ღ Miranda

Mac安装Metasploit-Framwork

在mac上安装Metasploit-Framwork,并且可以使用全部功能。

安装

从这个地址下载安装包https://osx.metasploit.com/metasploitframework-latest.pkg,下载完直接运行安装,然后在命令行直接输入msfconsole就可以打开控制台:

$ msfconsole
[*] Starting the metasploit Framework console.../

...

msf >

但是这仅仅是一部分,要使用附带用具还要一些配置。

配置使用附带工具

Metasploit-Framworktools目录下有很多实用的工具,比如常用的pattern_createnasm_shell等,但在使用前要配置环境。

升级Mac的Ruby

Mac自带的Ruby版本较低,无法满足需要,所以我们要升级Ruby版本,我不打算使用rvm,我打算使用更方便的方法,先用homebrew工具安装最新版本:

$ brew install ruby

配置环境变量把/usr/local/Cellar/ruby/2.4.1_2/bin放在PATH的开头:

$ which ruby
/usr/bin/ruby
$ vim .zshrc
$ source .zshrc
$ which ruby
/usr/local/Cellar/ruby/2.4.1_2/bin/ruby
$ ruby -v
ruby 2.4.1p111 (2017-03-22 revision 58053) [x86_64-darwin16]

成功更新为2.4.1。

配置gem和bundle

gem自带的源速度较慢,改为国内的源:

$ gem sources --add https://ruby.taobao.org/
$ gem sources --remove https://rubygems.org/
$ gem  sources -l
*** CURRENT SOURCES ***

https://ruby.taobao.org/
$ bundle config mirror.https://rubygems.org https://ruby.taobao.org

bundle也需要升级:

$ gem install bundler

bundle install

切换到pattern_create.rb所在目录,因为其中包含gem文件,可以执行bundle install:

$ bundle install
Fetching gem metadata from https://ruby.taobao.org/...........
Fetching version metadata from https://ruby.taobao.org/...
Fetching version metadata from https://ruby.taobao.org/...
Fetching dependency metadata from https://ruby.taobao.org/..
Resolving dependencies...
Rubygems 2.0.14.1 is not threadsafe, so your gems will be installed one at a time. Upgrade to Rubygems 2.1.0 or higher to enable parallel gem installation.
Fetching rake 12.0.0
...

可能会报错,比如:

...
checking for pg_config... no
No pg_config... trying anyway. If building fails, please try again with
 --with-pg-config=/path/to/pg_config
checking for libpq-fe.h... no
Can't find the 'libpq-fe.h header
*** extconf.rb failed ***
Could not create Makefile due to some reason, probably lack of necessary
libraries and/or headers.  Check the mkmf.log file for more details.  You may
need configuration options.
...

需要指定pg_config目录单独安装:

$ gem install pg -v '0.20.0' -- with-pg-config=/opt/metasploit-framework/embedded/framework/pg_config
Building native extensions with: 'with-pg-config=/opt/metasploit-framework/embedded/framework/pg_config'
This could take a while...
Successfully installed pg-0.20.0
Parsing documentation for pg-0.20.0
Installing ri documentation for pg-0.20.0
Done installing documentation for pg after 1 seconds
1 gem installed

然后再执行:

$ bundle install
...
...
Using metasploit-framework 4.16.5 from source at `.`
Bundle complete! 12 Gemfile dependencies, 121 gems now installed.
Use `bundle info [gemname]` to see where a bundled gem is installed.
$

有其他报错的话都可以单独安装,这样就说明安装结束了,测试:

$ ./pattern_create.rb -l 5
Aa0Aa
$ ./nasm_shell.rb
nasm > jmp esp
00000000  FFE4              jmp esp
nasm >

发表评论

电子邮件地址不会被公开。