安装配置postgresql

# 安装
sudo pacman -S postgresql

# 初始化
sudo su - postgres -c "initdb --locale en_US.UTF-8 -E UTF8 -D '/var/lib/postgres/data'"

# 设置postgres的密码
sudo passwd postgres

# 开机自启
systemctl enable --now postgresql.service

# 登录postgres用户
sudo -i -u postgres

# 添加当前用户使用数据库
createuser --interactive
# 回车输入当前用户名


# 创建数据库用户
createuser msf -P -S -R -D

# 创建数据库
createdb -O msf msf

安装配置metasploit

# 安装msf
sudo pacman -S metasploit

# 复制默认配置文件
sudo cp /opt/metasploit/config/database.yml.example /opt/metasploit/config/database.yml

# 编辑配置文件
sudo vim /opt/metasploit/config/database.yml

# 修改如下内
# To set up a metasploit database, follow the directions hosted at:
# http://r-7.co/MSF-DEV#set-up-postgresql
#
# Kali Linux and the Omnibus installers both include an easy wrapper script for
# managing your database, which may be more convenient than rolling your own.

development: &pgsql
adapter: postgresql
database: msf # 数据库名,msf
username: msf # 数据库用户名,msf
password: 123456789 # 数据库密码,123456789
host: localhost
port: 5432
pool: 200
timeout: 5

# You will often want to seperate your databases between dev
# mode and prod mode. Absent a production db, though, defaulting
# to dev is pretty sensible for many developer-users.
production: &production
<<: *pgsql

# Warning: The database defined as "test" will be erased and
# re-generated from your development database when you run "rake".
# Do not set this db to the same as development or production.
#
# Note also, sqlite3 is totally unsupported by Metasploit now.
test:
<<: *pgsql
database: msf # 数据库名,同上
username: msf # 数据库用户名,同上
password: 123456789 # 数据库密码,同上

# 启动测试

# 启动结果
❯ msfconsole

MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMM MMMMMMMMMM
MMMN$ vMMMM
MMMNl MMMMM MMMMM JMMMM
MMMNl MMMMMMMN NMMMMMMM JMMMM
MMMNl MMMMMMMMMNmmmNMMMMMMMMM JMMMM
MMMNI MMMMMMMMMMMMMMMMMMMMMMM jMMMM
MMMNI MMMMMMMMMMMMMMMMMMMMMMM jMMMM
MMMNI MMMMM MMMMMMM MMMMM jMMMM
MMMNI MMMMM MMMMMMM MMMMM jMMMM
MMMNI MMMNM MMMMMMM MMMMM jMMMM
MMMNI WMMMM MMMMMMM MMMM# JMMMM
MMMMR ?MMNM MMMMM .dMMMM
MMMMNm `?MMM MMMM` dMMMMM
MMMMMMN ?MM MM? NMMMMMN
MMMMMMMMNe JMMMMMNMMM
MMMMMMMMMMNm, eMMMMMNMMNMM
MMMMNNMNMMMMMNx MMMMMMNMMNMMNM
MMMMMMMMNMMNMMMMm+..+MMNMMNMNMMNMMNMM
https://metasploit.com


=[ metasploit v5.0.81-dev ]
+ -- --=[ 1987 exploits - 1089 auxiliary - 339 post ]
+ -- --=[ 559 payloads - 45 encoders - 10 nops ]
+ -- --=[ 7 evasion ]

Metasploit tip: When in a module, use back to go back to the top level prompt

msf5 >

错误归纳

  1. 启动提示:/opt/metasploit/vendor/bundle/ruby/2.7.0/gems/faraday-0.17.0/lib/faraday/rack_builder.rb:55: warning: Capturing the given block using Proc.new is deprecated; use &block instead
# 解决办法
# 修改/opt/metasploit/vendor/bundle/ruby/2.7.0/gems/faraday-0.17.0/lib/faraday/rack_builder.rb

sudo vim /opt/metasploit/vendor/bundle/ruby/2.7.0/gems/faraday-0.17.0/lib/faraday/rack_builder.rb

# 第52-61行改为(添加两个&block):
def initialize(handlers = [], &block) # 这里添加 &block
@handlers = handlers
if block_given?
build(&(Proc.new &block)) # 注意这里的括号,是两个括号
elsif @handlers.empty?
# default stack, if nothing else is configured
self.request :url_encoded
self.adapter Faraday.default_adapter
end
end


# 修改/opt/metasploit/vendor/bundle/ruby/2.7.0/gems/faraday-0.17.0/lib/faraday/options.rb

sudo vim /opt/metasploit/vendor/bundle/ruby/2.7.0/gems/faraday-0.17.0/lib/faraday/options.rb

# 第165-170改为(添加一个 &block):
def self.memoized(key, &block) # 此处添加 &block
memoized_attributes[key.to_sym] = Proc.new &block
class_eval <<-RUBY, __FILE__, __LINE__ + 1
def #{key}() self[:#{key}]; end
RUBY
end
  1. 启动提示:/opt/metasploit/vendor/bundle/ruby/2.7.0/gems/activerecord-4.2.11.1/lib/active_record/connection_adapters/abstract_adapter.rb:84: warning: deprecated Object#=~ is called on Integer; it always returns nil
# 修改/opt/metasploit/vendor/bundle/ruby/2.7.0/gems/activerecord-4.2.11.1/lib/active_record/connection_adapters/abstract_adapter.rb


sudo vim /opt/metasploit/vendor/bundle/ruby/2.7.0/gems/activerecord-4.2.11.1/lib/active_record/connection_adapters/abstract_adapter.rb


# 第83-89行改为(添加一句.to_s):
def self.type_cast_config_to_integer(config)
if config.to_s =~ SIMPLE_INT # 这里config后边添加.to_s
config.to_i
else
config
end
end