macOS下安装Metasploit
macOS下安装Metasploit
2020.09.27 15:51:40字数 587阅读 447
macOS下其实是可以直接安装原生的Metasploit的,这样很多攻击都可以在macOS下实现,基本上不需要打开Kali Linux虚拟机或者Docker了,很是方便,下面就简单记录下mac下MSF的安装。(不知不觉又水了一篇文章)
下载
版本 | 下载地址 |
---|---|
最新的版本 | https://osx.metasploit.com/metasploitframework-latest.pkg |
最近10个版本安装 | https://osx.metasploit.com/ |
下载最新版本往往国内需要挂带来才可以很快的下载下来,这里建议配合proxychains4
使用:
Bash
proxychains4 wget https://osx.metasploit.com/metasploitframework-latest.pkg
安装
安装很简单,双击metasploitframework-latest.pkg
安装包,就可以安装了,macOS下手动升级Metasploit版本国光这里建议也这样升级,比较方便省心。
配置
macOS下Metasploit的可执行文件的位置为:/opt/metasploit-framework/bin
Bash
➜ tree /opt/metasploit-framework/bin
/opt/metasploit-framework/bin
├── msfbinscan
├── msfconsole
├── msfd
├── msfdb
├── msfelfscan
├── msfmachscan
├── msfpescan
├── msfremove
├── msfrop
├── msfrpc
├── msfrpcd
├── msfupdate
└── msfvenom
方法一
下面手动创建一系列软链接方便我们启动:
Bash
ln -s /opt/metasploit-framework/bin/msfbinscan /usr/local/bin/msfbinscan
ln -s /opt/metasploit-framework/bin/msfconsole /usr/local/bin/msfconsole
ln -s /opt/metasploit-framework/bin/msfd /usr/local/bin/msfd
ln -s /opt/metasploit-framework/bin/msfdb /usr/local/bin/msfdb
ln -s /opt/metasploit-framework/bin/msfelfscan /usr/local/bin/msfelfscan
ln -s /opt/metasploit-framework/bin/msfmachscan /usr/local/bin/msfmachscan
ln -s /opt/metasploit-framework/bin/msfpescan /usr/local/bin/msfpescan
ln -s /opt/metasploit-framework/bin/msfremove /usr/local/bin/msfremove
ln -s /opt/metasploit-framework/bin/msfrop /usr/local/bin/msfrop
ln -s /opt/metasploit-framework/bin/msfrpc /usr/local/bin/msfrpc
ln -s /opt/metasploit-framework/bin/msfrpcd /usr/local/bin/msfrpcd
ln -s /opt/metasploit-framework/bin/msfupdate /usr/local/bin/msfupdate
ln -s /opt/metasploit-framework/bin/msfvenom /usr/local/bin/msfvenom
方法二
如果嫌麻烦的话,还可以直接在zsh配置文件下配置msf路径的环境变量:
Bash
vim ~/.zshrc
添加如下内容:
Bash
export PATH="$PATH:/opt/metasploit-framework/bin"
然后刷新一下zsh即可正常使用metasploit的各种命令:
Bash
zsh
使用
Bash
# 启动msf
$ msfconsole
** Welcome to Metasploit Framework Initial Setup **
Please answer a few questions to get started.
# 是否初始化一个数据库? y
Would you like to use and setup a new database (recommended)? y
Creating database at /Users/opposec/.msf4/db
Starting database at /Users/opposec/.msf4/db...success
Creating database users
Writing client authentication configuration file /Users/opposec/.msf4/db/pg_hba.conf
Stopping database at /Users/opposec/.msf4/db
Starting database at /Users/opposec/.msf4/db...success
Creating initial database schema
# 这里设置用户名和密码都msf
[?] Initial MSF web service account username? [opposec]: msf
[?] Initial MSF web service account password? (Leave blank for random password):
Generating SSL key and certificate for MSF web service
Attempting to start MSF web service...success
MSF web service started and online
Creating MSF web service user msf
############################################################
## MSF Web Service Credentials ##
## ##
## Please store these credentials securely. ##
## You will need them to connect to the webservice. ##
############################################################
MSF web service username: msf
MSF web service password: msf
MSF web service user API token: 2c8d9b7c229f47c710f1af9bbb720a96401fd3140001be4cf0b0d8234213a53f9c308b30bc78e491
MSF web service configuration complete
The web service has been configured as your default data service in msfconsole with the name "local-https-data-service"
If needed, manually reconnect to the data service in msfconsole using the command:
db_connect --token 2c8d9b7c229f47c710f1af9bbb720a96401fd3140001be4cf0b0d8234213a53f9c308b30bc78e491 --cert /Users/opposec/.msf4/msf-ws-cert.pem --skip-verify https://localhost:5443
The username and password are credentials for the API account:
https://localhost:5443/api/v1/auth/account
** Metasploit Framework Initial Setup Complete **
.;lxO0KXXXK0Oxl:.
,o0WMMMMMMMMMMMMMMMMMMKd,
'xNMMMMMMMMMMMMMMMMMMMMMMMMMWx,
:KMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMK:
.KMMMMMMMMMMMMMMMWNNNWMMMMMMMMMMMMMMMX,
lWMMMMMMMMMMMXd:.. ..;dKMMMMMMMMMMMMo
xMMMMMMMMMMWd. .oNMMMMMMMMMMk
oMMMMMMMMMMx. dMMMMMMMMMMx
.WMMMMMMMMM: :MMMMMMMMMM,
xMMMMMMMMMo lMMMMMMMMMO
NMMMMMMMMW ,cccccoMMMMMMMMMWlccccc;
MMMMMMMMMX ;KMMMMMMMMMMMMMMMMMMX:
NMMMMMMMMW. ;KMMMMMMMMMMMMMMX:
xMMMMMMMMMd ,0MMMMMMMMMMK;
.WMMMMMMMMMc 'OMMMMMM0,
lMMMMMMMMMMk. .kMMO'
dMMMMMMMMMMWd' ..
cWMMMMMMMMMMMNxc'. ##########
.0MMMMMMMMMMMMMMMMWc #+# #+#
;0MMMMMMMMMMMMMMMo. +:+
.dNMMMMMMMMMMMMo +#++:++#+
'oOWMMMMMMMMo +:+
.,cdkO0K; :+: :+:
:::::::+:
Metasploit
=[ metasploit v5.0.61-dev-56944c8364e66d13bcb077070ef4e44a73c987e6]
+ -- --=[ 1948 exploits - 1089 auxiliary - 334 post ]
+ -- --=[ 556 payloads - 45 encoders - 10 nops ]
+ -- --=[ 7 evasion ]
msf5 >
macOS安装的Metasploit自带Web Servive,浏览器访问:https://localhost:5443/api/v1/auth/account 输入上面设置好的用户名和密码:
下面是大概的页面:
电脑如果后面重启的话,启动Metasploit的时候 再次输入用户名和密码即可成功启动:
Bash
➜ ~ msfconsole
[?] Would you like to delete your existing data and configurations?: n
Found a database at /Users/sqlsec/.msf4/db, checking to see if it is started
Starting database at /Users/sqlsec/.msf4/db...success
[?] Initial MSF web service account username? [sqlsec]: msf
[?] Initial MSF web service account password? (Leave blank for random password):
标签:
安全分析
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】凌霞软件回馈社区,博客园 & 1Panel & Halo 联合会员上线
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 智能桌面机器人:用.NET IoT库控制舵机并多方法播放表情
· Linux glibc自带哈希表的用例及性能测试
· 深入理解 Mybatis 分库分表执行原理
· 如何打造一个高并发系统?
· .NET Core GC压缩(compact_phase)底层原理浅谈
· 手把手教你在本地部署DeepSeek R1,搭建web-ui ,建议收藏!
· 新年开篇:在本地部署DeepSeek大模型实现联网增强的AI应用
· Janus Pro:DeepSeek 开源革新,多模态 AI 的未来
· 互联网不景气了那就玩玩嵌入式吧,用纯.NET开发并制作一个智能桌面机器人(三):用.NET IoT库
· 【非技术】说说2024年我都干了些啥
2018-05-04 网络流量分析——NPMD关注IT运维、识别宕机和运行不佳进行性能优化。智能化分析是关键-主动发现业务运行异常。科来做APT相关的安全分析
2017-05-04 lucene .doc里存储的skiplist跳表
2017-05-04 lucene .doc文件格式解析——见图
2017-05-04 A Go library implementing an FST (finite state transducer)——mark下