Guide to Installing Metasploit 4 and Armitage on Mac OSX Lion

  • 0
  • December 26, 2011
Armitage-logo
Guide to Installing Metasploit 4 and Armitage on Mac OSX Lion armitage

After many hours of trial and error, I have been able to put together a guide to getting Metasploit 4 and Armitage working properly on Mac OSX. I would also like to give a tremendous amount of credit to BrianCanFixIT @ Faulty Logic. His blog post on setting up Armitage helped me through the missing piece of getting the PostgreSQL database up and running properly.

Prerequisites

  1. Install XCode (I am running v4.2)

PostgreSQL Installation

  1. Download and Install PostgreSQL via the free GUI installer.
  2. Setup your root PostgreSQL password during installation.
  3. Launch the newly installed PGAdmin III application.
  4. Connect (double click) on the local PostgreSQL database and enter your root password when prompted.
  5. Under the PostgreSQL drop down, right click on “Login Roles”, and select “New Login Role”
  6. Set the role name to msfuser.
  7. Click on the definition tab, and set the password as msfpassword.
  8. Click OK to continue.
  9. Next, right click on the databases list, and select “New Database”.
  10. Set the name to metasploitdb, and set the owner to msfuser.
  11. Press OK, and we’re done. You can close PGAdmin.

MacPorts

  1. Download and install MacPorts from http://www.macports.org/install.php
  2. Good Tip: add “/opt/local” to your spotlight privacy settings to avoid excessive compile times & unnecessary indexing by spotlight.
    (System Preferences->Spotlight->Privacy->”+”)
  3. Quit terminal & relaunch to accept new path settings added by MacPorts

Install Ruby, RubyGems (PostgreSQL and MsgPack)

Metasploit 4 Installation

Configure the Metasploit Database

Running Metasploit and Armitage

Enjoy!

  • Encrypto

    Can’t you just install Metasploit from Macports since it installs all the dependencies and doesn’t postgresql come already installed in Lion? I know that on the Rapid seven site they give these instructions here to install…. a little different…..https://community.rapid7.com/docs/DOC-1037

  • Encrypto

    Can’t you just install Metasploit from Macports since it installs all the dependencies and doesn’t postgresql come already installed in Lion? I know that on the Rapid seven site they give these instructions here to install…. a little different…..https://community.rapid7.com/docs/DOC-1037

  • S

    I followed all of the steps and it seems to work but I am hitting a vague and random error.

    This ring a bell?

    msf > db_nmap localhost
    [*] Nmap: Starting Nmap 5.51 ( http://nmap.org ) at 2012-01-18 12:48 PST
    [*] Nmap: Nmap scan report for localhost (127.0.0.1)
    [*] Nmap: Host is up (0.000027s latency).
    [*] Nmap: Not shown: 997 closed ports
    [*] Nmap: PORT STATE SERVICE
    [*] Nmap: 22/tcp open ssh
    [*] Nmap: 631/tcp open ipp
    [*] Nmap: 5432/tcp open postgresql
    [*] Nmap: Nmap done: 1 IP address (1 host up) scanned in 5.47 seconds
    [-] Error while running command db_nmap: (): couldn’t parse YAML at line 17 column 14

    I have searched a bit but all I can find reference to is something possible with encodings being off.

    Any ideas?

  • S

    I followed all of the steps and it seems to work but I am hitting a vague and random error.

    This ring a bell?

    msf > db_nmap localhost
    [*] Nmap: Starting Nmap 5.51 ( http://nmap.org ) at 2012-01-18 12:48 PST
    [*] Nmap: Nmap scan report for localhost (127.0.0.1)
    [*] Nmap: Host is up (0.000027s latency).
    [*] Nmap: Not shown: 997 closed ports
    [*] Nmap: PORT STATE SERVICE
    [*] Nmap: 22/tcp open ssh
    [*] Nmap: 631/tcp open ipp
    [*] Nmap: 5432/tcp open postgresql
    [*] Nmap: Nmap done: 1 IP address (1 host up) scanned in 5.47 seconds
    [-] Error while running command db_nmap: (): couldn’t parse YAML at line 17 column 14

    I have searched a bit but all I can find reference to is something possible with encodings being off.

    Any ideas?

  • Etoiles

    I successful followed all the steps but at the, whle looking forward enjoying metasploit I got this error message “sudo: msfrpcd: command not found”
    does somebody have any Idea what is the problem and I can solve it?

    Etoiles

  • Etoiles

    I successful followed all the steps but at the, whle looking forward enjoying metasploit I got this error message “sudo: msfrpcd: command not found”
    does somebody have any Idea what is the problem and I can solve it?

    Etoiles

  • Etoiles

    I successful followed all the steps but at the End, while looking forward enjoying metasploit I got this error message “sudo: msfrpcd: command not found”
    does somebody have any Idea what is the problem and I can solve it?
    Etoiles

  • Etoiles

    I successful followed all the steps but at the End, while looking forward enjoying metasploit I got this error message “sudo: msfrpcd: command not found”
    does somebody have any Idea what is the problem and I can solve it?
    Etoiles

  • http://www.nightlion.net NightLion

    Are you typing sudo: or sudo? There should not be a colon. If you type msfrpcd at the command prompt and nothing happens, then metasploit is not in your environment path. “sudo ln -s /opt/local/msf/msf* /opt/local/bin” should do the trick for you. Alternatively, edit your .bash_profile file and add the path to your MSF installation.

  • http://www.nightlion.net NightLion

    Are you typing sudo: or sudo? There should not be a colon. If you type msfrpcd at the command prompt and nothing happens, then metasploit is not in your environment path. “sudo ln -s /opt/local/msf/msf* /opt/local/bin” should do the trick for you. Alternatively, edit your .bash_profile file and add the path to your MSF installation.

  • Witik

    when running msfrpcd, after a few seconds I get this error:

    /opt/local/msf/lib/rex/socket/comm/local.rb:197:in rescue in create_by_type': The address is already in use (0.0.0.0:55553). (Rex::AddressInUse)
    from /opt/local/msf/lib/rex/socket/comm/local.rb:191:in
    create_by_type’
    from /opt/local/msf/lib/rex/socket/comm/local.rb:32:in create'
    from /opt/local/msf/lib/rex/socket.rb:46:in
    create_param’
    from /opt/local/msf/lib/rex/socket/tcp_server.rb:38:in create_param'
    from /opt/local/msf/lib/rex/socket/tcp_server.rb:28:in
    create’
    from /opt/local/msf/lib/rex/proto/http/server.rb:134:in start'
    from /opt/local/msf/lib/rex/service_manager.rb:80:in
    start’
    from /opt/local/msf/lib/rex/service_manager.rb:24:in start'
    from /opt/local/msf/lib/msf/core/rpc/v10/service.rb:59:in
    start’
    from /opt/local/msf/plugins/msgrpc.rb:97:in run'
    from /opt/local/bin/msfrpcd:110:in

    also, when I start armitage, and I fill in the fields and click connect, it says:

    org.postgresql.util.PSQLException: ERROR: relation “workspaces” does not exist
    Position: 24

  • Witik

    when running msfrpcd, after a few seconds I get this error:

    /opt/local/msf/lib/rex/socket/comm/local.rb:197:in rescue in create_by_type': The address is already in use (0.0.0.0:55553). (Rex::AddressInUse)
    from /opt/local/msf/lib/rex/socket/comm/local.rb:191:in
    create_by_type’
    from /opt/local/msf/lib/rex/socket/comm/local.rb:32:in create'
    from /opt/local/msf/lib/rex/socket.rb:46:in
    create_param’
    from /opt/local/msf/lib/rex/socket/tcp_server.rb:38:in create_param'
    from /opt/local/msf/lib/rex/socket/tcp_server.rb:28:in
    create’
    from /opt/local/msf/lib/rex/proto/http/server.rb:134:in start'
    from /opt/local/msf/lib/rex/service_manager.rb:80:in
    start’
    from /opt/local/msf/lib/rex/service_manager.rb:24:in start'
    from /opt/local/msf/lib/msf/core/rpc/v10/service.rb:59:in
    start’
    from /opt/local/msf/plugins/msgrpc.rb:97:in run'
    from /opt/local/bin/msfrpcd:110:in

    also, when I start armitage, and I fill in the fields and click connect, it says:

    org.postgresql.util.PSQLException: ERROR: relation “workspaces” does not exist
    Position: 24

  • Cypher

    I have the same issue as Witik. When I try to run Metasploit I get this message about 5 seconds later:

    /opt/local/msf/lib/rex/socket/comm/local.rb:197:in rescue in create_by_type': The address is already in use (0.0.0.0:55553). (Rex::AddressInUse)
    from /opt/local/msf/lib/rex/socket/comm/local.rb:191:in
    create_by_type’
    from /opt/local/msf/lib/rex/socket/comm/local.rb:32:in create'
    from /opt/local/msf/lib/rex/socket.rb:46:in
    create_param’
    from /opt/local/msf/lib/rex/socket/tcp_server.rb:38:in create_param'
    from /opt/local/msf/lib/rex/socket/tcp_server.rb:28:in
    create’
    from /opt/local/msf/lib/rex/proto/http/server.rb:134:in start'
    from /opt/local/msf/lib/rex/service_manager.rb:80:in
    start’
    from /opt/local/msf/lib/rex/service_manager.rb:24:in start'
    from /opt/local/msf/lib/msf/core/rpc/v10/service.rb:59:in
    start’
    from /opt/local/msf/plugins/msgrpc.rb:97:in run'
    from /opt/local/bin/msfrpcd:110:in

    Then when I try to run Armitage and fill in the details I get:
    org.postgresql.util.PSQLException: ERROR: relation “workspaces” does not exist
    Position: 24

    If someone could give me a hand would be great!

    Thanks

  • Cypher

    I have the same issue as Witik. When I try to run Metasploit I get this message about 5 seconds later:

    /opt/local/msf/lib/rex/socket/comm/local.rb:197:in rescue in create_by_type': The address is already in use (0.0.0.0:55553). (Rex::AddressInUse)
    from /opt/local/msf/lib/rex/socket/comm/local.rb:191:in
    create_by_type’
    from /opt/local/msf/lib/rex/socket/comm/local.rb:32:in create'
    from /opt/local/msf/lib/rex/socket.rb:46:in
    create_param’
    from /opt/local/msf/lib/rex/socket/tcp_server.rb:38:in create_param'
    from /opt/local/msf/lib/rex/socket/tcp_server.rb:28:in
    create’
    from /opt/local/msf/lib/rex/proto/http/server.rb:134:in start'
    from /opt/local/msf/lib/rex/service_manager.rb:80:in
    start’
    from /opt/local/msf/lib/rex/service_manager.rb:24:in start'
    from /opt/local/msf/lib/msf/core/rpc/v10/service.rb:59:in
    start’
    from /opt/local/msf/plugins/msgrpc.rb:97:in run'
    from /opt/local/bin/msfrpcd:110:in

    Then when I try to run Armitage and fill in the details I get:
    org.postgresql.util.PSQLException: ERROR: relation “workspaces” does not exist
    Position: 24

    If someone could give me a hand would be great!

    Thanks

  • Cypher

    Ok, the errors I talked about before are not there anymore. Seems like the first one about running metasploit was caused by the fact that metasploit was already running (reboot your mac and run the command again, then you won’t get the error mentioned).

    The second error is not there anymore either, after creating a link to the armitage tool like this:
    sudo ln -s /opt/local/msf/armitage /opt/local/bin

    Then “sudo armitage” works and I can put in the details, only now I get to see a popup window with the same msg as before:
    Could not connect to database,

    org.postgresql.util.PSQLException: ERROR: relation “workspaces” does not exist
    Position: 24

    Any ideas?

  • Cypher

    Ok, the errors I talked about before are not there anymore. Seems like the first one about running metasploit was caused by the fact that metasploit was already running (reboot your mac and run the command again, then you won’t get the error mentioned).

    The second error is not there anymore either, after creating a link to the armitage tool like this:
    sudo ln -s /opt/local/msf/armitage /opt/local/bin

    Then “sudo armitage” works and I can put in the details, only now I get to see a popup window with the same msg as before:
    Could not connect to database,

    org.postgresql.util.PSQLException: ERROR: relation “workspaces” does not exist
    Position: 24

    Any ideas?

  • http://www.nightlion.net NightLion

    Try running MSFCONSOLE or MSFGUI first. That might create the initial workspace.

  • http://www.nightlion.net NightLion

    Try running MSFCONSOLE or MSFGUI first. That might create the initial workspace.

  • Witik

    Cool, that fixed that issue, tnx! :D

    but now after trying an nmap scan I get

    “[-] The nmap executable could not be found”

    -.-’

  • Witik

    Cool, that fixed that issue, tnx! :D

    but now after trying an nmap scan I get

    “[-] The nmap executable could not be found”

    -.-’

  • freddys6

    I try my best doing all the steps, then i get this while loading

    javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake

    nothing happens after that.

    any idea what’s going on?

  • freddys6

    I try my best doing all the steps, then i get this while loading

    javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake

    nothing happens after that.

    any idea what’s going on?

  • NightLion

     There doesn’t seem to be a direct download for Mac OSX.

  • NightLion

     There doesn’t seem to be a direct download for Mac OSX.

  • Manu

    i have the same problem. And i first run the console, and also use it.

    but with armitage i get that error.

  • Manu

    i have the same problem. And i first run the console, and also use it.

    but with armitage i get that error.

  • Adam

    When i try to install Ruby i have this error message :

    Error: Requested variants “+doc+nosuffix” do not match original selection “+doc”.Please use the same variants again, perform ‘port clean ruby19′ or specify the force option (-f).Error: Status 1 encountered during processing.

  • Adam

    When i try to install Ruby i have this error message :

    Error: Requested variants “+doc+nosuffix” do not match original selection “+doc”.Please use the same variants again, perform ‘port clean ruby19′ or specify the force option (-f).Error: Status 1 encountered during processing.

  • Ashish Bhangale

    @ Night Lion Security
    Awesome, Nice work Keep it up ..
    And i learned lots of things from this video http://www.securitytube.net/video/2750 maybe you like it. vivek done a fantastic job. must watch. 

  • Ashish Bhangale

    @ Night Lion Security
    Awesome, Nice work Keep it up ..
    And i learned lots of things from this video http://www.securitytube.net/video/2750 maybe you like it. vivek done a fantastic job. must watch. 

  • http://twitter.com/ishan_girdhar Ishan Girdhar

    Thanks for this amazing post. It helped a lot, but I am facing one Issue. I successfully run all the commands mentioned above without any errors. The only problem is when I try to execute armitage with this command “sudo armitage”. It say’s, “Command Not Found” where as I can execute msfconsole and msfupdate and all other commands successfully.  Am I Missing Something?

  • http://twitter.com/ishan_girdhar Ishan Girdhar

    Thanks for this amazing post. It helped a lot, but I am facing one Issue. I successfully run all the commands mentioned above without any errors. The only problem is when I try to execute armitage with this command “sudo armitage”. It say’s, “Command Not Found” where as I can execute msfconsole and msfupdate and all other commands successfully.  Am I Missing Something?

  • http://twitter.com/hugohagogo Cleber Alves

    Excellent doc, works to me very fine.

  • http://twitter.com/hugohagogo Cleber Alves

    Excellent doc, works to me very fine.

  • AARDVARK857

    Very cool I would have never thought of doing it that way… Just installing backtrack in a VM. Thanks!

  • AARDVARK857

    Very cool I would have never thought of doing it that way… Just installing backtrack in a VM. Thanks!

  • Tritin

    when i tried to run this command : sudo svn co https://www.metasploit.com/svn/framework3/trunk/ /opt/local/msf/
    dyld: Library not loaded: @loader_path/../lib/libssl.dylib  Referenced from: /usr/lib/libpq.5.dylib  Reason: Incompatible library version: libpq.5.dylib requires version 1.0.0 or later, but libssl.0.9.8.dylib provides version 0.9.8I encoutered this error. How can i fix it? Thanks very much.

  • Tritin

    when i tried to run this command : sudo svn co https://www.metasploit.com/svn/framework3/trunk/ /opt/local/msf/
    dyld: Library not loaded: @loader_path/../lib/libssl.dylib  Referenced from: /usr/lib/libpq.5.dylib  Reason: Incompatible library version: libpq.5.dylib requires version 1.0.0 or later, but libssl.0.9.8.dylib provides version 0.9.8I encoutered this error. How can i fix it? Thanks very much.

  • Adasseux

    How do I change my path ? 
    /opt/local/bin:/opt/local/sbin:/opt/local/bin:/opt/local/sbin:/Library/Frameworks/Python.framework/Versions/2.7/bin:/opt/local/bin:/opt/local/sbin:/Library/Frameworks/Python.framework/Versions/3.2/bin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin:/usr/X11/bin

  • Adasseux

    How do I change my path ? 
    /opt/local/bin:/opt/local/sbin:/opt/local/bin:/opt/local/sbin:/Library/Frameworks/Python.framework/Versions/2.7/bin:/opt/local/bin:/opt/local/sbin:/Library/Frameworks/Python.framework/Versions/3.2/bin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin:/usr/X11/bin

  • Sumner Hearth

    That (msfgui) did it for me, thanks!

  • anon

    when i run sudo armitage everything is ok. the connect window appears and then it loads but afterwards nothing happens
     :(

  • Sumner Hearth

    doing exactly what is written (sudo ln -s /opt/local/msf/msf* /opt/local/bin)  doesn’t link the “armitage” command, to fix this do:

    sudo ln -s /opt/local/msf/armitage /opt/local/bin

  • Renmusxd

    Is there a reason we launch metasploit with “msfuser2″ and “msfpassword2″ instead of the user:pwd combo we made earlier?

  • Renmusxd

    do:
    sudo ln -s /opt/local/msf/armitage /opt/local/bin

  • Renmusxd

    I heard that:
    sudo touch ~/.bash_profile
    should work

  • http://twitter.com/Guiba2 Guilherme Jose

    Why does /opt/local/bin have to appear before /usr/bin?

    i get this: /opt/local/bin:/opt/local/sbin:/opt/iOSOpenDev/bin:/opt/local/bin:/opt/local/sbin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin:/usr/X11/bin

  • vinnytroia

    The order does not matter, just as long as the folders are being referenced in the path statement.

  • Victor Sabo

    Not so far I have found new cool tool to work on mac os x – Valentina Studio. Its free edition can do things more than many commercial tools!!
    I very recommend check it. http://www.valentina-db.com/en/valentina-studio-overview
    You can install Valentina Studio (FREE) directly from Mac App Store: https://itunes.apple.com/us/app/valentina-studio/id604825918?ls=1&mt=12

Have questions? Give us a call for a free security consultation (314)-669-6569
Contact Us

Have a question? Send us a message. We'll get back to you soon.

[contact-form-7 404 "Not Found"]