Installation on Microsoft Windows¶
Metasploit provides a preconfigured Cygwin environment and installer that can be downloaded from the downloads page of the Metasploit web site.
This installer includes:- Cygwin 1.7 (snapshot) * RXVT
- Ruby 1.9.1
- Subversion
- VNCViewer
- WinVI32
- Nmap 5.0
Installer on Windows 7¶
Installation Process¶
The destination directory for the installer determines where the Cygwin environment, Metasploit Framework, and supporting tools will be stored. This directory can be on a mobile storage device, such as a USB stick or SD card. Once the framework has been installed, it is location agnostic in all aspects except for the uninstaller executable. The uninstaller will completely remove the installation directory, including any user-owned files. Make sure that any custom modules or scripts are backed up prior to uninstalling the framework.
Updating the Framework¶
Once the framework has been installed, it can be updated via the Metasploit Update link placed on the desktop. On operating systems that enforce UAC or in situations where the user does not have administrative privileges, the Metasploit Update link must be executed as an administrative user (or with administrative rights via right-click on Vista/Windows 7).
Running the Framework¶
To start the Metasploit Framework, launch the Metasploit Console shortcut placed on the desktop. In order for some features to work, this shortcut may need to be executed with administrative privileges. For the most part, all major features of the Metasploit Framework will work properly on Windows, however there are a few exceptions:
- Raw socket modules (SYN scan, pSnuffle, etc) are not supported
- WiFi modules using Lorcon or Lorcon2 are not supported
- Modules that bind to ports 139 or 445 (smb_relay) require special configuration
Advanced Users¶
The standard Metasploit command line tools can be accessed via the Start Menu -> Metasploit3 -> Cygwin Shell shortcut. Once the shell is open, tools such as msfpayload, msfencode, and msfcli should work normally.
Restoring 3.3-release¶
If a Metasploit Update is performed that includes buggy code or otherwise undesirable behavior, it is possible to revert the Metasploit installation to any previous revision. To do so, launch the Cygwin Shell from the Start menu and run the following commands:
$ cd / $ mv msf3 msf3.old $ svn co https://www.metasploit.com/svn/framework3/trunk/ msf3 -r 7553
Swap 7553 with the desired SVN revision to restore, then delete the old msf3 directory with the following command:
rm -rf /msf3.old
