Install Metasploit Framework on CentOS 9/8/7

In this article, we will discuss how to Install Metasploit Framework on CentOS 9/8/7 Linux distribution. If you’re new to the world of penetration testing, Metasploit Framework is a tool created by Rapid7 for penetration testing and discovering security vulnerabilities in IT environments & assets. It gives you the Infrastructure, content, and tools to perform extensive security auditing and penetration testing.

These are the minimum hardware requirements for running Metasploit Framework on any Linux machine.

• CPU – 2 GHz+ processor
• RAM – 4 GB RAM available (8 GB recommended)
• Disk Space – 1 GB available disk space (50 GB recommended)

Below are the core services of Metasploit Framework.

• PostgreSQL Database server – used by Metasploit to store data from a project.
• Ruby on Rails
• Metasploit service

Install Metasploit Framework on CentOS 9/8/7

Follow the steps below to install Metasploit Framework on CentOS Linux distribution.

Download Metasploit installer using wget or curl command.

curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall

Give the installer script execution bits.

chmod +x msfinstall

Then execute the installer to install Metasploit Framework on CentOS 8 / CentOS 7.

./msfinstall

Sample installation output:

....

Transaction Summary
========================================================================================================================================================
Install  1 Package

Total download size: 206 M
Installed size: 462 M
Downloading Packages:

The installer script will add Metasploit Framework repository to your repository list and install all tools required. If you have slower internet, the download may take a while.

Run the command to begin initial setup.

$ msfdb init 

 ** Welcome to Metasploit Framework Initial Setup **
    Please answer a few questions to get started.


Would you like to use and setup a new database (recommended)? yes
Creating database at /home/cloud-user/.msf4/db
Starting database at /home/cloud-user/.msf4/db...success
Creating database users
Writing client authentication configuration file /home/cloud-user/.msf4/db/pg_hba.conf
Stopping database at /home/cloud-user/.msf4/db
Starting database at /home/cloud-user/.msf4/db...success
Creating initial database schema
[?] Initial MSF web service account username? [cloud-user]: admin
[?] Initial MSF web service account password? (Leave blank for random password): 
Generating SSL key and certificate for MSF web service
Attempting to start MSF web service...success
MSF web service started and online
Creating MSF web service user admin
....

Store the MSF Web Service Credentials shown in the configuration output:

Creating MSF web service user admin

    ############################################################
    ##              MSF Web Service Credentials               ##
    ##                                                        ##
    ##        Please store these credentials securely.        ##
    ##    You will need them to connect to the webservice.    ##
    ############################################################

MSF web service username: admin
MSF web service password: password
MSF web service user API token: eee4cda702f0bdc0625c828cf56817dfd07a13c23e55000230f23fe33340ab0ef9e28f483e11312f


MSF web service configuration complete
The web service has been configured as your default data service in msfconsole with the name "local-https-data-service"

If needed, manually reconnect to the data service in msfconsole using the command:
db_connect --token eee4cda702f0bdc0625c828cf56817dfd07a13c23e55000230f23fe33340ab0ef9e28f483e11312f --cert /home/cloud-user/.msf4/msf-ws-cert.pem --skip-verify https://localhost:5443

The username and password are credentials for the API account:
https://localhost:5443/api/v1/auth/account


 ** Metasploit Framework Initial Setup Complete **

The installation of Metasploit Framework should be complete:

Check your Framework version using:

$ msfconsole --version
Framework Version: 6.4.4-dev-

Launching msfconsole

Now  that database is initialized, you can launch msfconsole

$ msfconsole
....
       =[ metasploit v6.4.4-dev-                          ]
+ -- --=[ 2410 exploits - 1242 auxiliary - 423 post       ]
+ -- --=[ 1465 payloads - 47 encoders - 11 nops           ]
+ -- --=[ 9 evasion                                       ]

Metasploit Documentation: https://docs.metasploit.com/

msf6 >

Verify database connectivity with the db_status command as shown below.

$ db_status
[*] Connected to msf. Connection type: postgresql.

Updating Metasploit Framework

To update your Metasploit Framework on Debian 10 / Debian 9. run the command:

$ msfupdate
Switching to root user to update the package
Checking for and installing update..
Dependencies resolved.
Nothing to do.
Complete!

Enjoy using Metasploit Framework for your Penetration testing operations. For more related content, check:

• How To Install Metasploit Framework on Debian
• Start Metasploit Framework on Kali Linux
• Install and Use Linux Malware Detect on CentOS / Fedora / Ubuntu / Debian
• How to Install Nessus Scanner on Ubuntu / Debian