How to Upgrade Metasploit Framework on Kali Linux From Metasploit Repository?

Metasploit Framework is one of the most popular open-source penetration testing tools used by ethical hackers and cybersecurity professionals. It provides an easy way to find and exploit vulnerabilities on networks and systems. However, like any software, Metasploit needs to be updated regularly to take advantage of the latest exploits, payloads, evasion modules, and other enhancements.

Unfortunately, the Metasploit updates are not always available in the standard Kali Linux repositories. So if you rely on the default apt update and apt upgrade commands, you may not have the most recent Metasploit version. In this blog post, we will show you how to easily upgrade Metasploit on Kali Linux directly from the Metasploit repository. This ensures you are running the latest and greatest version with all the newest features.

A Short Introduction to Metasploit Framework

Metasploit Framework is a popular open-source penetration testing platform developed by Rapid7. It comes pre-installed on Kali Linux and provides a powerful environment for developing and executing exploit code against target systems.

Some of the key features of Metasploit include:

  • Huge database of known vulnerabilities and exploits
  • Powerful exploit development tools
  • Integrated payloads to execute malicious code
  • Evasion modules to avoid anti-virus and detection
  • Easy-to-use graphical user interface (GUI)
  • Scripting using Ruby programming language
  • Built-in reconnaissance and information-gathering tools

With its many capabilities, Metasploit Framework is a Swiss Army knife for penetration testers and security researchers. Keeping it updated ensures access to the latest exploits and features.

What are the Common Problems to Upgrade Metasploit on Kali Linux

There could be a few common problems that prevent you from easily upgrading Metasploit on your Kali Linux distribution:

  1. The package is not yet available in the standard community package repositories. New Metasploit versions take some time to get added to the main Kali archives.
  2. Firewall restrictions block access to necessary repositories during the upgrade. If you are behind strict firewall policies, it may block the repositories needed to fetch the latest Metasploit files.
  3. Missing package dependencies that need to be resolved. At times, the latest Metasploit release may rely on updated libraries and dependencies that must also be installed.
See also  Creating an Accurate IT Asset Inventory Tracking

These issues can be frustrating when you want to quickly update to the newest Metasploit capabilities on Kali. Fortunately, there are solutions to overcome these roadblocks.

What is the Solution?

If network issues are preventing you from downloading packages over HTTP/HTTPS, an easy workaround is to download the Metasploit .deb package on a separate machine. Then transfer it to the Kali Linux system and install it directly offline using. dpkg.

However, if you can access repositories over the network, upgrading the Metasploit Framework directly from the Metasploit repository is the best approach. This allows you to always have the latest version without waiting for package updates to reach the main Kali archives.

Let’s look at the step-by-step process.

How to Upgrade Metasploit on Kali Linux?

Kali Linux manages software packages and updates using the Advanced Packaging Tool (APT). By default, it installs and upgrades packages from the standard Community repository containing stable releases.

However, for a rapidly evolving penetration testing tool like Metasploit, you’ll want the very latest version with all the newest exploits and features.

The Community repo lags behind the newest Metasploit releases. So, after checking your current version with msfconsole -v, you may find it outdated compared to the latest available.

Instead of waiting for Community to catch up, you can leverage two other Kali package repositories – Bleeding Edge and Experimental. These contain more frequent updates, albeit with less testing.

If your desired Metasploit upgrade is not found in Community, Bleeding Edge, or Experimental, you need to go straight to the source – the official Metasploit repository.

See also  How To Fix The RCE Vulnerability In dotCMS (CVE-2022-26352)

Here are the detailed steps to upgrade Metasploit on Kali:

Time needed: 10 minutes.

How to Upgrade Metasploit on Kali Linux?

  1. Check the Metasploit Version

    Launch the Metasploit console and pass the -v flag to print the current version:

    msfconsole -v

    Note this release number before starting the upgrade.

    Check the Metasploit Version

  2. Attempt Upgrade from Community Repository

    Despite being unlikely, always good to check the Community first:

    sudo apt update
    sudo apt install metasploit-framework

    If already the latest, you’ll see “metasploit-framework is already the newest version”.

    Attempt Upgrade from Community Repository

  3. Enable Bleeding-Edge and Experimental Repos

    If the Community is behind, enable the Bleeding-Edge and Experimental repos:

    sudo kali-tweaks

    In Components, check Bleeding-Edge and Experimental archives. Click OK.
    Update and install from these repos:

    sudo apt update
    sudo apt install metasploit-framework

    Enable Bleeding-Edge and Experimental Repos

  4. Click OK to Enable Repositories

    Click OK to Enable Repositories

  5. Hit Enter to add repositories

    This adds the Bleeding-Edge and Experimental repos at /etc/apt/sources.list.d/metasploit.list.

    adds the Bleeding-Edge and Experimental repos

  6. Update the repository database and install from these repos

    Run these commands one after the other.

    sudo apt update
    sudo apt install metasploit-framework

    Update the repository database and install from these repos

  7. Add Metasploit Repository

    If you can’t upgrade your Metasploit, add the Metasploit repo:

    curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall && \
    chmod 755 msfinstall && \
    ./msfinstall

    Add Metasploit Repository

  8. This adds the Metasploit apt definition at /etc/apt/sources.list.d/metasploit.list.

    Metasploit repo added underneath source list directory

  9. Install the Metasploit from Metasploit repos

    Finally, install the latest version of Metasploit from the Metasploit repos:

    sudo apt update
    sudo apt install metasploit-framework

    Install the Metasploit from Metasploit repos

  10. Confirm Version

    Check Metasploit is updated to the newest release:

    msfconsole -v

    Check Metasploit is updated to the newest release

You should see it was updated to the most recent version directly from the Metasploit repository. In this demo, we upgraded Metasploit from v 6.3.31 to v 6.3.36, which is the most recent release available at the time of publishing this post.

Keeping your penetration testing tools current is crucial for having access to the latest features, exploits, evasions, and payloads. By leveraging the Metasploit repository, you can upgrade the Metasploit Framework on Kali Linux to the release outside of the normal upgrade cycle. This ensures you can always have the newest capabilities at your fingertips.

Leave a Reply

Your email address will not be published. Required fields are marked *