[Installing Metasploit Framework on CentOS_RHEL 6]在CentOS_RHEL 6上安装Metasploit的框架【翻译】
标记声明:蓝色汉子为翻译上段英文内容,黄色文字为执行命令。英文水平有限,如有疏漏还请指出。文章出处 博客园-初行
All command in the guide need to be ran as root. To switch to root and have all the proper variables run:
在本教程中的所有命令需要使用root账户。切换到root账户保证所变量正确执行:
su -
Installing Dependencies
安装依赖关系
We start by making sure that we have the latest packages by updating the system using yum:
首先,我们要确保我们所使用yum更新系统拥有最新的软件包:
yum update
yum upgrade
Now that we know that we are running an updated system we can install all the dependent packages that are needed by Metasploit Framework:
现在我们知道,我们正在运行一个更新过的系统,我们可以安装所有需要通过Metasploit的框架的依赖包:
yum groupinstall 'Development Tools'
yum install sqlite-devel libxslt-devel libxml2-devel java-1.7.0-openjdk libpcap-devel nano openssl-devel zlib-devel libffi-devel gdbm-devel readline-devel nano wget
Installing Ruby 1.9.3
安装Ruby1.9.3
CentOS/RHEL is a solid operating system but sadly it does not tend to run the latest in term of packages so we have to compile and install by hand the YAML and Ruby 1.9.3 software.
CentOS/ RHEL操作系统非常的稳定,但遗憾的是它对最新的软件包不能很好支持,所以我们要手动编译和安装YAML和Ruby1.9.3。
First we download and install the latest version of YAML.
首先我们下载并安装最新的YAML版本。
cd /usr/src
wget http://pyyaml.org/download/libyaml/yaml-0.1.4.tar.gz
tar zxf yaml-0.1.4.tar.gz
cd yaml-0.1.4
./configure --prefix=/usr/local
make && make install
Now we download and install the latest version of Ruby 1.9.3
现在,我们下载并安装Ruby1.9.3的最新版本
cd /usr/src
wget http://ftp.ruby-lang.org/pub/ruby/1.9/ruby-1.9.3-p374.tar.gz
tar xvzf ruby-1.9.3-p374.tar.gz
cd ruby-1.9.3-p374
./configure --prefix=/usr/local --with-opt-dir=/usr/local/lib
make & make install
Installing Nmap
安装Nmap
One of the external tools that Metasploit uses for scanning that is not included with the sources is Nmap. Here we will cover downloading the latest source code for Nmap, compiling and installing:
其中一个是Metasploit的使用扫描的外部工具,Nmap不包含在源中。在这里,我们将介绍用于下载Nmap的最新的源代码,编译和安装:
cd /usr/src
svn co https://svn.nmap.org/nmap
cd nmap
./configure
make
make install
make clean
Configuring Postgre SQL Server
配置Postgre的SQL Server
The version that comes with CentOS/RHEL is quite old so we need to modify our system to install the latest from PostgreSQL directly. Open /etc/yum.repos.d/CentOS-Base.repo and add to the [base] and [update] sections:
CentOS/ RHEL中附带的版本很老,所以我们需要修改我们的系统可以直接安装最新的PostgreSQL的。打开/ etc / yum.repos.d/ CentOS-Base.repo,并加入到[base]和[updatge]部分:
exclude=postgresql*
Now we can install the Postgres official repository for CentOS 6 x64:
现在我们可以安装Postgres的官方库在CentOS6 x64的:
wget http://yum.postgresql.org/9.2/redhat/rhel-6-x86_64/pgdg-centos92-9.2-6.noarch.rpm
rpm -ivh pgdg-centos92-9.2-6.noarch.rpm
for X86 download: http://yum.postgresql.org/9.2/redhat/rhel-6-i386/pgdg-redhat92-9.2-7.noarch.rpm
X86版本的下载地址:
Fot RHEL 6 x64
对于REHEL 6 x64版本
wget http://yum.postgresql.org/9.2/redhat/rhel-6-x86_64/pgdg-redhat92-9.2-7.noarch.rpm
rpm -ivh pgdg-redhat92-9.2-7.noarch.rpm
for x86 download http://yum.postgresql.org/9.2/redhat/rhel-6-i386/pgdg-centos92-9.2-6.noarch.rpm
X86版本的下载地址:
To install Postgres and the necessary files we use yum:
要安装Postgres,我们必须使用的yum文件:
yum update
yum install postgresql92-server postgresql92-devel postgresql92
Now we initialize the server and configure it for automatic startup:
现在我们初始化服务器并将其配置为自动启动:
service postgresql-9.2 initdb
service postgresql-9.2 start
chkconfig postgresql-9.2 on
For when we compile the necessary gem for ruby we need to add the new install to our path so the compiler can find the binaries and libraries:
因为当我们编译所需的ruby gem包时我们需要添加新安装路径到我们的环境变量(path),这样编译器可以找到二进制文件和库:
echo export PATH=/usr/pgsql-9.2/bin:$PATH >> /etc/bashrc
source ~/.bashrc
We start by switching to the Postgres user so we can create the user and database that we will use for Metasploit
首先,我们切换到Postgres用户,这样可以创建我们将使用的Metasploit用户和数据库。
su - postgres
Now we create the user and Database, do record the database that you gave to the user since it will be used in the database.yml file that Metasploit and Armitage use to connect to the database.
现在,我们创建用户和数据库,并记录您给了用户,因为它会在Metasploit和Armitage 用于连接到数据库的database.yml文件要使用的数据库。
createuser msf -P -S -R -D
createdb -O msf msf
exit
exit
To allow the user we created to connect to Postgres we need to add to /var/lib/pgsql/9.2/data/pg_hba.conf file the following lines above the rest of the other configured settings:
要允许我们创建的用户连接到Postgres,我们需要添加以下行到/ var/lib/pgsql/9.2/data/pg_hba.conf文件上面的其他设置的其余部分:
local msf msf md5
hostmsf msf 127.0.0.1/8 md5
hostmsf msf ::1/128 md5
Restart the service:
重新启动服务:
service postgresql-9.2 start
Installing Metasploit Framework
安装Metasploit的框架
Once the packages have been install we need to install the required Ruby libraries that metasploit depends on:
一旦包已经安装,我们需要安装所需的Ruby库的Metasploit取决于:
gem install wirble pg sqlite3 msgpack activerecord redcarpet rspec simplecov yard bundler
We will download the latest version of Metasploit Framework via Git so we can use msfupdate to keep it updated:
我们将下载的Metasploit Framework的最新版本通过Git的,所以我们可以使用msfupdate保持更新:
cd /opt
git clone https://github.com/rapid7/metasploit-framework.git
cd metasploit-framework
Lets create the links to the commands so we can use them under any user and not being under the framework folder:
让我们创建于命令的链接,这样我们就可以使用它们在任何用户,而不是根据框架文件夹为:
bash -c 'for MSF in $(ls msf*); do ln -s /opt/metasploit-framework/$MSF /usr/local/bin/$MSF;done'
ln -s /opt/metasploit-framework/armitage /usr/local/bin/armitage
From the Metasploit-Framework folder lets use the Bundler Gem to install the properly supportted Gem versions:
从Metasploit框架文件夹允许使用Bundler Gem安装正确的被支持 gem版本:
bundle install
Lets create the database.yml file that will contain the configuration parameters that will be use by framework:
让我们创建一个被框架使并用包含配置参数的database.yml文件:
nano /opt/metasploit-framework/database.yml
Copy the YAML entries and make sure you provide the password you entered in the user creating step in the password field for the database:
复制YAML项目,并确保您提供您创建的步骤在密码字段为数据库中的用户输入的密码:
production:
adapter: postgresql
database: msf
username: msf
password:
host: 127.0.0.1
port: 5432
pool: 75
timeout: 5
Create and environment variable so it is loaded by Armitage and by msfconsole when running and load the variable in to your current shell:
由Armitage创建环境变量并,msfconsole运行时加载变量到当前的shell:
echo export MSF_DATABASE_CONFIG=/opt/metasploit-framework/database.yml >> /etc/bashrc
source ~/.bashrc
First Run
首次运行
Now we are ready to run Metasploit for the first time. My recommendation is to run it first under a regular user so the folders create under your home directory have the proper permissions. First time it runs it will create the entries needed by Metasploit in the database so it will take a while to load.
现在,我们已经准备好运行Metasploit的第一次。我的建议是先以普通用户身份下运行它,因此文件夹你的home目录下创建具有适当的权限。首次运行时会在数据库中创建所需的Metasploit项目,以便将需要一段时间来加载。
msfconsole