Tuesday, October 11, 2016

soup to nuts install of metasploit on ubuntu 14.04 lts

soup to nuts install of metasploit on ubuntu 14.04 lts 
 
   
 ..........  
 install base  
   
 * priv  
   
 passwd  
 nano -w /etc/ssh/sshd_config  
 ssh-keygen -t rsa -b 2048  
 apt-get update  
 apt-get upgrade  
 apt-get install build-essential libreadline-dev libssl-dev libpq5 \  
 libpq-dev libreadline5 libsqlite3-dev libpcap-dev openjdk-7-jre \  
 git-core autoconf postgresql pgadmin3 curl zlib1g-dev libxml2-dev \  
 libxslt1-dev vncviewer libyaml-dev curl zlib1g-dev ipmitool p7zip \  
 nmap tcpdump subversion cmake bison flex 
   
 ..........  
 rbenv  
   
 * non-priv  
   
 cd ~  
 git clone git://github.com/sstephenson/rbenv.git .rbenv  
 echo 'export PATH="$HOME/.rbenv/bin:$PATH"' >> ~/.bashrc  
 echo 'eval "$(rbenv init -)"' >> ~/.bashrc  
 exec $SHELL  
   
 git clone git://github.com/sstephenson/ruby-build.git ~/.rbenv/plugins/ruby-build  
 echo 'export PATH="$HOME/.rbenv/plugins/ruby-build/bin:$PATH"' >> ~/.bashrc  
   
 git clone git://github.com/dcarley/rbenv-sudo.git ~/.rbenv/plugins/rbenv-sudo  
   
 exec $SHELL  
   
 rbenv install 2.3.1  
 rbenv global 2.3.1  
 ruby -v  
   
 ..........  
 postgre sql server  
   
 * non-priv  
   
 sudo -s  
 su postgres  
 cd ~  
 createuser msf -P -S -R -D  
 createdb -O msf msf  
 exit  
 exit  
   
 ..........  
 hashcat  (not a hot idea on a virtual machine)
   
 * as priv user  
   
 sudo apt-get install ocl-icd-libopencl1 opencl-headers clinfo  
 sudo mkdir /usr/bin/OpenCL  
   
 cd /opt  
 wget https://hashcat.net/files/hashcat-3.10.7z  
 p7zip -d hashcat-3.10.7z  
 mv hashcat-3.10/ hashcat  
 cd hashcat  
 cp hashcat64.bin /usr/bin  
 ln -s /usr/bin/hashcat64.bin /usr/bin/hashcat  
   
 ..........  
 john  
   
 * as priv user  
 
 apt-get install build-essential libssl-dev yasm libgmp-dev \
 libpcap-dev libnss3-dev libkrb5-dev pkg-config libbz2-dev \
 nvidia-cuda-toolkit nvidia-opencl-dev nvidia-352 nvidia-cuda-toolkit opencl-headers <- if you have an nvidia gpu 
 fglrx-updates-dev <- if you want to use your amd gpu as an opencl device
 libopenmpi-dev openmpi-bin <- for mpi support

 * a gpu note
 lshw -C video
  
 rexgen
 apt-get install libboost-regex1.54-dev <- meh
 svn checkout https://github.com/teeshop/rexgen.git rexgen
 cd rexgen/trunk/src/
 mkdir build && cd build
 cmake ..
 make  && sudo make install 
 ldconfig

 git clone git://github.com/magnumripper/JohnTheRipper -b bleeding-jumbo john 
 cd john/src 

 ./configure --enable-mpi --enable-nt-full-unicode && make -s clean && make -sj4 
 * because unicode, yes.

 ./configure --enable-cuda --enable-mpi --enable-nt-full-unicode \
 --enable-experimental-code && make -s clean && make -sj4
 * if gpu
 
 cd .. && mv run /opt/john 

 ** test gpu
 john --list=cuda-devices
 john --list=opencl-devices
 
 let's get some password lists

 cd /opt/john
 mkdir /opt/john/dictionaries
 cd /opt/john/dictionaries
 cp .. /wordlist.lst .
 wget http://download.openwall.net/pub/wordlists/all.gz .
 wget https://download.g0tmi1k.com/wordlists/large/crackstation-human-only.txt.gz .
 
 * nb crackstation may show up as a binary file. i'd suggest after extraction:
 strings crackstation-human-only.lst > crackstation.txt

 fix the environment
 
 edit:
 /etc/environment
 add /opt/john to PATH
 add line JOHN="/opt/john/"

 ** odds and sods
 john --list=formats --format=opencl
 john --list=formats --format=cuda

 john ~/shadow <- openmp crack session
 john --format=sha512crypt-opencl ~/shadow <- opencl session
 john --format=sha512crypt-cuda ~/shadow <- cuda session 
 
 ** add'l chr files
 wget https://www.korelogic.com/Resources/Tools/rockyou.chr
 wget https://www.korelogic.com/Resources/Tools/rockyou-lanman.chr
 
 * nb http://contest-2010.korelogic.com/rules.html

 ..........  
 crunch  
   
 * priv user  
   
 wget https://sourceforge.net/projects/crunch-wordlist/files/latest/download -O crunch-3.6.tgz  
 tar xvfz crunch-3.6.tgz  
 make  
 make install  
   
 ..........  
 metasploitframework  
   
 * non-priv  
   
 cd /opt  
 sudo git clone https://github.com/rapid7/metasploit-framework.git  
 sudo chown -R `whoami` /opt/metasploit-framework  
 cd metasploit-framework  
   
 gem install bundler  
 bundle install  
   
 sudo bash -c 'for MSF in $(ls msf*); do ln -s /opt/metasploit-framework/$MSF /usr/local/bin/$MSF;done'  
   
 ..........  
 armitage (metasploit gui)  
   
 * priv  
   
 curl -# -o /tmp/armitage.tgz http://www.fastandeasyhacking.com/download/armitage150813.tgz  
 sudo tar -xvzf /tmp/armitage.tgz -C /opt  
 sudo ln -s /opt/armitage/armitage /usr/local/bin/armitage  
 sudo ln -s /opt/armitage/teamserver /usr/local/bin/teamserver  
 sudo sh -c "echo java -jar /opt/armitage/armitage.jar \$\* > /opt/armitage/armitage"  
 sudo perl -pi -e 's/armitage.jar/\/opt\/armitage\/armitage.jar/g' /opt/armitage/teamserver  
   
 sudo nano /opt/metasploit-framework/config/database.yml  
   
 production:  
  adapter: postgresql  
  database: msf  
  username: msf  
  password:   
  host: 127.0.0.1  
  port: 5432  
  pool: 75  
  timeout: 5  
    
 sudo sh -c "echo export MSF_DATABASE_CONFIG=/opt/metasploit-framework/config/database.yml >> /etc/profile"  
   
 source /etc/profile  
   
 ..........  
 run it  
   
 * non-priv  
   
 msfconsole
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)