User:Axper/sandbox/metasploit
From the official site:
- Consider the MSF to be one of the single most useful auditing tools freely available to security professionals today. From a wide array of commercial grade exploits and an extensive exploit development environment, all the way to network information gathering tools and web vulnerability plugins. The Metasploit Framework provides a truly impressive work environment. The MSF is far more than just a collection of exploits, it's an infrastructure that you can build upon and utilize for your custom needs. This allows you to concentrate on your unique environment, and not have to reinvent the wheel.
Currently, Metasploit requires to setup and configure Postgresql on target system to work. This wiki will show how to get metasploit-git working with a Postgresql database.
Installation
Install metasploitAUR from AUR.
Alternatively, the development version metasploit-gitAUR is also available, but requires additional configuration.
Setting up the database
msfconsole
will be prefixed with msf >
in this article.Metasploit can be used without a database, but cache operations like searching will be very slow.
This section will show how to set up Metasploit with Postgresql database server.
Follow the postgresql article and create a new database called msf3
.
Start msfconsole
and type:
msf > db_connect user@msf3
where user is your linux user's name.
Rebuild the database cache:
msf > db_rebuild_cache
Metasploit will rebuild the cache in the background, and you can contiue running commands meanwhile.
top
or htop to monitor the status of cache building. During the process, Ruby/Postgres/Metasploit processes will eat up 50% of CPU time.Interfaces
There are several interfaces available for Metasploit.
msfconsole
msfconsole
interface provides the most features available in MSF.
To start it, simply type msfconsole
. The prompt will change to msf >
to indicate it's waiting for commands.