Wednesday, January 8, 2014

How to Fix Metasploit in Backtrack 5 R3

If you are a big fan of backtrack 5 R3 and don't want to switch to kali linux there are some things you need to fix before you can make it up to date. And one of them is Metasploit. if you run msfupdate and you get a screen asking for the password not WARNING DO NOT type random password if you guess it it will brake the metasploit. 
So lets start 

1) Load the Metasploit environment options

After opening a terminal session:
source /opt/metasploit/scripts/setenv.sh
This gets everything set in your path correctly -- namely, a path to a nicer ruby.

2) Remove the broken SVN checkout:

rm -rf /opt/metasploit/msf3 && mkdir /opt/metasploit/msf3
This is destructive, obviously. You will want to remake the directory in the same place so BackTrack doesn't loose track of where your Metasploit install lives.

3) Run the msfclone staging script from GitHub, with only a couple of minor alterations:

\curl -LO http://curl.haxx.se/ca/cacert.pem && \ 
  CURL_CA_BUNDLE=$PWD/cacert.pem curl -L http://r-7.co/UsEqxW > msfclone.rb &&  \
  MSFBASE=/opt/metasploit/msf3 ruby msfclone.rb
This fetches the most recent Certificate Authorities from Mozilla (hosted by those wacky curl devs), then fetches a Metasploit-upon-GitHub bootstrapper, then reinstalls Metasploit Framework as a Git repo to /opt/metasploit/msf3
Note, if you're in a restricted environment that doesn't allow connections over the Git protocol (for some reason) set a couple environment variables to use HTTPS instead:
export MSFPROTOCOL=HTTPS
export GIT=/usr/bin/git
That's it! You can now use the BackTrack menu item:
Applications > BackTrack > Exploitation > Network Exploitation > Metasploit Framework > msfconsole
Or type /opt/metasploit/msf3/msfconsole and you're off to the races. Note that using the menu item automatically connects to the database as well, so that's nice.
From this moment on, msfupdate will update using Git, not SVN, so life should be considerably better for you.
Caveat: This won't work on the LiveCD version of the BackTrack 5 ISO, looks like. There's not enough disk space by default. This only works on installed / VMWare versions of BackTrack 5

Stuck ? 

Copy paste this and hit [Enter] at the prompt if it looks right to you.
source /opt/metasploit/scripts/setenv.sh && \
rm -rf /opt/metasploit/msf3 && mkdir -p /opt/metasploit/msf3 && \
\curl -LO http://curl.haxx.se/ca/cacert.pem && \ 
CURL_CA_BUNDLE=$PWD/cacert.pem \curl -L http://r-7.co/UsEqxW > msfclone.rb && \
MSFBASE=/opt/metasploit/msf3 ruby msfclone.rb
Still too long? Try this, the unattended one-liner:
\curl -kL http://r-7.co/RWxizr | bash
If you need HTTPS instead of Git protocol, do this:
\curl -kL http://r-7.co/RWxizr | MSFPROTOCOL=HTTPS GIT=/usr/bin/git bash
This should work on any 4.4 or earlier installation of Metasploit. Metasploit 4.5 already uses GitHub as the primary source so there's no need to update. In fact, it'll work on Metasploit 4.5 as well, and is now being called automatically by apt-get install metasploit on B5R3 latest. 
Now Thanks For Reading Make sure to smash the +1 button ;) 
~John Smith 
at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

how to make a batch file to crash windows

here is the "code" %0|%0 paste that in a notepad and save it as whateveryou want.bat for example lol.bat by running this it...

  • Smartd0rk3r
    Smartd0rk3r is a python script that performs dork searching and searches for local file inclusion and SQL injection errors. It is based on...
  • 100th Post
    So I have written 100 posts in under two months I think that this is a big achievment please follow and like this post so I can continue to...
  • Hacking with Kali linux ( Pdf download)
    Kali Linux although it sounds like slang for California,  Kali through the phases of the penetration testing life cycle; one major tool fr...