Penetration testing helps you to evaluate the security of your systems by simulating an attack from a malicious source.
Metasploit Framework is a popular penetration testing platform that lets you find and exploit vulnerabilities in your systems. It is an open-source platform that provides a complete environment and set of tools which are required for penetration testing.
In this context, we shall look into how to install Metasploit Framework on Ubuntu 20.04 LTS.
Note that You should have sudo privileges on the system where you want to install and run the Metasploit framework.
Steps to install Metasploit Framework on Ubuntu Linux system
To install Metasploit Framework on Ubuntu system, we will use the installer file provided by the Rapid7 site. This installer file contains all the necessary tools required for the running of Metasploit Framework. To install Metasploit Framework on Ubuntu OS, simply follow the below steps.
1. Perform System Update
First, update your system repository index using the command below:
$ sudo apt update
2. Download Metasploit Framework installer
Now, we will download the Metasploit Framework installer on our Ubuntu machine. Move to the /tmp dir using the command below:
$ cd /tmp/
Then download the installer file for the Metasploit Framework using this command:
$ curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall
3. Make Metasploit installer file executable
Here, Make the installer file executable using the command below:
$ sudo chmod 755 msfinstall
4. Run Metasploit Framework installer
Now, run the Metasploit Framework installer:
$ sudo ./msfinstall
This will start installing the Metasploit Framework package on your system.
After the installation is completed, start msfconsole using the command below:
$ sudo msfconsole
- You will be asked if you want to setup a new database. Type yes and hit Enter.
- Then it will ask if you would like to initiate the web service. Type yes and hit Enter. After that, it will create the database.
- Then it will ask more information for the web service initiation. For web service account username, hit Enter to accept the default selected username or you can enter any other user account name. For web service account password, type any password or just hit Enter to set any random password.
- It will then display web service credentials that can be used to connect to the Metasploit Framework web service.
How to test Metasploit database connection ?
To test the database connection, use the below command in the msf prompt:
Remember, if you have not setup the database when running the msfconsole for the first time, you can setup it later using the command below:
$ msfdb init
How to Access Metasploit Web Interface ?
At this point, Metasploit is installed and listen on port 3790. You can access it using the URL https://localhost:3790. You should see the "New User Setup" screen.
Provide your login information, other settings, and click on the Create Account button. You should see the "Activate Your Metasploit License" page.
You can now get the product key, activate the License, and start working on the Metasploit framework.