How to Install Metasploit on OS X Mavericks and Yosemite, an Updated Guide
Today I tried to install the Metasploit framework both on my Mavericks MacBook Pro and my Yosemite MacBook Air, unfortunately all the guides I’ve found seem to be quite outdated and various hacks are needed to make the actual process really work.
So I decided to write an updated guide on my blog, just in case someone else will need it ^_^
Requirements
First thing first, you will need to install some requirements, if you are a developer/hacker you will probably have them already, but you never know.
XCode Command Line Tools
Issue the following command on your terminal:
xcode-select --install
And choose the Install option to install XCode command line tools needed for compilation, etc.
Java
Make sure you have the latest Java SE JDK from Oracle, you can verify it issuing the command:
java -version
Otherwise download it from here and install it.
Homebrew
Homebrew is a package manager for OS X, well not really a package manager since it just manages “formulas”, which are basically build scripts for open source projects ( very much like Arch / Slackware Linux build scripts ), you will need it to install other libraries and binaries.
ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
Then update your PATH environment variable with the homebrew binary folder:
echo PATH=/usr/local/bin:/usr/local/sbin:$PATH >> ~/.bash_profile
source ~/.bash_profile
brew tap homebrew/versions
Nmap
Once you have homebrew installed, you can start using it ( NOTE: Don’t use it with sudo, it’s not required ):
brew install nmap
LibXML2
This is needed by the nokogiri gem:
brew install libxml2
PostgreSQL
brew install postgresql --without-ossp-uuid
PostgreSQL Configuration
Initialize the database ( you might already have this file, it’s not a problem ):
initdb /usr/local/var/postgres
Make sure it’s started after user login:
mkdir -p ~/Library/LaunchAgents
cp /usr/local/Cellar/postgresql/9.4.0/homebrew.mxcl.postgresql.plist ~/Library/LaunchAgents/
launchctl load -w ~/Library/LaunchAgents/homebrew.mxcl.postgresql.plist
( replace 9.4.0 with the version you have installed )
Create the db for the metasploit framework:
createuser msf -P -h localhost
createdb -O msf msf -h localhost
( Take note of the password you used, you will need it later )
Clone the Metasploit Repo
Time for metasploit itself:
cd /usr/local/share/
git clone https://github.com/rapid7/metasploit-framework.git
cd metasploit-framework
for MSF in $(ls msf*); do ln -s /usr/local/share/metasploit-framework/$MSF /usr/local/bin/$MSF;done
sudo chmod go+w /etc/profile
sudo echo export MSF_DATABASE_CONFIG=/usr/local/share/metasploit-framework/config/database.yml >> /etc/profile
HACK: Nokogiri Gem
This one is hackish, but that’s the way I’ve found to make it work:
bundle config build.nokogiri "--use-system-libraries --with-xml2-include=/usr/local/opt/libxml2/include/libxml2"
HACK: PG Gem
Another hackish one:
sudo env ARCHFLAGS="-arch x86_64" gem install pg
Other Gems
Finally, within the metasploit folder, use bundle to install the remaining gems:
bundle install
HACK: Fix the ‘robots’ Gem Permissions
If you will run msf as a normal user, you will have trouble with the robots gem, unless you fix its permissions:
sudo chmod o+r /Library/Ruby/Gems/2.0.0/gems/robots-0.10.1/lib/robots.rb
Create the Database Configuration
vim /usr/local/share/metasploit-framework/config/database.yml
Paste the following text:
production:
adapter: postgresql
database: msf
username: msf
password: PUT_YOUR_POSTGRESQL_PASSWORD_HERE
host: 127.0.0.1
port: 5432
pool: 75
timeout: 5
( keep the spacing since yml files are “space sensitive” )
And update your environment:
source /etc/profile
source ~/.bash_profile
Done
Well, you’re ready to go now, enjoy metasploit on OSX :)
msfconsole