The Metasploit Framework is an open-source project that provides public resources for vulnerability research and code development. It allows security professionals to detect intrusions into their network and identify threats and vulnerabilities in various areas such as software, systems, or networks. Metasploit comes jam-packed with existing exploits but gives the framework to create your own custom exploits.
In this tutorial, you will learn How to Install and use Metasploit on Ubuntu 20.04.
Prerequisites
- Recommended OS: Ubuntu 20.04 – optional (Ubuntu 21.04)
- User account: A user account with sudo or root access.
Install WGET package:
The tutorial will be utilizing the wget command so make sure wget is still as follows:
sudo apt install wget -yNote, if unsure, just run the command anyway; it will not hurt to do so.
Install Metasploit for Ubuntu 20.04
Download Metasploit
By default, Ubuntu 20.04 repository does not come with the software, so you will need to download the package installer. Luckily, Rapid 7, the company behind Metasploit, has an open-source installer that you can download to install the latest version.
Run the following command to download the Metasploit installer:
wget http://downloads.metasploit.com/data/releases/metasploit-latest-linux-x64-installer.runNow you will need to make the installer executable by giving it the +x permission as follows:
sudo chmod +x ./metasploit-latest-linux-x64-installer.runInstall Metasploit
The next step is to install Metasploit now, and this is a straightforward process. Run the following command in your terminal:
sudo ./metasploit-latest-linux-x64-installer.runNext, you will see a series of pop-ups which the tutorial will explain in steps.
Step 1. A welcome popup will be shown; click the Forward button to proceed with the installation.
Example:
Step 2. License agreement and terms will now be shown; click on the I accept the agreement and click the Forward button to proceed.
Example:
Step 3. The installation folder screen will be shown; next, most users leave it as the default unless you need to store it elsewhere. Click the Forward button to proceed to the next screen.
Example:
Step 4. Install as a service will be the next selection; this is user preference, so select YES OR NO, then click the Forward button to proceed.
Example:
Note, the default is to set YES.
Step 5. Disable Anti-Virus and Firewall will be shown next; obviously, given the nature of the software you are installing, it will likely interfere, so you will need to disable whatever firewalls and virus scanners you have on your system manually; once done, click on the Forward button.
Example:
Step 6. Metasploit Service SSL port, change or keep the default and click the Forward button.
Example:
Step 7. Generate an SSL Certificate, provide the hostname; if installing on the local system, use localhost. Once done, click the Forward button.
Example:
Step 8. Choose the Database port that Metasploit will utilize. The default should be fine for most users. Once done, click the Forward button.
Example:
Step 9. Choose the Thin service port, as with the previous Database port, and the default Thin port should suit most users. Once done, click the Forward button.
Example:
Step 10. The ready to install screen will appear; now click on the Forward button to finish the installation.
Example:
Now you will come to the finished window notifying you that you have successfully installed Metasploit and would like to Access the Metasploit Web UI now.
Example:
If you selected to access the Metasploit Web UI, you would come to a welcome screen below with some information about Metasploit and how it operates in your browser, and some points that you may need to know about the service.
Example:
From here, you can proceed to create a user account using the WebUI:
Lastly, enter the license key, which you can visit Rapid7 to attain by clicking the “GET PRODUCT KEY” link.
Example:
How Launch Metasploit in Terminal
Metasploit can be used in your Ubuntu terminal with a command-line utility named msfconsole.
Launch Metasploit in your terminal:
msfconsoleExample output:
Below are some common commands that you can use with Metasploit.
General Information
| Command | Description |
|---|---|
| msfconsole | Launch program |
| version | Display current version |
| msfupdate | Pull the weekly update |
makerc <FILE.rc> | Saves recent commands to file |
msfconsole -r <FILE.rc> | Loads a resource file |
Executing an Exploit / Scanner / Module
| Command | Description |
|---|---|
use <MODULE> | Set the exploit to use |
set payload <PAYLOAD> | Set the payload |
| show options | Show all options |
set <OPTION> <SETTING> | Set a setting |
| exploit or run | Execute the exploit |
Session Handling
| Command | Description |
|---|---|
| sessions -l | List all sessions |
sessions -i <ID> | Interact/attach to a session |
| background or ^Z | Detach from session |
Using the Database
The DB saves data found during exploitation. Auxiliary scan results, hash dumps, and credentials show up in the DB.
First Time Setup
| Command | Description |
|---|---|
| service postgresql Start | Start DB |
| msfdb Init | Init the DB |
Inside msfconsole Terminal
| Command | Description |
|---|---|
| db_status | Should say connected |
| hosts | Show hosts in DB |
| services | Show ports in DB |
| vulns | Show all vulns found |
Meterpreter Session Commands
The Meterpreter is a payload within the Metasploit Framework that controls an exploited target system, running as a DLL loaded inside any process on a target machine.
| Command | Description |
|---|---|
| sysinfo | Show system info |
| ps | Show running processes |
kill <PID> | Terminate a process |
| getuid | Show your user ID |
| upload / download | Upload/download a file |
| pwd / lpwd | Print working directory (local/remote) |
| cd / lcd | Change directory (local / remote) |
| cat | Show contents of a file |
edit <FILE> | Edit a file (vim) |
| shell | Drop into a shell on the target machine |
migrate <PID> | Switch to another process |
| hashdump | Show all PW hashes (Windows only) |
| idletime | Display idle time of user |
| screenshot | Take a screenshot |
| clearev | Clear the logs |
Escalate Privileges
| Command | Description |
|---|---|
| use priv | Load the script |
| getsystem | Elevate your privs |
| getprivs | Elevate your privs |
Token Stealing (Windows only)
| Command | Description |
|---|---|
| use incognito | Load the script |
| list_tokens -u | Show all tokens |
| impersonate_token | DOMAIN\USER Use token |
| drop_token | Stop using token |
Network Pivoting
| Command | Description |
|---|---|
portfwd [ADD/DELETE] -L <LHOST> -l 3388 -r <RHOST> -p 3389 | Enable port forwarding |
route add <SUBNET> <MASK> | Pivot through a session by adding a route within msf |
route add 192.168.0.0/24 | Pivot through a session by adding a route within msf |
route add 192.168.0.0/24 -d | Deleting a route within msf |
Finding an Exploit / Payload to Use
| Command | Description |
|---|---|
search <TERM> | Searches all exploits, payloads, and auxiliary modules |
| show exploits | Show all exploits |
| show payloads | Show all payloads |
| show auxiliary | Show all auxiliary modules (like scanners) |
| show all | * |
Comments and Conclusion
The tutorial has taught you how to install Metasploit on Ubuntu 20.04 and access the Web UI basics. Overall, you can perform pre-identified attacks such as password-free victim logging, webcam hacking, web server hacking, email server hacking, or generate exploits. Ideally, this is to be used for improving your network security and should be regarded as such.
