In this section, we will explore Metasploit Community, which is a web-based graphical user interface that utilizes the Metasploit framework. While it can also exploit vulnerabilities, it offers additional capabilities such as port scanning and service installation, and can map ports and services to existing exploits and modules. This allows us to quickly exploit a vulnerability through the Metasploit framework.
To access this tool, it is necessary to download it as it is not included in Kali Linux. To proceed with the download, an activation key will be required, which will be sent to the provided email address.
After changing the file permission, we can run the installer using the command “./metasploit-latest-linux-x64-installer.run”. This will start the installation process and we will be prompted to provide some information during the process. Once the installation is complete, we can start Metasploit by running the “msfconsole” command in the terminal.
After changing the permissions to executable, we can verify that the file is executable by running the “ls” command, and we will see that the text of the filename is highlighted in green, indicating that the file is now executable.
In order to execute any program in Linux, we need to specify the path to the executable file. This is done by typing “./” followed by the filename of the program we want to run. In this case, we will run the metasploit-latest-linux-x64-installer.run program.
To execute the program, we will type the following command: “./metasploit-latest-linux-x64-installer.run”
Here are the steps for installation:
Step 1: We need to click on “I accept the agreement” and then click on “Forward”.
Step 2: After that, we will be prompted to choose the installation directory for Metasploit. We can choose to keep the default directory or select a different one. Once we have chosen the directory, we will click on Forward.
Step 3: Next, the installer will ask for the SSL PORT to be used. Since the service runs as a web GUI, we can set the port to any value we want, but in this case, we will leave it as 3790.
Step 4: The installer is now asking for the Server Name, and in this case, we will leave it as “localhost” since Metasploit is being installed on the local machine.
Step 5: During the installation process, the program will prompt us for the Database Server port. It is recommended that we leave this setting at its default value. These configuration settings are necessary for the program to operate effectively.
Step 6: After pressing Forward, the installation will commence. Once it finishes, we will be prompted to set a username and password for the web interface. We should select a strong username and password to secure our installation.
After the installer finishes, we need to run the Metasploit service, which will be installed as a web server. To start the Metasploit Community, we need to use the service command, which is commonly used in Linux to run services.
The command to run Metasploit Community as a service is as follows:
After starting the Metasploit service, we can access it by opening a browser and navigating to the Metasploit web server using the https protocol, not http, and the default port for Metasploit, which is 3790. We should then see a login page where we need to Enter the username and password that we created during the installation process.
In the next section, we will discuss how to log in and use the Metasploit tool.
We hope that the information provided on installing MSFC has been helpful. To learn more about ethical hacking, please continue to follow us @ tutorials.freshersnow.com for daily updates and insights.