The Metasploit Framework is an advanced open-source exploit development platform. The 3.0 tree represents a complete rewrite of the 2.0 codebase and provides a scalable and extensible framework for security tool development. The 3.0 Beta 3 release includes support for exploit automation, 802.11 wireless packet injection, and kernel-mode payloads.
Windows users are now presented with a RXVT console and an updated Cygwin environment, which greatly improves the usability of the 3.0 interface on the Windows platform.
Downloads for all platforms can be found here:
The latest version can be pulled directly from Subversion:
$ svn co http://metasploit.com/svn/framework3/trunk/
Unix users may need to install the openssl zlib and dl ruby modules for the Framework to load. If you are using Ubuntu you will need to run the following commands:
# apt-get install libzlib-ruby
# apt-get install libopenssl-ruby
# apt-get install libdl-ruby
Unix users who wish to try the new web interface will need to install the ‘rubygems’ package and the ‘rails’ gem. Please see www.rubyonrails.com for more information and platform-specific installation instructions.
Users of other distributions or Unix flavors may want to grab the latest version of ruby from www.ruby-lang.org and build it from source. We highly recommend using Ruby version 1.8.4 or newer.Windows users will need to exit out of any running Cygwin-based applications before running the installer or using the Framework. The old 3.0 installation should be uninstalled prior to installing and using this version.
The release packages include Subversion repository information allowing you to synchronize your Beta 3 installation with the live development tree. The Windows installer includes a “MSFUpdate” menu item that uses Subversion to download the latest updates.Unix users will need to install the Subversion client change into the framework directory and execute ‘svn update’.
On Unix systems, Subversion will complain about the self-signed certificate in use at metasploit.com. Please verify that the fingerprint matches the one below before accepting it:
- Hostname: metasploit.com
- Valid: from Jun 3 06:56:22 2005 GMT until Mar 31 06:56:22 2007 GMT
- Issuer: Development The Metasploit Project San Antonio Texas US
- Fingerprint: 1f:a2:8e:ad:14:57:53:75:b7:ab:de:67:e8:fa:17:49:76:f2:ee:ad
Recent in Exploits/Vulnerabilities:
- Cupid Media Hack Exposes 42 Million Passwords In Plain Text
- Linux Backdoor Fokirtor Injects Traffic Into SSH Protocol
- Another IE 0-Day Hole Found & Used By In-Memory Drive By Attacks
- Metasploit Exploit Framework Version 3.0 Released
- USBsploit 0.3b – Generate Reverse TCP Backdoors & Malicious .LNK Files
- BackTrack Live Hacking CD BETA 3 Released
Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 222,841 views
- AJAX: Is your application secure enough? - 118,519 views
- eEye Launches 0-Day Exploit Tracker - 84,955 views