In the previous section, we had a brief introduction to the Metasploit framework. In this section, we will learn about the system requirements and various modes of installation of the Metasploit framework.
The easiest way to get your hands on Metasploit is to download the Linux distribution named Backtrack. Backtrack is a Linux-based security distribution that comes with built-in hacker tools. These tools range from information gathering to cyber forensics. The Metasploit framework comes under the network exploitation category. Backtrack includes this within itself to be used just out of the box. Let's see how to do this:
- Visit the site http://www.backtrack-linux.org. Under the Downloads section of the site, download the latest version of Backtrack onto your system. Here, you have the option of choosing an ISO image or a VMware image. Choose the required image based on your needs and allow the download to complete.
- Use a Virtual Workstation such as VMware or Virtual Box to open the image and let the operating system load. The login credentials by default are
root:toor.
- Once you get the shell prompt, type
startxto load the GUI of the system. The following screenshot shows the look of the GUI of Backtrack 5:
Metasploit comes in various flavors. In this section, we shall see how to invoke the Metasploit framework through the command-line console.
- In your Backtrack system, open the shell by clicking on the terminal icon as shown in the following screenshot:
- Once the terminal is opened, type the
root@bt:~# msfconsolecommand:
- As shown in the preceding screenshot, we have successfully launched
msfconsole. The screenshot describes the version of the framework currently installed on the system. Here, it is Metasploit 4.5. - Metasploit is located in the
/opt/metasploit/msf3folder under Backtrack 5 R3. As you can see, under this folder we have themsfconsoleexecutable.
Metasploit not only comes with a command-line interface, but it has a very user friendly GUI called Armitage. Armitage is a tool for Metasploit, which is used to visualize targets and intelligently recommends exploits that are based on the target's nature. In this section, we shall see how to launch Armitage in Backtrack.
- Navigate to Armitage: Applications | Backtrack |Exploitation Tools | Network Exploitation Tools | Metasploit Framework | armitage:
- You will be prompted with a dialog box. Click on OK and wait till Armitage loads on your GUI. Do not change any values in the dialog box. This may take quite some time to load, which is expected.
- In the following screenshot, you can see what Armitage—the GUI for Metasploit—looks like. In the subsequent chapters, we will cover how to use the command-line interface of Metasploit as well as the Armitage GUI for performing attacks.
In the preceding screenshot, the upper half of the screen shows the folder structure of the Metasploit framework. The lower half of the screen shows the console of the framework integrated with the GUI. We shall see how to use it in the upcoming chapters.