Friday, June 14, 2013

Fix your BTR3 4.5.0 Metasploit After Update Guide

After Kali went official, BTR3 was kinda abandoned and I got to see alot of pissed off people online looking to fix their Backtrack 5 R3's metasploit. Due to work's requirement, I start scouring for help all over the interwebs and found a few useful instructions. Here's a post to summarize and consolidate all the help I've gotten by nice folks on the internet. Hope this step-by-step guide will un-break your metasploit on your BTR3. It'll not take more than 15mins. Have fun!

Main idea: Upgrade your BT's Ruby from 1.9.2 to 1.9.3

Error: You may have encountered the error when trying to get Factory Girl 4.2.0 to work while perform 'bundle install' as requested by sir Metasploit himself. 
Summary of fix:
- Install 1.9.3
- Fresh install of metasploit using 'git clone' (avoid the SVN version from now on)
- And as usual, link and unbreak stuffs.
Limitation of fix:
Bad news, BTR3 doesn’t have Ruby1.9.3 in the repository so RVM is being used to install the version.
Need to do ‘/bin/bash –login’ whenever ./msfconsole is to be used.

Steps to retrieve the working version of metasploit
1. # cd /opt/
2. # rm -rf metasploit
3. # git clone --depth=1 git:// metasploit

Let's open a new tab by pressing ctrl-shift-t.

Steps to install Ruby 1.9.3
1. # bash -s stable < <(curl -s
2. # source /etc/profile.d/
3. # rvm -v

Let's fix up some libraries we need:
4. # package in zlib openssl libxslt libxml2; do rvm pkg install $package; done
5. # rvm install 1.9.3

You'll get error saying you need certain dependencies. 
6. # apt-get install <dependency 1> <dependency 2> ...

And of course, libssl-dev will still be screwed coz' current repository doesn't contain the right one. Let's add one to our /etc/apt/sources.list
7. # echo >> deb lucid-security main /etc/apt/sources.list
8. # apt-get install libssl-dev 

Let's proceed to install our dear ruby 1.9.3 runtime:
9. # rvm install 1.9.3

So done? Let's switched to it. Current version will be 1.9.2-dev, so we gotta use our new shiny ruby 1.9.3.
10. # rvm 1.9.3 --default 

You'll see an error. So you'll need to do a login shell coz the current one just won't do.
11. # /bin/bash --login
12. # rvm 1.9.3 --default
13. # ruby -v

Now we have our 1.9.3. But something's still broken (yes of course, of course). Let's fix the pg.
14. # apt-get install libpq-dev
15. # gem install pg

Ok. Final moment of truth, let's proceed to the metasploit folder now!
16. # cd /opt/metasploit
17. # bundle install

*DEEP BREATH* Yes. Factory Girl 4.2.0 will install properly with Ruby 1.9.3 ;) And yes, you will be able to ./msfconsole
Long load time for ./msfconsole without any error means good news.

Congratulations! (and ba*ls to backtrack for not automating the update.)

References & Acknowledgements: