Install Metasploit Ubuntu

Chưa phân loại
Metasploit is a cross platform and open source tool initially developed by H. D. Moore in 2003. It written in Ruby and is available for Windows, MacOS and Linux. Metasploit is commonly used for offensive security testing and research. It is used for following purposes:

  • Vulnerability Assessment and Pentesting
  • IDS signature development
  • Exploit development and research

The newest major Metasploit release has moved its core to an all Ruby programming base. Metasploit-framework uses Ruby as its core programming language because Ruby is a powerful interpreted language. The Metasploit Project is very famous because of its anti-forensic and  detection evasion features.

Metasploit generally offers a community and open source version of Metasploit Framework but it also has commercial versions like Metasploit Pro and Metasploit Express. It also has a shellcode database, these shellcodes can be used to perform reverse shell to the the attacker’s machine.

Like other similar products like Canvas or Core Impact and other commercial security products, Metasploit-Framework can be used to check the security of computer systems or to break into network and systems. Similar to many other security tools, Metasploit Framework can be used for both authorized and unauthorized activities.

Follow below steps to install Metasploit Framework in your Ubuntu OS


Metasploit Frame is easy to install and and has a few dependencies. Before installing, make sure to update your Ubuntu

$ sudo apt-get update
$ sudo apt-get upgrade

Installing dependencies

Before installing you need to install following dependencies using apt command

ubuntu@ubuntu:~$ sudo apt-get install -y curl gpgv2 autoconf bison build-essential
git-corelibapr1 postgresql libaprutil1 libcurl4openssl-dev libgmp3-dev libpcap-dev
openssl libpq-dev libreadline6-dev libsqlite3-dev libssl-dev locate libsvn1 libtool
libxml2 libxml2-dev libxslt-dev wget libyaml-dev ncurses-dev  postgresql-contrib xsel
zlib1g zlib1g-dev


curl is used to transfer files from remote computers and supports a lot of protocols, we will use it to download metasploit framework code.

ubuntu@ubuntu:~$ curl
> msfinstall &&

Then change permissions of the executable code using chmod command then run it

owner = Read & Write (rw-)
group = Read (r–)
other = None ()

owner = root
group = shadow

$ chmod 755 msfinstall

Metasploit Interfaces

Metasploit Framework has a web interface, GUI interface (Armitage and Cobal Strike) and Command Line interfaces (msfcli, msfconsole). It also offers APIs like msgrpc to control Metasploit remotely or to use it along with some some scripting language for automation purposes.

It also has some other tools and features that can generate shell codes and payloads and combine them with other legitimate executables.

Msfconsole is a powerful Command line interface of Metasploit. To run it, first start postgresql service, Type

ubuntu@ubuntu:~$ sudo service postgresql start
ubuntu@ubuntu:~$ sudo msfconsole

Metasploit Manual

Common commands for  Metasploit from the Manual

help (or ‘?’) – shows the available commands in msfconsole

show exploits – shows the exploits you can run (in our case here, the ms05_039_pnp exploit)

show payloads – shows the various payload options you can execute on the exploited system such as spawn a command shell, uploading programs to run, etc. (in our case here, the win32_reverse exploit)

info exploit [exploit name] – shows a description of a specific exploit name along with its various options and requirements (ex. info exploit ms05_039_pnp shows information on that specific attack)

info payload [payload name] – shows a description of a specific payload name along with its various options and requirements (ex. info payload win32_reverse shows information on spawning a command shell)

use [exploit name] – instructs msfconsole to enter into a specific exploit’s environment (ex. use ms05_039_pnp will bring up the command prompt ms05_039_pnp > for this specific exploit

show options – shows the various parameters for the specific exploit you’re working with

show payloads – shows the payloads compatible with the specific exploit you’re working with

set PAYLOAD – allows you to set the specific payload for your exploit (in this example, set PAYLOAD win32_reverse)

show targets – shows the available target OSs and applications that can be exploited

set TARGET – allows you to select your specific target OS/application (in this example, I’ll use set TARGET 0 to for all English versions of Windows 2000)

set RHOST – allows you to set your target host’s IP address (in this example, set RHOST

set LHOST – allows you to set the local host’s IP address for the reverse communications needed to open the reverse command shell (in this example, set LHOST

back – allows you to exit the current exploit environment you’ve loaded and go back to the main msfconsole prompt


Metasploit is a very useful framework that is used by Penetration testers and vulnerability researchers. Some other commercial tools offer similar functionality but Metasploit is popular due to its cross-platform support and easy-to-use GUI and CLI interfaces. This is particularly make for Penetration testers and Red Teamers but anyone can use this to secure their home or company’s network. If you are interested in learning Metasploit, here is a great free resource.

ONET IDC thành lập vào năm 2012, là công ty chuyên nghiệp tại Việt Nam trong lĩnh vực cung cấp dịch vụ Hosting, VPS, máy chủ vật lý, dịch vụ Firewall Anti DDoS, SSL… Với 10 năm xây dựng và phát triển, ứng dụng nhiều công nghệ hiện đại, ONET IDC đã giúp hàng ngàn khách hàng tin tưởng lựa chọn, mang lại sự ổn định tuyệt đối cho website của khách hàng để thúc đẩy việc kinh doanh đạt được hiệu quả và thành công.
Bài viết liên quan

RedHat Versus SUSE: The Battle of Enterprise Linux Distributions

The enterprise Linux space is crowded, with several established companies providing open source software products to the...

How to Install Slack on Arch Linux

Today, let’s get started with Slack on Arch Linux! Slack for the win! So, why Slack? Slack is basically a “chatroom...

How to Install and Use Steam on Arch Linux

Almost all the top-tier games in the world right now are all for Windows. But there’s no need to think that Linux is...
Bài Viết

Bài Viết Mới Cập Nhật


Mua Proxy v6 US Private chạy PRE, Face, Insta, Gmail

Mua shadowsocks và hướng dẫn sữ dụng trên window

Tại sao Proxy Socks lại được ưa chuộng hơn Proxy HTTP?

Mua thuê proxy v4 nuôi zalo chất lượng cao, kinh nghiệm tránh quét tài khoản zalo