Installing Metasploit Framework on OS X Yosemite (Updated April 2015)

EDIT: The installation guide for OSX El Capitan can be found here: http://hackerforhire.com.au/installing-metasploit-framework-on-os-x-el-capitan/

This Guide is adapted from Carlos Perez’s Blog (http://www.darkoperator.com/installing-metasploit-framewor/) (which is a must read) with some additions and fixes to make the setup work on OS X Yosemite. This post should help to alleviate some common issues with installing ruby and the Metasploit Framework on OS X. The main issues being that OS X ships with a newer version of Ruby that is not compatible with Metasploit and the version of libiconv installed with OS X causes issues installing the Nokogiri gem.

Xcode and Command Line Development Tools

The first step is to ensure that Software Update has been run and that OS X is updated. Once OS X has been updated, It is time to install Xcode.

Mac App Store – Xcode

Once Xcode has been installed launch Xcode from Applications and agree to the SDK License Agreement.

Install Xcode developer tools  by typing:

xcode-select --install

Click Install in the dialog box that pops up and the package will be installed.


Java

Ensure that the latest versions of the Java 8 JRE and JDK are installed.

http://download.oracle.com/otn-pub/java/jdk/8u40-b27/jdk-8u40-macosx-x64.dmg
http://download.oracle.com/otn-pub/java/jdk/8u40-b27/jre-8u40-macosx-x64.dmg

Homebrew

Install homebrew by running the following command:

ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"

Once Homebrew installs, run ‘brew doctor’ to finalize the installation of homebrew.

brew doctor

Once homebrew is installed and set up, the PATH needs to be updated to ensure that all homebrew binaries are executed correctly.

echo PATH=/usr/local/bin:/usr/local/sbin:$PATH >> ~/.bash_profile

Once this is done, load the new $PATH by sourcing it.

source ~/.bash_profile

From here we need to ensure that both versions and dupes are loaded into homebrew (We load in dupes for later, as a dependency for nokogiri is located in here.)

brew tap homebrew/versions
brew tap homebrew/dupes

Homebrew Installs

Before Metasploit can be installed, some more dependencies should be installed via homebrew.

Nmap

This can be installed either via the dmg from their site, or via homebrew. Homebrew tends to keep their packages updated and it is quite easy to install and manage.

brew install nmap

Install Ruby 2.1.5

Now time for the part the most frequently causes issues. Ruby 2.1.5 is recommended as seen in this file. Since Homebrew doesn’t have 2.1.5 as an option, we’re going to take whatever 2.1.x it can give us. At the time of writing this, the version pulled was 2.1.5 which works perfectly for us.

brew install homebrew/versions/ruby21

Now, the most important part of the ruby installation, Ensuring that the ruby version you are running is in fact 2.1.5.

ruby –v

Installing and configuring PostgreSQL

Now, time to install the backend database that Metasploit uses.

brew install postgresql --without-ossp-uuid

If the Homebrew install did NOT complete this for you, the next step is to initialize the database for first time usage.

initdb /usr/local/var/postgres
us
As of 9.3.5_1 it looks like the homebrew installer wraps up by running this command for you.

Ensure that postgreSQL is set to launch on boot by issuing the following:

mkdir -p ~/Library/LaunchAgents
cp /usr/local/Cellar/postgresql/9.4.1/homebrew.mxcl.postgresql.plist ~/Library/LaunchAgents/

Start the PostgreSQL service:

launchctl load -w ~/Library/LaunchAgents/homebrew.mxcl.postgresql.plist

Create a new user msf* and a database msf with the user msf as the owner.

createuser msf -P -h localhost
createdb -O msf msf -h localhost

*Remember this password as it will be used when configuring Metasploit

Configuring VNCViewer

As Metasploit uses vncviewer for its VNC payloads, and OS X comes with a VNC client, we need to create the needed vncviewer file that will call the OS X vnc viewer.

echo '#!/usr/bin/env bash'>> /usr/local/bin/vncviewer
echo open vnc://\$1 >> /usr/local/bin/vncviewer
chmod +x /usr/local/bin/vncviewer

Installing Metasploit Framework

Installing the following gems needed for running the framework:

gem install pg sqlite3 msgpack activerecord redcarpet rspec simplecov yard bundler

Download the framework and prepare the directories:

cd /usr/local/share/
git clone https://github.com/rapid7/metasploit-framework.git
cd metasploit-framework
for MSF in $(ls msf*); do ln -s /usr/local/share/metasploit-framework/$MSF /usr/local/bin/$MSF;done
sudo chmod go+w /etc/profile
sudo echo export MSF_DATABASE_CONFIG=/usr/local/share/metasploit-framework/config/database.yml >> /etc/profile

Using brew and bundler the properly supported gems need to be installed.

bundle install

Now that the framework has been installed, and proper bundles installed. The database connection needs to be configured.

Save the following into /usr/local/share/metasploit-framework/config/database.yml replace <password> with the msf user’s password you set earlier.

vi /usr/local/share/metasploit-framework/config/database.yml

production:
  adapter: postgresql
  database: msf
  username: msf
  password: <password>
  host: 127.0.0.1
  port: 5432
  pool: 75
  timeout: 5

Now that this file has been created, source bash_profile to load the variables for the database.

source /etc/profile
source ~/.bash_profile

Now, to start Metasploit Framework as YOUR USER to it initializes the schema for the database for the first time as a NON ROOT user. Run this from within the /usr/local/share/metasploit-framework directory.

./msfconsole

Once the console loads, ensure that the database is connected by issuing:

msf> db_status

it should return:

[*] postgresql connected to msf

Install Armitage

Execute the following commands to prepare the environment and download armitage to the correct location:

brew install pidof
curl -# -o /tmp/armitage.tgz http://www.fastandeasyhacking.com/download/armitage-latest.tgz
tar -xvzf /tmp/armitage.tgz -C /usr/local/share
bash -c "echo \'/usr/bin/java\' -jar /usr/local/share/armitage/armitage.jar \$\*" > /usr/local/share/armitage/armitage
perl -pi -e 's/armitage.jar/\/usr\/local\/share\/armitage\/armitage.jar/g' /usr/local/share/armitage/teamserver

Lastly, create sym links for Armitage:

ln -s /usr/local/share/armitage/armitage /usr/local/bin/armitage
ln -s /usr/local/armitage/teamserver /usr/local/bin/teamserver

Due to the way variables are handled when using sudo, you will need to give the –E option.

sudo –E armitage
sudo –E msfconsole

Special thanks to Syph0n for creating this article

Tagged , , , . Bookmark the permalink.

37 Responses to Installing Metasploit Framework on OS X Yosemite (Updated April 2015)

  1. AHE says:

    no puedo hacer este proceso
    Ahora que el marco se ha instalado, y paquetes adecuados instalado. La conexión de base de datos necesita ser configurado.

    Guarde lo siguiente en /usr/local/share/metasploit-framework/config/database.yml reemplace por la contraseña del usuario msf establecidos anteriormente.

    vi /usr/local/share/metasploit-framework/config/database.yml

    producción:
    adaptador: postgresql
    base de datos: msf
    nombre de usuario: msf
    contraseña:
    host: 127.0.0.1
    Puerto: 5432
    Piscina: 75
    Tiempo de espera: 5
    me pueden ayudar

  2. AHE says:

    y mi posgresql me aparece como no conectado

  3. k?r ??m says:

    need help======>
    $ msfconsole
    /usr/local/share/metasploit-framework/metasploit-framework.gemspec:26: warning: Insecure world writable dir /usr/local in PATH, mode 040777
    Could not find network_interface-0.0.1 in any of the sources
    Run `bundle install` to install missing gems.

  4. Giaco says:

    capitano@Scotty:~% sudo armitage
    [-] Java 1.6 is not supported with this tool. Please upgrade to Java 1.7
    [*] Warning: invalid use of index operator: $null[‘version’] at armitage.sl:224
    [*] Warning: internal error – class java.util.EmptyStackException at armitage.sl:224
    [-] Lost a connection (java.io.StreamCorruptedException: invalid stream header: 3C68746D): disconnecting all!

  5. Trucker says:

    Great guide, thanks very much.

  6. rosh says:

    i have error me tow macs-MacBook-Pro:metasploit-framework mac$ msfconsole
    Could not find json-1.8.1 in any of the sources
    Run `bundle install` to install missing gems.

    • norsec0de says:

      Try navigate into the “metasploit-framework” folder and then run “bundle install” from within that folder.

      It should install the bundles for you and then you can open “msfconsole”

  7. variable says:

    As of 9.4.1 of PostgrSQL it has different instructions about configuring PostgrSQL to load on launch:

    To have launchd start postgresql at login:
    ln -sfv /usr/local/opt/postgresql/*.plist ~/Library/LaunchAgents
    Then to load postgresql now:
    launchctl load ~/Library/LaunchAgents/homebrew.mxcl.postgresql.plist
    Or, if you don’t want/need launchctl, you can just run:
    postgres -D /usr/local/var/postgres

    Great guide!

  8. Ryan says:

    I followed all instructions in details but something seems to be wrong with my installation. At a point I was told I had to upgrade ruby for somethings to work, which I did, and not all I get is this

    dev:metasploit-framework tools$ msfconsole
    Ignoring bcrypt-3.1.10 because its extensions are not built. Try: gem pristine bcrypt –version 3.1.10
    Ignoring ffi-1.9.3 because its extensions are not built. Try: gem pristine ffi –version 1.9.3
    Ignoring gherkin-2.11.6 because its extensions are not built. Try: gem pristine gherkin –version 2.11.6
    Ignoring msgpack-0.5.11 because its extensions are not built. Try: gem pristine msgpack –version 0.5.11
    Ignoring network_interface-0.0.1 because its extensions are not built. Try: gem pristine network_interface –version 0.0.1
    Ignoring nokogiri-1.6.5 because its extensions are not built. Try: gem pristine nokogiri –version 1.6.5
    Ignoring pcaprub-0.11.3 because its extensions are not built. Try: gem pristine pcaprub –version 0.11.3
    Ignoring pg-0.18.1 because its extensions are not built. Try: gem pristine pg –version 0.18.1
    Ignoring redcarpet-3.1.2 because its extensions are not built. Try: gem pristine redcarpet –version 3.1.2
    Ignoring sqlite3-1.3.10 because its extensions are not built. Try: gem pristine sqlite3 –version 1.3.10
    [*] Metasploit requires the Bundler gem to be installed
    $ gem install bundler
    dev:metasploit-framework tools$ msfconsole
    Ignoring bcrypt-3.1.10 because its extensions are not built. Try: gem pristine bcrypt –version 3.1.10
    Ignoring ffi-1.9.3 because its extensions are not built. Try: gem pristine ffi –version 1.9.3
    Ignoring gherkin-2.11.6 because its extensions are not built. Try: gem pristine gherkin –version 2.11.6
    Ignoring msgpack-0.5.11 because its extensions are not built. Try: gem pristine msgpack –version 0.5.11
    Ignoring network_interface-0.0.1 because its extensions are not built. Try: gem pristine network_interface –version 0.0.1
    Ignoring nokogiri-1.6.5 because its extensions are not built. Try: gem pristine nokogiri –version 1.6.5
    Ignoring pcaprub-0.11.3 because its extensions are not built. Try: gem pristine pcaprub –version 0.11.3
    Ignoring pg-0.18.1 because its extensions are not built. Try: gem pristine pg –version 0.18.1
    Ignoring redcarpet-3.1.2 because its extensions are not built. Try: gem pristine redcarpet –version 3.1.2
    Ignoring sqlite3-1.3.10 because its extensions are not built. Try: gem pristine sqlite3 –version 1.3.10
    [*] Metasploit requires the Bundler gem to be installed
    $ gem install bundler

  9. Ryan says:

    Thanks for the suggestion @norsec0de but “tools” is actually my username and not the folder name. If you look carefully you would see I’m actually running from “dev:metasploit-framework tools$”

    • norsec0de says:

      Soz Ryan, didn’t notice that :P

      It looks like it could be one of a few issues, try some of these to halp troubleshoot.
      Firstly, try running ./msfconsole instead of msfconsole and see if that makes a difference.

      Another thing I’ve noticed is that MSF now requires Ruby 2.1.x Try installing that version and see if it works. I’ll update the post to reflect this.

      Last option could be conflicting or borked Ruby installs. Rub “which ruby” to see if the homebrew version is being run by default. also, check that RVM is not interfering. If possible, remove all version of Ruby, cleanup the $PATH and then jump back to the Ruby installation in the tutorial.

      Let me know how you get on.

      Cheers

      norse

  10. Ryan says:

    Thanks dude, your concern is very much appreciated. To be honest, while installing metasploit, I had actually gove for the 2.1.5 ruby version, and when I started encountering these problems I did think it was a s a result of my ruby version, and as such I uninstalled 2.1 and reverted to 1.9.3.

    After your recent comment, I had uninstalled all versions of ruby, and re-installed versions 2.1.5 and 2.2, but default is tied to 2.1.5. After that, I had done the bundle install, and tried to run msfconsole in both ways (msfconsole and ./msfconsole) now this is what I have

    WARNING: Nokogiri was built against LibXML version 2.9.2, but has dynamically loaded 2.9.0
    /usr/local/share/metasploit-framework/lib/rex/payloads/win32/kernel.rb:9:in `require’: cannot load such file — rex/payloads/win32/kernel/migration (LoadError)
    from /usr/local/share/metasploit-framework/lib/rex/payloads/win32/kernel.rb:9:in `’
    from /usr/local/share/metasploit-framework/lib/rex/payloads/win32/kernel.rb:4:in `’
    from /usr/local/share/metasploit-framework/lib/rex/payloads/win32/kernel.rb:3:in `’
    from /usr/local/share/metasploit-framework/lib/rex/payloads/win32/kernel.rb:2:in `’
    from /usr/local/share/metasploit-framework/lib/msf/core/exploit/kernel_mode.rb:4:in `require’
    from /usr/local/share/metasploit-framework/lib/msf/core/exploit/kernel_mode.rb:4:in `’
    from /usr/local/share/metasploit-framework/lib/msf/core/exploit/kernel_mode.rb:2:in `’
    from /usr/local/share/metasploit-framework/lib/msf/core/exploit/mixins.rb:15:in `require’
    from /usr/local/share/metasploit-framework/lib/msf/core/exploit/mixins.rb:15:in `’
    from /usr/local/share/metasploit-framework/lib/msf/core/exploit.rb:224:in `require’
    from /usr/local/share/metasploit-framework/lib/msf/core/exploit.rb:224:in `’
    from /usr/local/share/metasploit-framework/lib/msf/core/exploit.rb:30:in `’
    from /usr/local/share/metasploit-framework/lib/msf/core/exploit.rb:5:in `’
    from /usr/local/share/metasploit-framework/lib/msf/core/auxiliary/ntp.rb:3:in `require’
    from /usr/local/share/metasploit-framework/lib/msf/core/auxiliary/ntp.rb:3:in `’
    from /usr/local/share/metasploit-framework/lib/msf/core/auxiliary/mixins.rb:26:in `require’
    from /usr/local/share/metasploit-framework/lib/msf/core/auxiliary/mixins.rb:26:in `’
    from /usr/local/share/metasploit-framework/lib/msf/core/auxiliary.rb:16:in `require’
    from /usr/local/share/metasploit-framework/lib/msf/core/auxiliary.rb:16:in `’
    from /usr/local/share/metasploit-framework/lib/msf/core/auxiliary.rb:14:in `’
    from /usr/local/share/metasploit-framework/lib/msf/core/auxiliary.rb:4:in `’
    from /usr/local/share/metasploit-framework/lib/msf/core.rb:64:in `require’
    from /usr/local/share/metasploit-framework/lib/msf/core.rb:64:in `’
    from /usr/local/share/metasploit-framework/lib/metasploit/framework.rb:26:in `require’
    from /usr/local/share/metasploit-framework/lib/metasploit/framework.rb:26:in `’
    from /usr/local/share/metasploit-framework/lib/metasploit/framework/database.rb:1:in `require’
    from /usr/local/share/metasploit-framework/lib/metasploit/framework/database.rb:1:in `’
    from /usr/local/share/metasploit-framework/lib/metasploit/framework/parsed_options/base.rb:17:in `require’
    from /usr/local/share/metasploit-framework/lib/metasploit/framework/parsed_options/base.rb:17:in `’
    from /usr/local/share/metasploit-framework/lib/metasploit/framework/parsed_options/console.rb:2:in `’
    from /Users/tools/.rvm/gems/ruby-2.1.5@metasploit-framework/gems/activesupport-3.2.21/lib/active_support/inflector/methods.rb:230:in `const_defined?’
    from /Users/tools/.rvm/gems/ruby-2.1.5@metasploit-framework/gems/activesupport-3.2.21/lib/active_support/inflector/methods.rb:230:in `block in constantize’
    from /Users/tools/.rvm/gems/ruby-2.1.5@metasploit-framework/gems/activesupport-3.2.21/lib/active_support/inflector/methods.rb:229:in `each’
    from /Users/tools/.rvm/gems/ruby-2.1.5@metasploit-framework/gems/activesupport-3.2.21/lib/active_support/inflector/methods.rb:229:in `constantize’
    from /Users/tools/.rvm/gems/ruby-2.1.5@metasploit-framework/gems/activesupport-3.2.21/lib/active_support/core_ext/string/inflections.rb:54:in `constantize’
    from /usr/local/share/metasploit-framework/lib/metasploit/framework/command/base.rb:73:in `parsed_options_class’
    from /usr/local/share/metasploit-framework/lib/metasploit/framework/command/base.rb:69:in `parsed_options’
    from /usr/local/share/metasploit-framework/lib/metasploit/framework/command/base.rb:47:in `require_environment!’
    from /usr/local/share/metasploit-framework/lib/metasploit/framework/command/base.rb:81:in `start’
    from ./msfconsole:48:in `’

    Any ideas what could be wrong?

    Thanks in advance.

    • norsec0de says:

      I’ve just re-installed about to go through this same procedure. I’ll do all the troubleshooting in the morning and see what turns up.

      Watch this space :)

    • norsec0de says:

      Aight, re-rolled last night and updated the blog post as of this morning. The prob you’re having might have been with that custom Gem installation options.

      Try again with this guide. Worked well for me. Let me know how you get on.

      Cheers

  11. Ryan says:

    Thanks man, I would equally try do a re-run and get back with result results.

  12. Ryan says:

    I had gone through with the entire process again, even had to uninstall my previously installed Homebrew and Ruby just so I could do a clean install, but somehow I managed to lad in the same ditch as before.

    Is there some way I could do totally reversal of the entire process or possibly get some remote help? I’m sorry if i’m asking too much, its probably cos I’m not as grounded as you guys. Right now, I’m stuck and lost for options.

    From my observations, the errors all started from here;

    $ brew doctor
    Please note that these warnings are just used to help the Homebrew maintainers
    with debugging if you file an issue. If everything you use Homebrew for is
    working fine: please don’t worry and just ignore them. Thanks!

    Warning: Some directories in /usr/local/share/man aren’t writable.
    This can happen if you “sudo make install” software that isn’t managed
    by Homebrew. If a brew tries to add locale information to one of these
    directories, then the install will fail during the link step.
    You should probably `chown` them:

    /usr/local/share/man/de
    /usr/local/share/man/de/man1
    /usr/local/share/man/es
    /usr/local/share/man/es/man1
    /usr/local/share/man/fr
    /usr/local/share/man/fr/man1
    /usr/local/share/man/hr
    /usr/local/share/man/hr/man1
    /usr/local/share/man/hu
    /usr/local/share/man/hu/man1
    /usr/local/share/man/it
    /usr/local/share/man/it/man1
    /usr/local/share/man/jp
    /usr/local/share/man/jp/man1
    /usr/local/share/man/pl
    /usr/local/share/man/pl/man1
    /usr/local/share/man/pt_BR
    /usr/local/share/man/pt_BR/man1
    /usr/local/share/man/pt_PT
    /usr/local/share/man/pt_PT/man1
    /usr/local/share/man/ro
    /usr/local/share/man/ro/man1
    /usr/local/share/man/ru
    /usr/local/share/man/ru/man1
    /usr/local/share/man/sk
    /usr/local/share/man/sk/man1
    /usr/local/share/man/zh
    /usr/local/share/man/zh/man1

    Warning: Broken symlinks were found. Remove them with `brew prune`:
    /usr/local/bin/msf*

    Warning: Your XQuartz (2.7.6) is outdated
    Please install XQuartz 2.7.7:
    https://xquartz.macosforge.org

    Warning: You have unlinked kegs in your Cellar
    Leaving kegs unlinked can lead to build-trouble and cause brews that depend on
    those kegs to fail to run properly once built. Run `brew link` on these:

    nmap

    Warning: Your Homebrew is outdated.
    You haven’t updated for at least 24 hours. This is a long time in brewland!
    To update Homebrew, run `brew update`.
    3hi:~ all3n$ ruby -e “$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)”
    It appears Homebrew is already installed. If your intent is to reinstall you
    should do the following before running this installer again:
    rm -rf /usr/local/Cellar /usr/local/.git && brew cleanup
    3hi:~ all3n$ ruby -e “$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)”rm -rf /usr/local/Cellar /usr/local/.git && brew cleanup
    /Users/all3n/.rvm/rubies/ruby-2.2.0/lib/ruby/site_ruby/2.2.0/rubygems/core_ext/kernel_require.rb:54:in `require’: cannot load such file — f (LoadError)
    from /Users/all3n/.rvm/rubies/ruby-2.2.0/lib/ruby/site_ruby/2.2.0/rubygems/core_ext/kernel_require.rb:54:in `require’
    3hi:~ all3n$ ruby -e “$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)”
    It appears Homebrew is already installed. If your intent is to reinstall you
    should do the following before running this installer again:
    rm -rf /usr/local/Cellar /usr/local/.git && brew cleanup
    3hi:~ all3n$ rm -rf /usr/local/Cellar /usr/local/.git && brew cleanup
    3hi:~ all3n$ ruby -e “$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)”
    curl: (7) Failed to connect to raw.githubusercontent.com port 443: Connection refused
    3hi:~ all3n$ ruby -e “$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)”
    ==> This script will install:
    /usr/local/bin/brew
    /usr/local/Library/…
    /usr/local/share/man/man1/brew.1

    Press RETURN to continue or any other key to abort
    ==> Downloading and installing Homebrew…
    remote: Counting objects: 240221, done.
    remote: Total 240221 (delta 0), reused 0 (delta 0), pack-reused 240221
    Receiving objects: 100% (240221/240221), 33.40 MiB | 39.00 KiB/s, done.
    Resolving deltas: 100% (178834/178834), done.
    From https://github.com/Homebrew/homebrew
    * [new branch] master -> origin/master
    Checking out files: 100% (3515/3515), done.
    HEAD is now at 8400357 texmath: add 0.8.0.2 bottle.
    ==> Installation successful!
    ==> Next steps
    Run `brew doctor` before you install anything
    Run `brew help` to get started
    3hi:~ all3n$ brew doctor
    Please note that these warnings are just used to help the Homebrew maintainers
    with debugging if you file an issue. If everything you use Homebrew for is
    working fine: please don’t worry and just ignore them. Thanks!

    Warning: Some directories in /usr/local/share/man aren’t writable.
    This can happen if you “sudo make install” software that isn’t managed
    by Homebrew. If a brew tries to add locale information to one of these
    directories, then the install will fail during the link step.
    You should probably `chown` them:

    /usr/local/share/man/de
    /usr/local/share/man/de/man1
    /usr/local/share/man/es
    /usr/local/share/man/es/man1
    /usr/local/share/man/fr
    /usr/local/share/man/fr/man1
    /usr/local/share/man/hr
    /usr/local/share/man/hr/man1
    /usr/local/share/man/hu
    /usr/local/share/man/hu/man1
    /usr/local/share/man/it
    /usr/local/share/man/it/man1
    /usr/local/share/man/jp
    /usr/local/share/man/jp/man1
    /usr/local/share/man/pl
    /usr/local/share/man/pl/man1
    /usr/local/share/man/pt_BR
    /usr/local/share/man/pt_BR/man1
    /usr/local/share/man/pt_PT
    /usr/local/share/man/pt_PT/man1
    /usr/local/share/man/ro
    /usr/local/share/man/ro/man1
    /usr/local/share/man/ru
    /usr/local/share/man/ru/man1
    /usr/local/share/man/sk
    /usr/local/share/man/sk/man1
    /usr/local/share/man/zh
    /usr/local/share/man/zh/man1

    Warning: Broken symlinks were found. Remove them with `brew prune`:

    FYI, I have installed the latest version of Quartz, and Ruby. I equally ran the suggested `brew prune` command.

    Honestly, there’s just too many things, that I don’t understand and pasting them here would be several pages, but if you require any info, I could provide you.

    +++++++++++++++++++++++++++++

    while trying to run the “gem install pg sqlite3 msgpack activerecord redcarpet rspec simplecov yard bundler” command, below was the result I got, followed by a long series of installed bundles

    +++++++++++++++++++++++++++++++++

    $ gem install pg sqlite3 msgpack activerecord redcarpet rspec simplecov yard bundler
    Fetching: pg-0.18.1.gem (100%)
    Building native extensions. This could take a while…
    ERROR: Error installing pg:
    ERROR: Failed to build gem native extension.

    /Users/all3n/.rvm/rubies/ruby-2.2.0/bin/ruby -r ./siteconf20150401-1667-1hyg34n.rb extconf.rb
    checking for pg_config… no
    No pg_config… trying anyway. If building fails, please try again with
    –with-pg-config=/path/to/pg_config
    checking for libpq-fe.h… no
    Can’t find the ‘libpq-fe.h header
    *** extconf.rb failed ***
    Could not create Makefile due to some reason, probably lack of necessary
    libraries and/or headers. Check the mkmf.log file for more details. You may
    need configuration options.

    +++++++++++++++++++++++++++++++++++++++++++

    “bundle install” command yielded a couple of dependencies and the error below;

    +++++++++++++++++++++++++++++++++++++++++++++++

    metasploit-framework at /usr/local/share/metasploit-framework did not have a valid gemspec.
    This prevents bundler from installing bins or native extensions, but that may not affect its functionality.
    The validation message from Rubygems was:
    [“data/eicar.com”, “data/exploits/CVE-2008-0320.doc”, “data/exploits/CVE-2008-5499.swf”, “data/exploits/CVE-2008-6508/lib/plugin-metasploit.jar”, “data/exploits/CVE-2010-0842/MixerMidiApplet.class”, “data/exploits/CVE-2010-1297.swf”, “data/exploits/CVE-2010-3654.swf”, “data/exploits/CVE-2011-0105.xlb”, “data/exploits/CVE-2011-0609.swf”, “data/exploits/CVE-2011-0611.swf”, “data/exploits/CVE-2011-2110.swf”, “data/exploits/CVE-2011-3400/CVE-2011-3400.vsd”, “data/exploits/CVE-2012-0013/word/embeddings/oleObject1.bin”, “data/exploits/CVE-2012-0754.swf”, “data/exploits/CVE-2012-0779.swf”, “data/exploits/CVE-2012-1535/Main.swf”, “data/exploits/CVE-2012-2516/template_payload.chm”, “data/exploits/CVE-2012-4681/Exploit.class”, “data/exploits/CVE-2013-2465/Exploit.class”, “data/exploits/CVE-2013-3906/word/media/image1.jpeg”, “data/exploits/CVE-2014-0497/Vickers.swf”, “data/exploits/CVE-2014-0515/Graph.swf”, “data/exploits/CVE-2014-4114/template/ppt/slides/slide1.xml”, “data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slides/slide1.xml”, “data/exploits/batik_svg/Exploit$1.class”, “data/exploits/cve-2010-0094/PayloadClassLoader.class”, “data/exploits/cve-2010-0094/PayloadCreater.class”, “data/exploits/cve-2010-0094/payload.ser”, “data/exploits/cve-2010-0840/vuln/Link.class”, “data/exploits/cve-2010-4452/AppletX.class”, “data/exploits/cve-2011-3544/Exploit.class”, “data/exploits/cve-2012-5076/Exploit.class”, “data/exploits/cve-2012-5076_2/Exploit.class”, “data/exploits/cve-2012-5088/Exploit.class”, “data/exploits/cve-2013-0422/Exploit.class”, “data/exploits/cve-2013-0431/Exploit.class”, “data/exploits/cve-2013-1493/MyBufferedImage.class”, “data/exploits/cve-2013-2460/Exploit.class”, “data/exploits/cve-2014-1761.rtf”, “data/exploits/iphone_libtiff.bin”, “data/exploits/jre7u17/Exploit.class”, “data/exploits/mp4player.as”, “data/exploits/mp4player.fla”, “data/exploits/mp4player.swf”, “data/exploits/shockwave_rcsl.dir”, “data/java/javapayload/stage/StreamForwarder.class”, “data/java/metasploit/Payload.class”, “data/java/metasploit/RMILoader.class”, “data/js/memory/property_spray.js”, “data/post/bypassuac-x86.exe”, “data/templates/template_ppc_darwin.bin”, “data/templates/template_x64_darwin.bin”, “data/templates/template_x86_darwin.bin”, “external/source/ReflectiveDLLInjection”, “external/source/exploits/CVE-2008-5353/bin/msf/x/AppletX.class”, “external/source/exploits/CVE-2008-6508/Example.java”, “external/source/exploits/CVE-2010-0094/payload.ser”, “external/source/exploits/CVE-2012-0507/Makefile”, “external/source/exploits/CVE-2012-0507/msf/x/Exploit.java”, “external/source/exploits/CVE-2012-0507/msf/x/Help.java”, “external/source/exploits/CVE-2012-0507/msf/x/PayloadX.java”, “external/source/exploits/CVE-2012-1535/Main.as”, “external/source/exploits/CVE-2012-1535/Main_FontClass.as”, “external/source/exploits/CVE-2012-1535/PSPop.otf”, “external/source/exploits/CVE-2012-1723/Makefile”, “external/source/exploits/CVE-2012-1723/bin/cve1723/Attacker.class”, “external/source/exploits/CVE-2012-1723/bin/cve1723/Confuser.class”, “external/source/exploits/CVE-2012-1723/bin/cve1723/ConfusingClassLoader.class”, “external/source/exploits/CVE-2012-1723/bin/msf/x/PayloadX$StreamConnector.class”, “external/source/exploits/CVE-2012-1723/bin/msf/x/PayloadX.class”, “external/source/exploits/CVE-2012-1723/lib/cve1723/Generator.class”, “external/source/exploits/CVE-2012-1723/src/cve1723/Attacker.java”, “external/source/exploits/CVE-2012-1723/src/cve1723/ConfusingClassLoader.java”, “external/source/exploits/CVE-2012-1723/src/cve1723/Generator.java”, “external/source/exploits/CVE-2012-1723/src/msf/x/PayloadX.java”, “external/source/exploits/CVE-2012-4681/Exploit.java”, “external/source/exploits/batik_svg/Exploit.java”, “lib/rex/exploitation/heaplib.js.b64”, “lib/rex/payloads/win32.rb”, “lib/rex/payloads/win32/kernel/migration.rb”, “modules/exploits/multi/browser/firefox_queryinterface.rb”, “modules/exploits/multi/browser/mozilla_navigatorjava.rb”, “modules/exploits/windows/browser/mozilla_firefox_xmlserializer.rb”, “modules/exploits/windows/browser/ms10_042_helpctr_xss_cmd_exec.rb”, “modules/exploits/windows/browser/ms10_090_ie_css_clip.rb”, “modules/exploits/windows/browser/ms14_012_cmarkup_uaf.rb”, “modules/exploits/windows/browser/real_arcade_installerdlg.rb”, “modules/exploits/windows/fileformat/adobe_libtiff.rb”, “modules/exploits/windows/scada/scadapro_cmdexe.rb”, “modules/payloads/singles/cmd/windows/download_exec_vbs.rb”] are not files
    Using metasploit-frame

    That basically sums up the problems I’m facing, I hope I can somehow get help to get it resolved.

    Thanks in advance.

  13. Gio says:

    I’m stuck at the part after all the framework has been installed. I enter “vi /usr/local/share/metasploit-framework/config/database.yml” like you said as the next step. After which it says:

    E325: ATTENTION
    Found a swap file by the name “/usr/local/share/metasploit-framework/config/.dat
    abase.yml.swp”
    owned by: gabrieltanjangco dated: Sat Apr 4 18:10:13 2015
    file name: /usr/local/share/metasploit-framework/config/database.yml
    modified: no
    user name: gabrieltanjangco host name: Gabriels-Air
    process ID: 24109 (still running)
    While opening file “/usr/local/share/metasploit-framework/config/database.yml”

    (1) Another program may be editing the same file.
    If this is the case, be careful not to end up with two
    different instances of the same file when making changes.
    Quit, or continue with caution.

    (2) An edit session for this file crashed.
    If this is the case, use “:recover” or “vim -r /usr/local/share/metasploit-f
    ramework/config/database.yml”
    to recover the changes (see “:help recovery”).
    If you did this already, delete the swap file “/usr/local/share/metasploit-f
    ramework/config/.database.yml.swp”
    to avoid this message.
    Swap file “/usr/local/share/metasploit-framework/config/.database.yml.swp” alrea
    dy exists!
    [O]pen Read-Only, (E)dit anyway, (R)ecover, (Q)uit, (A)bort:

    I’ve tried most options and I am then led to this:

    ~
    ~
    ~
    ~
    ~
    ~
    ~
    ~
    ~
    ~
    ~
    ~
    ~
    ~
    ~
    ~
    ~
    ~
    ~
    ~
    ~
    ~
    “/usr/local/share/metasploit-framework/config/database.yml” [New File]

    Please walk me through how I should proceed. I’m a beginner in all senses of the word at this.

    • norsec0de says:

      Ah yea, that damn swap file.

      To remove it, run “rm /usr/local/share/metasploit-framework/config/.database.yml.swp” and that should kill it.

      If you’re unfamiliar with how vim works, try using something like “nano /usr/local/share/metasploit-framework/config/database.yml” Paste the info into the file, Ctrl + O to Save and Ctrl + X to exit.

  14. Annon says:

    HI Folks,

    I’m getting an error but checked whether nokogiri installed, yeah its installed not sure why error is throwing. Any help will be highly appreciate as in the middle of project

    checking for main() in -llzma… yes
    checking for xmlParseDoc() in libxml/parser.h… no
    checking for xmlParseDoc() in -lxml2… no
    checking for xmlParseDoc() in -llibxml2… no
    —–
    libxml2 is missing. Please locate mkmf.log to investigate how it is failing.
    —–
    *** extconf.rb failed ***
    Could not create Makefile due to some reason, probably lack of necessary
    libraries and/or headers. Check the mkmf.log file for more details. You may
    need configuration options.

    Provided configuration options:
    –with-opt-dir
    –with-opt-include
    –without-opt-include=${opt-dir}/include
    –with-opt-lib
    –without-opt-lib=${opt-dir}/lib
    –with-make-prog
    –without-make-prog
    –srcdir=.
    –curdir
    –ruby=/usr/local/Cellar/ruby21/2.1.5/bin/ruby
    –help
    –clean
    –use-system-libraries
    –enable-static
    –disable-static
    –with-zlib-dir
    –without-zlib-dir
    –with-zlib-include
    –without-zlib-include=${zlib-dir}/include
    –with-zlib-lib
    –without-zlib-lib=${zlib-dir}/lib
    –enable-cross-build
    –disable-cross-build
    –with-xml2lib
    –without-xml2lib
    –with-libxml2lib
    –without-libxml2lib

    extconf failed, exit code 1

    Gem files will remain installed in /usr/local/lib/ruby/gems/2.1.0/gems/nokogiri-1.6.6.2 for inspection.
    Results logged to /usr/local/lib/ruby/gems/2.1.0/extensions/x86_64-darwin-14/2.1.0/nokogiri-1.6.6.2/gem_make.out
    An error occurred while installing nokogiri (1.6.6.2), and Bundler cannot continue.
    Make sure that `gem install nokogiri -v ‘1.6.6.2’` succeeds before bundling.

  15. annon says:

    installation was very fine but when I try to run ./msfconsole following error
    any thoughts

    |/usr/local/share/metasploit-framework/lib/msf/core/reflective_dll_loader.rb:26:in `initialize’: no implicit conversion of nil into String (TypeError)
    from /usr/local/share/metasploit-framework/lib/msf/core/reflective_dll_loader.rb:26:in `open’
    from /usr/local/share/metasploit-framework/lib/msf/core/reflective_dll_loader.rb:26:in `load_rdi_dll’
    from /usr/local/share/metasploit-framework/lib/msf/core/payload/windows/stageless_meterpreter.rb:55:in `generate_stageless_x86′
    from /usr/local/share/metasploit-framework/modules/payloads/singles/windows/meterpreter_reverse_tcp.rb:39:in `generate’
    from /usr/local/share/metasploit-framework/lib/msf/core/payload.rb:199:in `size’
    from /usr/local/share/metasploit-framework/lib/msf/core/payload_set.rb:91:in `block in recalculate’
    from /usr/local/share/metasploit-framework/lib/msf/core/payload_set.rb:78:in `each_pair’
    from /usr/local/share/metasploit-framework/lib/msf/core/payload_set.rb:78:in `recalculate’
    from /usr/local/share/metasploit-framework/lib/msf/core/modules/loader/base.rb:284:in `block in load_modules’
    from /usr/local/share/metasploit-framework/lib/msf/core/modules/loader/base.rb:281:in `each’
    from /usr/local/share/metasploit-framework/lib/msf/core/modules/loader/base.rb:281:in `load_modules’
    from /usr/local/share/metasploit-framework/lib/msf/core/module_manager/loading.rb:117:in `block in load_modules’
    from /usr/local/share/metasploit-framework/lib/msf/core/module_manager/loading.rb:115:in `each’
    from /usr/local/share/metasploit-framework/lib/msf/core/module_manager/loading.rb:115:in `load_modules’
    from /usr/local/share/metasploit-framework/lib/msf/core/module_manager/module_paths.rb:41:in `block in add_module_path’
    from /usr/local/share/metasploit-framework/lib/msf/core/module_manager/module_paths.rb:40:in `each’
    from /usr/local/share/metasploit-framework/lib/msf/core/module_manager/module_paths.rb:40:in `add_module_path’
    from /usr/local/share/metasploit-framework/lib/msf/base/simple/framework/module_paths.rb:53:in `block in add_engine_module_paths’
    from /usr/local/share/metasploit-framework/lib/msf/base/simple/framework/module_paths.rb:52:in `each’
    from /usr/local/share/metasploit-framework/lib/msf/base/simple/framework/module_paths.rb:52:in `add_engine_module_paths’
    from /usr/local/share/metasploit-framework/lib/msf/base/simple/framework/module_paths.rb:16:in `init_module_paths’
    from /usr/local/share/metasploit-framework/lib/msf/ui/console/driver.rb:220:in `initialize’
    from /usr/local/share/metasploit-framework/lib/metasploit/framework/command/console.rb:52:in `new’
    from /usr/local/share/metasploit-framework/lib/metasploit/framework/command/console.rb:52:in `driver’
    from /usr/local/share/metasploit-framework/lib/metasploit/framework/command/console.rb:38:in `start’
    from /usr/local/share/metasploit-framework/lib/metasploit/framework/command/base.rb:82:in `start’
    from /usr/local/bin/msfconsole:48:in `’

  16. pepe says:

    Hello,

    I have the same problem in yosemite:

    |/usr/local/share/metasploit-framework/lib/msf/core/reflective_dll_loader.rb:26:in `initialize’: no implicit conversion of nil into String (TypeError)

  17. othman3a says:

    [*] Starting the Metasploit Framework console…-[-] Failed to connect to the database: could not connect to server: Connection refused
    Is the server running on host “127.0.0.1” and accepting
    TCP/IP connections on port 5432?

  18. Duran Köse says:

    How do i fix this?

    [*] Starting the Metasploit Framework console…[-] Failed to connect to the database: PG::InsufficientPrivilege: ERROR: permission denied for relation workspaces
    : SELECT “workspaces”.* FROM “workspaces” WHERE “workspaces”.”name” = ‘default’ ORDER BY “workspaces”.”id” ASC LIMIT 1

  19. toontjeTon says:

    Installation went fine however when launching armitage i get the following message:

    org.msgpack.UnpackException: parse error

    Armitage won’t start. MSF works fine.

    • D says:

      Edit /usr/local/share/metasploit-framework/Gemfile.lock with your favorite text editor where it says: GEM
      remote: https://rubygems.org/
      specs: msgpack (0.6.0)
      To say: msgpack (0.5.12)

      save

      then:

      cd /usr/local/share/metasploit-framework/

      bundle install

      after that

      sudo -E armitage

  20. MosDef says:

    Great guide! Worked flawlessly for me and using Ruby ruby 2.1.6p336… Thanks!

  21. TiGER-M@TE says:

    TiGER-M@TE
    Works perfect dude!

  22. l0k0m says:

    msf > db_status
    [*] postgresql selected, no connection

  23. t1pg2f says:

    Hey, thanks Soo Much! I did step-by-step and everythings ok! Iam running on Mac OSX El capitan. I just need to change version on the cp command on postgresql. You rock!! thank you!

  24. SilentEnigma says:

    Hello;
    I installed armitage by your commands on ruby. But, How can i uninstall armitage?

HTML Injection goes here...