pidof
curl -# -o /tmp/armitage.tgz http://www.fastandeasyhacking.com/download/armitage-latest.tgz
tar -xvzf /tmp/armitage.tgz -C /usr/local/share
bash -c "echo \'/usr/bin/java\' -jar /usr/local/share/armitage/armitage.jar \$\*" > /usr/local/share/armitage/armitage
perl -pi -e 's/armitage.jar/\/usr\/local\/share\/armitage\/armitage.jar/g' /usr/local/share/armitage/teamserver
ln -s /usr/local/share/armitage/armitage /usr/local/bin/armitage
ln -s /usr/local/armitage/teamserver /usr/local/bin/teamserver
If everything went well then you should be able to open up Metasploit and Armitage at any time by opening up a Terminal and typing:
sudo -E msfconsole
sudo -E armitage
You'll know that you have done it correctly in you are shown a screen that looks like this...