In this article, we will discuss how to Install Metasploit Framework on CentOS 8 / CentOS 7 Linux distribution. If you’re new to the world of penetration testing, Metasploit Framework is a tool created by Rapid7 for penetration testing and discovering security vulnerabilities in IT environments & assets. It gives you the Infrastructure, content, and tools to perform extensive security auditing and penetration testing.
Metasploit Framework Requirements
These are the minimum hardware requirements for running Metasploit Framework on any Linux machine.
- CPU – 2 GHz+ processor
- RAM – 4 GB RAM available (8 GB recommended)
- Disk Space – 1 GB available disk space (50 GB recommended)
Below are the core services of Metasploit Framework.
- PostgreSQL Database server – used by Metasploit to store data from a project.
- Ruby on Rails
- Metasploit service
Install Metasploit Framework on CentOS 8 / CentOS 7
Follow the steps below to install Metasploit Framework on CentOS 8 / CentOS 7 Linux distribution.
Download Metasploit installer using wget or curl command.
curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstallGive the installer script execution bits.
chmod +x msfinstallThen execute the installer to install Metasploit Framework on CentOS 8 / CentOS 7.
$ ./msfinstallSample installation output:
$ ./msfinstall
Switching to root user to update the package
Checking for and installing update..
Adding metasploit-framework to your repository list..Metasploit [=== Metasploit 153 kB/s | 246 kB 00:01
Dependencies resolved.
========================================================================================================================================================
Package Arch Version Repository Size
========================================================================================================================================================
Installing:
metasploit-framework x86_64 5.0.77+20200224112600~1rapid7-1.el6 metasploit 206 M
Transaction Summary
========================================================================================================================================================
Install 1 Package
Total download size: 206 M
Installed size: 462 M
Downloading Packages:The installer script will add Metasploit Framework repository to your repository list and install all tools required. If you have slower internet, the download may take a while.
Run the command to begin initial setup.
$ msfdb init
** Welcome to Metasploit Framework Initial Setup **
Please answer a few questions to get started.
Would you like to use and setup a new database (recommended)? yes
Creating database at /home/cloud-user/.msf4/db
Starting database at /home/cloud-user/.msf4/db...success
Creating database users
Writing client authentication configuration file /home/cloud-user/.msf4/db/pg_hba.conf
Stopping database at /home/cloud-user/.msf4/db
Starting database at /home/cloud-user/.msf4/db...success
Creating initial database schema
[?] Initial MSF web service account username? [cloud-user]: admin
[?] Initial MSF web service account password? (Leave blank for random password):
Generating SSL key and certificate for MSF web service
Attempting to start MSF web service...success
MSF web service started and online
Creating MSF web service user admin
....Store the MSF Web Service Credentials shown in the configuration output:
Creating MSF web service user admin
############################################################
## MSF Web Service Credentials ##
## ##
## Please store these credentials securely. ##
## You will need them to connect to the webservice. ##
############################################################
MSF web service username: admin
MSF web service password: password
MSF web service user API token: eee4cda702f0bdc0625c828cf56817dfd07a13c23e55000230f23fe33340ab0ef9e28f483e11312f
MSF web service configuration complete
The web service has been configured as your default data service in msfconsole with the name "local-https-data-service"
If needed, manually reconnect to the data service in msfconsole using the command:
db_connect --token eee4cda702f0bdc0625c828cf56817dfd07a13c23e55000230f23fe33340ab0ef9e28f483e11312f --cert /home/cloud-user/.msf4/msf-ws-cert.pem --skip-verify https://localhost:5443
The username and password are credentials for the API account:
https://localhost:5443/api/v1/auth/account
** Metasploit Framework Initial Setup Complete **The installation of Metasploit Framework should be complete:
Check your Framework version using:
$ msfconsole --version
Framework Version: 5.0.77-dev-Launching msfconsole
Now that database is initialized, you can launch msfconsole
$ msfconsole
MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMM MMMMMMMMMM
MMMN$ vMMMM
MMMNl MMMMM MMMMM JMMMM
MMMNl MMMMMMMN NMMMMMMM JMMMM
MMMNl MMMMMMMMMNmmmNMMMMMMMMM JMMMM
MMMNI MMMMMMMMMMMMMMMMMMMMMMM jMMMM
MMMNI MMMMMMMMMMMMMMMMMMMMMMM jMMMM
MMMNI MMMMM MMMMMMM MMMMM jMMMM
MMMNI MMMMM MMMMMMM MMMMM jMMMM
MMMNI MMMNM MMMMMMM MMMMM jMMMM
MMMNI WMMMM MMMMMMM MMMM# JMMMM
MMMMR ?MMNM MMMMM .dMMMM
MMMMNm `?MMM MMMM` dMMMMM
MMMMMMN ?MM MM? NMMMMMN
MMMMMMMMNe JMMMMMNMMM
MMMMMMMMMMNm, eMMMMMNMMNMM
MMMMNNMNMMMMMNx MMMMMMNMMNMMNM
MMMMMMMMNMMNMMMMm+..+MMNMMNMNMMNMMNMM
https://metasploit.com
=[ metasploit v5.0.77-dev- ]
+ -- --=[ 1973 exploits - 1087 auxiliary - 339 post ]
+ -- --=[ 559 payloads - 45 encoders - 10 nops ]
+ -- --=[ 7 evasion ]
msf5 > Verify database connectivity with the db_status command as shown below.
$ db_status
[*] Connected to remote_data_service: (https://localhost:5443). Connection type: http. Connection name: local-https-data-service.Updating Metasploit Framework
To update your Metasploit Framework on Debian 10 / Debian 9. run the command:
$ msfupdate
Switching to root user to update the package
Checking for and installing update..
Adding metasploit-framework to your repository list..Metasploit [=== Metasploit 3.0 kB/s | 3.0 kB 00:01
Package metasploit-framework-5.0.77+20200224112600~1rapid7-1.el6.x86_64 is already installed.
Dependencies resolved.
Nothing to do.
Complete!
Enjoy using Metasploit Framework for your Penetration testing operations. For more related content, check:
How To Install Metasploit Framework on Debian
Start Metasploit Framework on Kali Linux
Install and Use Linux Malware Detect on CentOS / Fedora / Ubuntu / Debian
How to Install Nessus Scanner on Ubuntu / Debian
