Guide to Installing Metasploit 4 and Armitage on Mac OSX Lion thumbnail

Guide to Installing Metasploit 4 and Armitage on Mac OSX Lion

armitage Guide to Installing Metasploit 4 and Armitage on Mac OSX Lion

After many hours of trial and error, I have been able to put together a guide to getting Metasploit 4 and Armitage working properly on Mac OSX. I would also like to give a tremendous amount of credit to BrianCanFixIT @ Faulty Logic. His blog post on setting up Armitage helped me through the missing piece of getting the PostgreSQL database up and running properly.

Prerequisites

  1. Install XCode (I am running v4.2)

PostgreSQL Installation

  1. Download and Install PostgreSQL via the free GUI installer.
  2. Setup your root PostgreSQL password during installation.
  3. Launch the newly installed PGAdmin III application.
  4. Connect (double click) on the local PostgreSQL database and enter your root password when prompted.
  5. Under the PostgreSQL drop down, right click on “Login Roles”, and select “New Login Role”
  6. Set the role name to msfuser.
  7. Click on the definition tab, and set the password as msfpassword.
  8. Click OK to continue.
  9. Next, right click on the databases list, and select “New Database”.
  10. Set the name to metasploitdb, and set the owner to msfuser.
  11. Press OK, and we’re done. You can close PGAdmin.

MacPorts

  1. Download and install MacPorts from http://www.macports.org/install.php
  2. Good Tip: add “/opt/local” to your spotlight privacy settings to avoid excessive compile times & unnecessary indexing by spotlight.
    (System Preferences->Spotlight->Privacy->”+”)
  3. Quit terminal & relaunch to accept new path settings added by MacPorts

Install Ruby, RubyGems (PostgreSQL and MsgPack)

Metasploit 4 Installation

Configure the Metasploit Database

Running Metasploit and Armitage

Enjoy!

Please Share

49 Comments

  • Encrypto says:

    Can’t you just install Metasploit from Macports since it installs all the dependencies and doesn’t postgresql come already installed in Lion? I know that on the Rapid seven site they give these instructions here to install…. a little different…..https://community.rapid7.com/docs/DOC-1037

  • Encrypto says:

    Can’t you just install Metasploit from Macports since it installs all the dependencies and doesn’t postgresql come already installed in Lion? I know that on the Rapid seven site they give these instructions here to install…. a little different…..https://community.rapid7.com/docs/DOC-1037

  • S says:

    I followed all of the steps and it seems to work but I am hitting a vague and random error.

    This ring a bell?

    msf > db_nmap localhost
    [*] Nmap: Starting Nmap 5.51 ( http://nmap.org ) at 2012-01-18 12:48 PST
    [*] Nmap: Nmap scan report for localhost (127.0.0.1)
    [*] Nmap: Host is up (0.000027s latency).
    [*] Nmap: Not shown: 997 closed ports
    [*] Nmap: PORT STATE SERVICE
    [*] Nmap: 22/tcp open ssh
    [*] Nmap: 631/tcp open ipp
    [*] Nmap: 5432/tcp open postgresql
    [*] Nmap: Nmap done: 1 IP address (1 host up) scanned in 5.47 seconds
    [-] Error while running command db_nmap: (): couldn’t parse YAML at line 17 column 14

    I have searched a bit but all I can find reference to is something possible with encodings being off.

    Any ideas?

  • S says:

    I followed all of the steps and it seems to work but I am hitting a vague and random error.

    This ring a bell?

    msf > db_nmap localhost
    [*] Nmap: Starting Nmap 5.51 ( http://nmap.org ) at 2012-01-18 12:48 PST
    [*] Nmap: Nmap scan report for localhost (127.0.0.1)
    [*] Nmap: Host is up (0.000027s latency).
    [*] Nmap: Not shown: 997 closed ports
    [*] Nmap: PORT STATE SERVICE
    [*] Nmap: 22/tcp open ssh
    [*] Nmap: 631/tcp open ipp
    [*] Nmap: 5432/tcp open postgresql
    [*] Nmap: Nmap done: 1 IP address (1 host up) scanned in 5.47 seconds
    [-] Error while running command db_nmap: (): couldn’t parse YAML at line 17 column 14

    I have searched a bit but all I can find reference to is something possible with encodings being off.

    Any ideas?

  • Etoiles says:

    I successful followed all the steps but at the, whle looking forward enjoying metasploit I got this error message “sudo: msfrpcd: command not found”
    does somebody have any Idea what is the problem and I can solve it?

    Etoiles

  • Etoiles says:

    I successful followed all the steps but at the, whle looking forward enjoying metasploit I got this error message “sudo: msfrpcd: command not found”
    does somebody have any Idea what is the problem and I can solve it?

    Etoiles

  • Etoiles says:

    I successful followed all the steps but at the End, while looking forward enjoying metasploit I got this error message “sudo: msfrpcd: command not found”
    does somebody have any Idea what is the problem and I can solve it?
    Etoiles

  • Etoiles says:

    I successful followed all the steps but at the End, while looking forward enjoying metasploit I got this error message “sudo: msfrpcd: command not found”
    does somebody have any Idea what is the problem and I can solve it?
    Etoiles

  • NightLion says:

    Are you typing sudo: or sudo? There should not be a colon. If you type msfrpcd at the command prompt and nothing happens, then metasploit is not in your environment path. “sudo ln -s /opt/local/msf/msf* /opt/local/bin” should do the trick for you. Alternatively, edit your .bash_profile file and add the path to your MSF installation.

  • NightLion says:

    Are you typing sudo: or sudo? There should not be a colon. If you type msfrpcd at the command prompt and nothing happens, then metasploit is not in your environment path. “sudo ln -s /opt/local/msf/msf* /opt/local/bin” should do the trick for you. Alternatively, edit your .bash_profile file and add the path to your MSF installation.

  • Witik says:

    when running msfrpcd, after a few seconds I get this error:

    /opt/local/msf/lib/rex/socket/comm/local.rb:197:in rescue in create_by_type': The address is already in use (0.0.0.0:55553). (Rex::AddressInUse)
    from /opt/local/msf/lib/rex/socket/comm/local.rb:191:in
    create_by_type’
    from /opt/local/msf/lib/rex/socket/comm/local.rb:32:in create'
    from /opt/local/msf/lib/rex/socket.rb:46:in
    create_param’
    from /opt/local/msf/lib/rex/socket/tcp_server.rb:38:in create_param'
    from /opt/local/msf/lib/rex/socket/tcp_server.rb:28:in
    create’
    from /opt/local/msf/lib/rex/proto/http/server.rb:134:in start'
    from /opt/local/msf/lib/rex/service_manager.rb:80:in
    start’
    from /opt/local/msf/lib/rex/service_manager.rb:24:in start'
    from /opt/local/msf/lib/msf/core/rpc/v10/service.rb:59:in
    start’
    from /opt/local/msf/plugins/msgrpc.rb:97:in run'
    from /opt/local/bin/msfrpcd:110:in

    also, when I start armitage, and I fill in the fields and click connect, it says:

    org.postgresql.util.PSQLException: ERROR: relation “workspaces” does not exist
    Position: 24

  • Witik says:

    when running msfrpcd, after a few seconds I get this error:

    /opt/local/msf/lib/rex/socket/comm/local.rb:197:in rescue in create_by_type': The address is already in use (0.0.0.0:55553). (Rex::AddressInUse)
    from /opt/local/msf/lib/rex/socket/comm/local.rb:191:in
    create_by_type’
    from /opt/local/msf/lib/rex/socket/comm/local.rb:32:in create'
    from /opt/local/msf/lib/rex/socket.rb:46:in
    create_param’
    from /opt/local/msf/lib/rex/socket/tcp_server.rb:38:in create_param'
    from /opt/local/msf/lib/rex/socket/tcp_server.rb:28:in
    create’
    from /opt/local/msf/lib/rex/proto/http/server.rb:134:in start'
    from /opt/local/msf/lib/rex/service_manager.rb:80:in
    start’
    from /opt/local/msf/lib/rex/service_manager.rb:24:in start'
    from /opt/local/msf/lib/msf/core/rpc/v10/service.rb:59:in
    start’
    from /opt/local/msf/plugins/msgrpc.rb:97:in run'
    from /opt/local/bin/msfrpcd:110:in

    also, when I start armitage, and I fill in the fields and click connect, it says:

    org.postgresql.util.PSQLException: ERROR: relation “workspaces” does not exist
    Position: 24

  • Cypher says:

    I have the same issue as Witik. When I try to run Metasploit I get this message about 5 seconds later:

    /opt/local/msf/lib/rex/socket/comm/local.rb:197:in rescue in create_by_type': The address is already in use (0.0.0.0:55553). (Rex::AddressInUse)
    from /opt/local/msf/lib/rex/socket/comm/local.rb:191:in
    create_by_type’
    from /opt/local/msf/lib/rex/socket/comm/local.rb:32:in create'
    from /opt/local/msf/lib/rex/socket.rb:46:in
    create_param’
    from /opt/local/msf/lib/rex/socket/tcp_server.rb:38:in create_param'
    from /opt/local/msf/lib/rex/socket/tcp_server.rb:28:in
    create’
    from /opt/local/msf/lib/rex/proto/http/server.rb:134:in start'
    from /opt/local/msf/lib/rex/service_manager.rb:80:in
    start’
    from /opt/local/msf/lib/rex/service_manager.rb:24:in start'
    from /opt/local/msf/lib/msf/core/rpc/v10/service.rb:59:in
    start’
    from /opt/local/msf/plugins/msgrpc.rb:97:in run'
    from /opt/local/bin/msfrpcd:110:in

    Then when I try to run Armitage and fill in the details I get:
    org.postgresql.util.PSQLException: ERROR: relation “workspaces” does not exist
    Position: 24

    If someone could give me a hand would be great!

    Thanks

  • Cypher says:

    I have the same issue as Witik. When I try to run Metasploit I get this message about 5 seconds later:

    /opt/local/msf/lib/rex/socket/comm/local.rb:197:in rescue in create_by_type': The address is already in use (0.0.0.0:55553). (Rex::AddressInUse)
    from /opt/local/msf/lib/rex/socket/comm/local.rb:191:in
    create_by_type’
    from /opt/local/msf/lib/rex/socket/comm/local.rb:32:in create'
    from /opt/local/msf/lib/rex/socket.rb:46:in
    create_param’
    from /opt/local/msf/lib/rex/socket/tcp_server.rb:38:in create_param'
    from /opt/local/msf/lib/rex/socket/tcp_server.rb:28:in
    create’
    from /opt/local/msf/lib/rex/proto/http/server.rb:134:in start'
    from /opt/local/msf/lib/rex/service_manager.rb:80:in
    start’
    from /opt/local/msf/lib/rex/service_manager.rb:24:in start'
    from /opt/local/msf/lib/msf/core/rpc/v10/service.rb:59:in
    start’
    from /opt/local/msf/plugins/msgrpc.rb:97:in run'
    from /opt/local/bin/msfrpcd:110:in

    Then when I try to run Armitage and fill in the details I get:
    org.postgresql.util.PSQLException: ERROR: relation “workspaces” does not exist
    Position: 24

    If someone could give me a hand would be great!

    Thanks

  • Cypher says:

    Ok, the errors I talked about before are not there anymore. Seems like the first one about running metasploit was caused by the fact that metasploit was already running (reboot your mac and run the command again, then you won’t get the error mentioned).

    The second error is not there anymore either, after creating a link to the armitage tool like this:
    sudo ln -s /opt/local/msf/armitage /opt/local/bin

    Then “sudo armitage” works and I can put in the details, only now I get to see a popup window with the same msg as before:
    Could not connect to database,

    org.postgresql.util.PSQLException: ERROR: relation “workspaces” does not exist
    Position: 24

    Any ideas?

  • Cypher says:

    Ok, the errors I talked about before are not there anymore. Seems like the first one about running metasploit was caused by the fact that metasploit was already running (reboot your mac and run the command again, then you won’t get the error mentioned).

    The second error is not there anymore either, after creating a link to the armitage tool like this:
    sudo ln -s /opt/local/msf/armitage /opt/local/bin

    Then “sudo armitage” works and I can put in the details, only now I get to see a popup window with the same msg as before:
    Could not connect to database,

    org.postgresql.util.PSQLException: ERROR: relation “workspaces” does not exist
    Position: 24

    Any ideas?

  • NightLion says:

    Try running MSFCONSOLE or MSFGUI first. That might create the initial workspace.

  • NightLion says:

    Try running MSFCONSOLE or MSFGUI first. That might create the initial workspace.

  • Witik says:

    Cool, that fixed that issue, tnx! :D

    but now after trying an nmap scan I get

    “[-] The nmap executable could not be found”

    -.-’

  • Witik says:

    Cool, that fixed that issue, tnx! :D

    but now after trying an nmap scan I get

    “[-] The nmap executable could not be found”

    -.-’

  • freddys6 says:

    I try my best doing all the steps, then i get this while loading

    javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake

    nothing happens after that.

    any idea what’s going on?

  • freddys6 says:

    I try my best doing all the steps, then i get this while loading

    javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake

    nothing happens after that.

    any idea what’s going on?

  • NightLion says:

     There doesn’t seem to be a direct download for Mac OSX.

  • NightLion says:

     There doesn’t seem to be a direct download for Mac OSX.

  • Manu says:

    i have the same problem. And i first run the console, and also use it.

    but with armitage i get that error.

  • Manu says:

    i have the same problem. And i first run the console, and also use it.

    but with armitage i get that error.

  • Adam says:

    When i try to install Ruby i have this error message :

    Error: Requested variants “+doc+nosuffix” do not match original selection “+doc”.Please use the same variants again, perform ‘port clean ruby19′ or specify the force option (-f).Error: Status 1 encountered during processing.

  • Adam says:

    When i try to install Ruby i have this error message :

    Error: Requested variants “+doc+nosuffix” do not match original selection “+doc”.Please use the same variants again, perform ‘port clean ruby19′ or specify the force option (-f).Error: Status 1 encountered during processing.

  • Ashish Bhangale says:

    @ Night Lion Security
    Awesome, Nice work Keep it up ..
    And i learned lots of things from this video http://www.securitytube.net/video/2750 maybe you like it. vivek done a fantastic job. must watch. 

  • Ashish Bhangale says:

    @ Night Lion Security
    Awesome, Nice work Keep it up ..
    And i learned lots of things from this video http://www.securitytube.net/video/2750 maybe you like it. vivek done a fantastic job. must watch. 

  • Thanks for this amazing post. It helped a lot, but I am facing one Issue. I successfully run all the commands mentioned above without any errors. The only problem is when I try to execute armitage with this command “sudo armitage”. It say’s, “Command Not Found” where as I can execute msfconsole and msfupdate and all other commands successfully.  Am I Missing Something?

  • Thanks for this amazing post. It helped a lot, but I am facing one Issue. I successfully run all the commands mentioned above without any errors. The only problem is when I try to execute armitage with this command “sudo armitage”. It say’s, “Command Not Found” where as I can execute msfconsole and msfupdate and all other commands successfully.  Am I Missing Something?

  • Cleber Alves says:

    Excellent doc, works to me very fine.

  • Cleber Alves says:

    Excellent doc, works to me very fine.

  • AARDVARK857 says:

    Very cool I would have never thought of doing it that way… Just installing backtrack in a VM. Thanks!

  • AARDVARK857 says:

    Very cool I would have never thought of doing it that way… Just installing backtrack in a VM. Thanks!

  • Tritin says:

    when i tried to run this command : sudo svn co https://www.metasploit.com/svn/framework3/trunk/ /opt/local/msf/
    dyld: Library not loaded: @loader_path/../lib/libssl.dylib  Referenced from: /usr/lib/libpq.5.dylib  Reason: Incompatible library version: libpq.5.dylib requires version 1.0.0 or later, but libssl.0.9.8.dylib provides version 0.9.8I encoutered this error. How can i fix it? Thanks very much.

  • Tritin says:

    when i tried to run this command : sudo svn co https://www.metasploit.com/svn/framework3/trunk/ /opt/local/msf/
    dyld: Library not loaded: @loader_path/../lib/libssl.dylib  Referenced from: /usr/lib/libpq.5.dylib  Reason: Incompatible library version: libpq.5.dylib requires version 1.0.0 or later, but libssl.0.9.8.dylib provides version 0.9.8I encoutered this error. How can i fix it? Thanks very much.

  • Adasseux says:

    How do I change my path ? 
    /opt/local/bin:/opt/local/sbin:/opt/local/bin:/opt/local/sbin:/Library/Frameworks/Python.framework/Versions/2.7/bin:/opt/local/bin:/opt/local/sbin:/Library/Frameworks/Python.framework/Versions/3.2/bin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin:/usr/X11/bin

  • Adasseux says:

    How do I change my path ? 
    /opt/local/bin:/opt/local/sbin:/opt/local/bin:/opt/local/sbin:/Library/Frameworks/Python.framework/Versions/2.7/bin:/opt/local/bin:/opt/local/sbin:/Library/Frameworks/Python.framework/Versions/3.2/bin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin:/usr/X11/bin

  • Sumner Hearth says:

    That (msfgui) did it for me, thanks!

  • anon says:

    when i run sudo armitage everything is ok. the connect window appears and then it loads but afterwards nothing happens
     :(

  • Sumner Hearth says:

    doing exactly what is written (sudo ln -s /opt/local/msf/msf* /opt/local/bin)  doesn’t link the “armitage” command, to fix this do:

    sudo ln -s /opt/local/msf/armitage /opt/local/bin

  • Renmusxd says:

    Is there a reason we launch metasploit with “msfuser2″ and “msfpassword2″ instead of the user:pwd combo we made earlier?

  • Renmusxd says:

    do:
    sudo ln -s /opt/local/msf/armitage /opt/local/bin

  • Renmusxd says:

    I heard that:
    sudo touch ~/.bash_profile
    should work

  • Why does /opt/local/bin have to appear before /usr/bin?

    i get this: /opt/local/bin:/opt/local/sbin:/opt/iOSOpenDev/bin:/opt/local/bin:/opt/local/sbin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin:/usr/X11/bin

  • vinnytroia says:

    The order does not matter, just as long as the folders are being referenced in the path statement.

  • Victor Sabo says:

    Not so far I have found new cool tool to work on mac os x – Valentina Studio. Its free edition can do things more than many commercial tools!!
    I very recommend check it. http://www.valentina-db.com/en/valentina-studio-overview
    You can install Valentina Studio (FREE) directly from Mac App Store: https://itunes.apple.com/us/app/valentina-studio/id604825918?ls=1&mt=12

Leave a Reply

Your email address will not be published.

Have questions? Give us a call for a free security consultation (314)-669-6569
Contact Us

Have a question? Send us a message. We'll get back to you soon.

[contact-form-7 404 "Not Found"]