您的位置：首页 > 编程语言 > ASP

debian(ubuntu)下源码安装metasploit + mysql

2010-07-10 01:55 501 查看

如果要使用metasploit的高级功能或进行扩展开发的话，最好还是在linux下用。windows下的installer固然很方便，

但如果想要配合mysql数据库的话就太难了，说白了，metasploit在windows下的安装程序，其实就是在windows下

装了个cygwin，模拟linux环境，速度奇慢不说，运行exploit还容易出错。最恼人的还是cygwin下与windows中mysql

数据库的连接问题，想装ruby-mysql，一个接一个的报错让人疯掉，浪费那么多时间真的不值。

########################################################

PART1

试验成功的版本：

OS：debian5.0.3,ubuntu8.04

mysql:5.0.67,5.0.51

ruby:1.9.1

metasploit:3.4.0

########################################################

PART2

总体步骤：

1.安装mysql5.0.*,及开发包libmysqlclient15-dev

2.安装ruby1.9.1，rubygem,(rails),ruby-mysql2.8.1

3.安装metasloit

1.安装mysql5.0.*,及开发包libmysqlclient15-dev

apt-get...

若不行，就去mysql官网下载安装包或源码包。

2.安装ruby1.9.1,两种方法

(1)参照RUBY官网说明，apt-getinstallruby1.9.1-full

(2)源码安装

先装依赖，再装ruby解释器

apt-getinstallbuild-essentiallibreadline-dev,libz-dev,autoconf,bison

从debian官网下载ruby源码包或.deb文件。http://packages.qa.debian.org/r/ruby1.9.1.htmlhttp://packages.debian.org/search?searchon=sourcenames&keywords=ruby1.9事后发现下载的包里包含了相关依赖，上面的apt-get也许就不用了。

注：从ruby官网上下的包可能安装不成功，如果依赖没装齐的话。

3.源码安装metasploit3.4.0

先下载源码，再参照安装文档说明的步骤（前面步骤可跳过）进行安装。

InstallationonUbuntuLinux¶

TheMetasploitFrameworkiswell-supportedontheUbuntuplatform.ThefollowinginstructionsshouldalsoapplytoKubuntu,Xubuntu,andDebian.

IftheseinstructionsdonotworkforyourversionofUbuntu,pleasetrytheGenericLinuxinstructionsinstead.

Dependencies¶

InstalltheRubydependencies:

$sudoapt-getinstallrubylibopenssl-rubylibyaml-rubylibdl-rubylibiconv-rubylibreadline-rubyirbrirubygems

InstalltheSubversionclient:

$sudoapt-getinstallsubversion

Inordertobuildthenativeextensions(pcaprub,lorcon2,etc),thefollowingpackagesneedtobeinstalled:

$sudoapt-getbuild-depruby
$sudoapt-getinstallruby-devlibpcap-dev

Databasesupport¶

Inordertousethedatabasefunctionality,RubyGemsalongwiththeappropriatedriversmustbeinstalled:

$sudoapt-getinstallrubygemslibsqlite3-dev
$sudogeminstallsqlite3-ruby

OrforMySQL:

$sudoapt-getinstallrubygemslibmysqlclient-dev
$sudogeminstallmysql

Framework¶

Oncethedependencieshavebeeninstalled,downloadtheUnixtarballfromthedownloadpageandrunthefollowingcommands:

$tarxfframework-3.X.tar.gz
$sudomkdir-p/opt/metasploit3
$sudocp-amsf3//opt/metasploit3/msf3
$sudochownroot:root-R/opt/metasploit3/msf3
$sudoln-sf/opt/metasploit3/msf3/msf*/usr/local/bin/

Extensions¶

TheframeworkincludesafewnativeRubyextensionsthatmustbecompiledinordertousecertaintypesofmodules.

Toenablerawsocketmodules:

$sudoapt-getinstalllibpcap-dev
$sudobash
#cd/opt/metasploit3/msf3/external/pcaprub/
#rubyextconf.rb
#make&&makeinstall

ToenableWiFimodules:

$sudobash
#cd/opt/metasploit3/msf3/external/ruby-lorcon2/
#svncohttps://802.11ninja.net/svn/lorcon/trunklorcon2
#cdlorcon2
#./configure--prefix=/usr&&make&&makeinstall
#cd..
#rubyextconf.rb
#make&&makeinstall

Updates¶

TheMetasploitFrameworkisupdateddailywiththelatestexploits,payloads,features,andbugfixes.Toupdateyourinstallationoftheframework:

$sudosvnupdate/opt/metasploit3/msf3/

Thiscanalsobeinstalledintotherootuser'scrontab:

$sudocrontab-e-uroot#enterthelinebelow
1****/usr/bin/svnupdate/opt/metasploit3/msf3/>>/var/log/msfupdate.log2>&1

注：安装过程中,lorcon2可能更新失败，这是由于svn地址及参数错误，可goole一下lorcon，在其官网上找到正确的svn地址。

运行msfconsole会提示openssl-ruby没有安装，许多功能无法使用。。。

我尝试用apt-getinstalllibopenssl-ruby1.9不行，就源码安装了，参考一位网友的做法（已转载至ruby栏目）。

成功运行后的界面如下：

msf>db_drivermysql
[*]Usingdatabasedrivermysql
msf>db_driver
[*]ActiveDriver:mysql
[*]Available:mysql

[*]DBSupport:Enablethesqlite3driverwiththefollowingcommand:
[*]$geminstallsqlite3-ruby
[-]Notethatsqliteisnotsupportedduetonumerousissues.
[-]Itmaywork,butdon'tcountonit

[*]DBSupport:Enablethepostgresqldriverwiththefollowingcommand:
[*]*Thisrequireslibpq-devandabuildenvironment
[*]$geminstallpostgres
[*]$geminstallpg#isanalternativethatmaywork

msf>db_connect
[*]Usage:db_connect<user:pass>@<host:port>/<database>
[*]Examples:
[*]db_connectuser@metasploit3
[*]db_connectuser:pass@192.168.0.2/metasploit3
[*]db_connectuser:pass@192.168.0.2:1500/metasploit3
msf>db_connectadmin:0@msf3
msf>db_nmap
[*]Usage:db_nmap[nmapoptions]
msf>db_nmap192.168.0.1

StartingNmap4.62(http://nmap.org)at2010-07-1001:12CST
Interestingportson192.168.0.1:
Notshown:1708closedports
PORTSTATESERVICE
21/tcpopenftp
80/tcpopenhttp
135/tcpopenmsrpc
139/tcpopennetbios-ssn
445/tcpopenmicrosoft-ds
912/tcpopenunknown
3306/tcpopenmysql
MACAddress:00:50:56:C0:00:01(VMWare)

msfconsole已在本机成功创建一批数据库表，nmap的扫描结果就存放其中。。。

内容来自用户分享和网络整理，不保证内容的准确性，如有侵权内容，可联系管理员处理

标签：

相关文章推荐

新的分享

章节导航