Monday, September 20, 2010

RVM and Metasploit

If you are a ruby developer and haven't looked at rvm, you really need to. It is a very powerful tool in supporting applications across concurrent ruby installations.

The rvm developers have super easy scripts to install rvm. Recently, they released a system-wide script (before, it installed ruby to user-specific dirs ($HOME)).

As root:

bash < <( curl -L http://bit.ly/rvm-install-system-wide )
source /usr/local/rvm/script/rvm;


Once installed, you can install and use ruby 1.9.1 easily...


rvm install 1.9.1; rvm 1.9.1


If you also want 1.8.7 installed, replace all the 1.9.1 instances with 1.8.7.


Now, metasploit ships with it's own version of ruby. If you want metasploit to use the rvm version of ruby rather than it's shipped version, run the binary as an absolute path. You may alias the absolute path of msfconsole to 'msfconsole' to achieve the shorter command and to use rvm.


alias msfconsole='/opt/metasploit3/msf3/msfconsole -L'

(-L says use native readline rather than ruby readline, supposedly it is faster)

Using system:

root@acc-vulnerability:~# rvm system
root@acc-vulnerability:~# /opt/metasploit3/msf3/msfconsole

# # ###### ##### ## #### ##### # #### # #####
## ## # # # # # # # # # # # #
# ## # ##### # # # #### # # # # # # #
# # # # ###### # ##### # # # # #
# # # # # # # # # # # # # #
# # ###### # # # #### # ###### #### # #


=[ metasploit v3.4.2-dev [core:3.4 api:1.0]
+ -- --=[ 590 exploits - 302 auxiliary
+ -- --=[ 224 payloads - 27 encoders - 8 nops
=[ svn r10398 updated today (2010.09.20)

msf > ruby --version
[*] exec: ruby --version

ruby 1.8.7 (2010-01-10 patchlevel 249) [i486-linux]
msf > exit
root@acc-vulnerability:~#


Using shipped ruby:

root@acc-vulnerability:~# msfconsole

__. .__. .__. __.
_____ _____/ |______ ____________ | | ____ |__|/ |_
/ \_/ __ \ __\__ \ / ___/\____ \| | / _ \| \ __\
| Y Y \ ___/| | / __ \_\___ \ | |_> > |_( <_> ) || |
|__|_| /\___ >__| (____ /____ >| __/|____/\____/|__||__|
\/ \/ \/ \/ |__|


=[ metasploit v3.4.2-dev [core:3.4 api:1.0]
+ -- --=[ 590 exploits - 302 auxiliary
+ -- --=[ 224 payloads - 27 encoders - 8 nops
=[ svn r10398 updated today (2010.09.20)

msf > ruby --version
[*] exec: ruby --version

ruby 1.9.1p243 (2009-07-16) [i686-linux]
msf > exit
root@acc-vulnerability:~#


Using rvm instance of ruby:

root@acc-vulnerability:~# rvm 1.9.1
root@acc-vulnerability:~# /opt/metasploit3/msf3/msfconsole

| | _) |
__ `__ \ _ \ __| _` | __| __ \ | _ \ | __|
| | | __/ | ( |\__ \ | | | ( | | |
_| _| _|\___|\__|\__,_|____/ .__/ _|\___/ _|\__|
_|


=[ metasploit v3.4.2-dev [core:3.4 api:1.0]
+ -- --=[ 590 exploits - 302 auxiliary
+ -- --=[ 224 payloads - 27 encoders - 8 nops
=[ svn r10398 updated today (2010.09.20)

msf > ruby --version
[*] exec: ruby --version

ruby 1.9.1p378 (2010-01-10 revision 26273) [i686-linux]
msf > exit
root@acc-vulnerability:~#

1 comment: