Run Metasploit Framework on your ChromeBook
ChromeBooks are showing up in use all across the world. In form and fashion that delivers upon the open aspects of what the Chrome OS represents to those that make the choice in using such a powered device in their daily lives.
The landscape in which has unfolded over the past few years since the inception and initial release of ChromeBooks gives insight into the pervasive nature that such devices represent.
One of the greatest strengths of your choice then is the use of a Linux container virtual image hosted on the ChromeBook OS. Enabling Linux is fairly easy step, and is the first step then with enabling MetaSploit Framework and all the amazing capabilities it brings.
This article then assumes at the very least you have a driving point of ‘why’ you desire the MetaSploit Framework to be targeted and used. What will take place then in the next laid out steps is the ‘How’.
The end result will look very similar to the following screen shot, in which the MSF banner and console will be up, running and ready for your desired penetration testing dreams.
With the above introduction, and pictured desired end result in mind, lets get to the exact steps to enable.
These steps assume you have Linux enabled for your ChromeBook, found in the developer — advanced section of settings within your ChromeBook OS. Here is a direct link for how to enable Linux on ChromeBook OS.
Now that you have Linux enabled, the next steps are needed for supporting the execution and running of projects that the MetaSploit Framework will help you with.
Install curl: sudo apt install curl
Install git: sudo apt install git
Install nano: sudo apt install nano
Install nmap: sudo apt install nmap
The above installs are critical before you start the process of installing MetaSploit Framework (MSF5). The following screen shot shows the sudo apt install curl, and the fact that it is the latest version.
Now we are ready to sit an automated install of the Metasploit Framework using curl. The following can be copied directly into the terminal as-is and it will download and install the latest versions.
curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall && \
chmod 755 msfinstall && \
./msfinstall
Now depending on the speed in which you are connected to the internet, you will see the install complete within 10–15 minutes. The process also goes through several questions for you relating to setting up the MSF web service, as well as creating a new database. (note: make sure you save your database username, password and API Token that is generated.)
Once MSF is downloaded and you have completed your setup questions that are posed, running the MSF Console will bring the Metasploit Framework up and ready for your execution.
Run Metasploit Framework: msfconsole and further running version will display the MSF version and console information.
Having now the Metasploit Framework setup you can now execute and use it in order to enable your infosec — white hat security tests and automation.
This series is planned to continue on with taking next steps in which one can fully start to use Metasploit Framework and other such tools for security projects of all kinds. Infosec is a wide range subject, and the idea is how to jump start those people and companies interested in bringing the ability to secure the assets across their organization. I hope this has been useful, engage with me and let me know!
The final piece of useful information that I think you should really add to your reading is the official Rapid7 Metasploit Framework blog. Happy pWn
