macOS 安装metasploit framework

1.拉取项目

git clone https://github.com/rapid7/metasploit-framework.git /usr/local/share/metasploit-framework

2.安装brew

/usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"

3.安装postgresql（msf需要用到的数据库），创建数据库

brew install postgresql --without-ossp-build

initdb /usr/local/var/postgres

启动postgres

pg_ctl -D /usr/local/var/postgres -l /usr/local/var/postgres/server.log start

为本地创建了一个名为msf的数据库服务器主机并且创建的时候需要密码

createuser msf -P -h localhost 

Enter password for new role: 

Enter it again: 

创建了一个数据库, 该数据库的拥有者为msf.

createdb -O msf msf -h localhost

为了方便启动与停止PostgreSQL, 可以在你的配置文件添加别名:

alias start_pgsql='pg_ctl -D /usr/local/var/postgres -l /usr/local/var/postgres/server.log start'

alias stop_pgsql='pg_ctl -D /usr/local/var/postgres stop'

4.配置文件

检查metasploit-framework/config目录下的database.yml是否存在，不存的话复制database.yml.example并命名为database.yml.

4.1在/.bash_profile中添加下面这条配置:

export MSF_DATABASE_CONFIG=/usr/local/share/metasploit-framework/config/database.yml

4.2metasploit-framework/config/目录下, 打开database.yml, 作出如下修改:

production:

adapter: postgresql

database: msf

username: msf

password: <你的密码>

host: 127.0.0.1

port: 5432

pool: 75

timeout: 5

注意是修改production下面的行, 不是development.

5.安装bundle

gem install bundle

6.bundle完成安装后, 进入到metasploit-framework目录下, 解决模块包的依赖:

bundle install

如果安装中出现报错，无法继续安装时，可尝试使用下面命令

ARCHFLAGS="-arch x86_64" bundle install

（https://stackoverflow.com/questions/6209797/cant-find-the-postgresql-client-library-libpq）

7.进入/usr/local/share/metasploit-framework,执行./msfconsole

其他文章参考：

http://www.geeshell.com/hacks/installing-metasploit-on-osx-yosemite

https://www.jianshu.com/p/1077b96bec49

一些错误：

1.postgresql错误

createuser msf -P -h localhost 

Enter password for new role: 

Enter it again: 

createuser: could not connect to database postgres: could not connect to server: Connection refused

Is the server running on host "localhost" (::1) and accepting

TCP/IP connections on port 5432?

could not connect to server: Connection refused

Is the server running on host "localhost" (127.0.0.1) and accepting

TCP/IP connections on port 5432?

上面失败说明postgres没启动，先启动后创建用户

2.bundle install错误：

Using metasploit-model 2.0.4

Fetching pg 0.20.0

Your user account isn't allowed to install to the system RubyGems.

  You can cancel this installation and run:

      bundle install --path vendor/bundle

  to install the gems into ./vendor/bundle/, or you can enter your password

  and install the bundled gems to RubyGems using sudo.

  Password:

Installing pg 0.20.0 with native extensions

Gem::Ext::BuildError: ERROR: Failed to build gem native extension.

    current directory: /private/var/folders/jf/yys8w7wx2c703hmzfy8kkn405vvv53/T/bundler20181224-53339-apsatypg-0.20.0/gems/pg-0.20.0/ext

/System/Library/Frameworks/Ruby.framework/Versions/2.3/usr/bin/ruby -r ./siteconf20181224-53339-8klri0.rb extconf.rb

checking for pg_config... yes

Using config values from /usr/local/bin/pg_config

checking for libpq-fe.h... yes

checking for libpq/libpq-fs.h... yes

checking for pg_config_manual.h... yes

checking for PQconnectdb() in -lpq... no

checking for PQconnectdb() in -llibpq... no

checking for PQconnectdb() in -lms/libpq... no

Can't find the PostgreSQL client library (libpq)

*** extconf.rb failed ***

Could not create Makefile due to some reason, probably lack of necessary

libraries and/or headers.  Check the mkmf.log file for more details.  You may

need configuration options.

直接使用ARCHFLAGS="-arch x86_64" bundle install可以解决