This tutorial covers the installation of Metasploit Framework Project on Ubuntu Linux LTS. If you do not wish to run the Open Source version or set up a development environment and do not mind giving your e-mail address to Rapid7 for marketing we would recommend downloading their commercial installer from Metasploit for Metasploit Express and Pro.

If you prefer an all in one installer only for framework the Metasploit team offers nightly built installers at Github making a quick setup a breeze if you do not plan to pull separate branches to test experimental code or do development.


We start by adding the Oracle Java Package source

sudo add-apt-repository -y ppa:webupd8team/java

Once added we can install the latest version

sudo apt-get update
sudo apt-get -y install oracle-java8-installer


We start by making sure that we have the latest packages by updating the system using apt-get:

sudo apt-get update
sudo apt-get upgrade

Now that we know that we are running an updated system we can install all the dependent packages that are needed by Metasploit Framework:

sudo apt-get install build-essential libreadline-dev libssl-dev libpq5 libpq-dev libreadline5 libsqlite3-dev libpcap-dev git-core autoconf postgresql pgadmin3 curl zlib1g-dev libxml2-dev libxslt1-dev libyaml-dev curl zlib1g-dev gawk bison libffi-dev libgdbm-dev libncurses5-dev libtool sqlite3 libgmp-dev gnupg2 dirmngr


The distribution sadly does not comes by default with a proper version of Ruby for us to use with Metasploit Framework and we will have to download and compile a proper one. There 2 mains ways recommended for this are using RVM or rbenv (Do not install both choose one or the other). If installing using RVM be warned that symlinks will not work due to the way it places the binary stubs of the metasploit-framework gem.

Installing Ruby using RVM:

gpg2 --keyserver hkp:// --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB
curl -L | bash -s stable
source ~/.rvm/scripts/rvm
echo "source ~/.rvm/scripts/rvm" >> ~/.bashrc
source ~/.bashrc
RUBYVERSION=$(wget -q -O - )
rvm install $RUBYVERSION
rvm use $RUBYVERSION --default
ruby -v

Installing Ruby using rbenv:

cd ~
git clone git:// .rbenv
echo 'export PATH="$HOME/.rbenv/bin:$PATH"' >> ~/.bashrc
echo 'eval "$(rbenv init -)"' >> ~/.bashrc
exec $SHELL
git clone git:// ~/.rbenv/plugins/ruby-build
echo 'export PATH="$HOME/.rbenv/plugins/ruby-build/bin:$PATH"' >> ~/.bashrc
git clone git:// ~/.rbenv/plugins/rbenv-sudo
exec $SHELL
RUBYVERSION=$(wget -q -O - )
rbenv install $RUBYVERSION
rbenv global $RUBYVERSION
ruby -v


One of the external tools that Metasploit uses for scanning that is not included with the sources is Nmap. Here we will cover downloading the latest source code for Nmap, compiling and installing:

mkdir ~/Development
cd ~/Development
git clone
cd nmap
sudo make install
make clean


We start by switching to the postgres user so we can create the user and database that we will use for Metasploit

sudo -s
su postgres

Now we create the user and Database, do record the database that you gave to the user since it will be used in the database.yml file that Metasploit and Armitage use to connect to the database.

createuser msf -P -S -R -D
createdb -O msf msf

If you experience problems with the database setup this Fedora guide offers a good solution for troubleshooting and setup.


We will download the latest version of Metasploit Framework via Git so we can use "msfupdate" to keep it updated:

cd /opt
sudo git clone
sudo chown -R `whoami` /opt/metasploit-framework
cd metasploit-framework

Install using bundler the required gems and versions:

cd metasploit-framework
rvm --default use ruby-${RUByVERSION}@metasploit-framework
gem install bundler
bundle install

Let's create the links to the commands so we can use them under any user and not being under the framework folder, for this we need to be in the metasploit-framework folder if not already in it:

cd metasploit-framework
sudo bash -c 'for MSF in $(ls msf*); do ln -s /opt/metasploit-framework/$MSF /usr/local/bin/$MSF;done'

curl -o /tmp/armitage.tgz
sudo tar -xvzf /tmp/armitage.tgz -C /opt
sudo ln -s /opt/armitage/armitage /usr/local/bin/armitage
sudo ln -s /opt/armitage/teamserver /usr/local/bin/teamserver
sudo sh -c "echo java -jar /opt/armitage/armitage.jar \$\* > /opt/armitage/armitage"
sudo perl -pi -e 's/armitage.jar/\/opt\/armitage\/armitage.jar/g' /opt/armitage/teamserver

Let's create the database.yml file that will contain the configuration parameters that will be use by framework:

sudo nano /opt/metasploit-framework/config/database.yml

Copy the YAML entries and make sure you provide the password you entered in the user creating step in the password field for the database:

adapter: postgresql
database: msf
username: msf
port: 5432
pool: 75
timeout: 5

Create an environment variable so it is loaded by Armitage and by msfconsole when running and load the variable into your current shell:

sudo sh -c "echo export MSF_DATABASE_CONFIG=/opt/metasploit-framework/config/database.yml >> /etc/profile"
source /etc/profile


Now we are ready to run Metasploit for the first time. Our recommendation is to run it first under a regular user so the folders will be created under your home directory with the proper permissions. The first time it runs it will create the entries needed by Metasploit in the database so it will take a while to load.