... net.sf.xss-html-filter xss-html-filter 1.1 xss-html-filter releases xss-html-filter Releases Repository http://xss-html-filter.sf.net/releases/ Computer Hacks and tricks: How to Fix Metasploit in Backtrack 5 R3

Wednesday, January 8, 2014

How to Fix Metasploit in Backtrack 5 R3

If you are a big fan of backtrack 5 R3 and don't want to switch to kali linux there are some things you need to fix before you can make it up to date. And one of them is Metasploit. if you run msfupdate and you get a screen asking for the password not WARNING DO NOT type random password if you guess it it will brake the metasploit. 
So lets start 

1) Load the Metasploit environment options

After opening a terminal session:
source /opt/metasploit/scripts/setenv.sh
This gets everything set in your path correctly -- namely, a path to a nicer ruby.

2) Remove the broken SVN checkout:

rm -rf /opt/metasploit/msf3 && mkdir /opt/metasploit/msf3
This is destructive, obviously. You will want to remake the directory in the same place so BackTrack doesn't loose track of where your Metasploit install lives.

3) Run the msfclone staging script from GitHub, with only a couple of minor alterations:

\curl -LO http://curl.haxx.se/ca/cacert.pem && \ 
  CURL_CA_BUNDLE=$PWD/cacert.pem curl -L http://r-7.co/UsEqxW > msfclone.rb &&  \
  MSFBASE=/opt/metasploit/msf3 ruby msfclone.rb
This fetches the most recent Certificate Authorities from Mozilla (hosted by those wacky curl devs), then fetches a Metasploit-upon-GitHub bootstrapper, then reinstalls Metasploit Framework as a Git repo to /opt/metasploit/msf3
Note, if you're in a restricted environment that doesn't allow connections over the Git protocol (for some reason) set a couple environment variables to use HTTPS instead:
export GIT=/usr/bin/git
That's it! You can now use the BackTrack menu item:
Applications > BackTrack > Exploitation > Network Exploitation > Metasploit Framework > msfconsole
Or type /opt/metasploit/msf3/msfconsole and you're off to the races. Note that using the menu item automatically connects to the database as well, so that's nice.
From this moment on, msfupdate will update using Git, not SVN, so life should be considerably better for you.
Caveat: This won't work on the LiveCD version of the BackTrack 5 ISO, looks like. There's not enough disk space by default. This only works on installed / VMWare versions of BackTrack 5

Stuck ? 

Copy paste this and hit [Enter] at the prompt if it looks right to you.
source /opt/metasploit/scripts/setenv.sh && \
rm -rf /opt/metasploit/msf3 && mkdir -p /opt/metasploit/msf3 && \
\curl -LO http://curl.haxx.se/ca/cacert.pem && \ 
CURL_CA_BUNDLE=$PWD/cacert.pem \curl -L http://r-7.co/UsEqxW > msfclone.rb && \
MSFBASE=/opt/metasploit/msf3 ruby msfclone.rb

Still too long? Try this, the unattended one-liner:
\curl -kL http://r-7.co/RWxizr | bash
If you need HTTPS instead of Git protocol, do this:
\curl -kL http://r-7.co/RWxizr | MSFPROTOCOL=HTTPS GIT=/usr/bin/git bash
This should work on any 4.4 or earlier installation of Metasploit. Metasploit 4.5 already uses GitHub as the primary source so there's no need to update. In fact, it'll work on Metasploit 4.5 as well, and is now being called automatically by apt-get install metasploit on B5R3 latest. 
Now Thanks For Reading Make sure to smash the +1 button ;) 
~John Smith 

No comments:

Post a Comment