diff options
-rw-r--r-- | network/framework/README | 11 | ||||
-rw-r--r-- | network/framework/README.SLACKWARE | 45 | ||||
-rw-r--r-- | network/framework/doinst.sh | 21 | ||||
-rw-r--r-- | network/framework/framework.SlackBuild | 99 | ||||
-rw-r--r-- | network/framework/framework.info | 14 | ||||
-rw-r--r-- | network/framework/msfupdate.logrotate | 10 | ||||
-rw-r--r-- | network/framework/msfupdate.sh | 2 | ||||
-rw-r--r-- | network/framework/slack-desc | 2 |
8 files changed, 157 insertions, 47 deletions
diff --git a/network/framework/README b/network/framework/README index 1b19ae69d9..f940758e79 100644 --- a/network/framework/README +++ b/network/framework/README @@ -6,11 +6,8 @@ researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler. This is just a repackaged version of the installer you get from the Metasploit -download page. As the framework now depends on ruby-1.9, which is not yet -mainstream, the Rapid7 Metasploit team decided to distribute an all-in-one -installer with everything needed inside it, both for the ruby side and the -subversion one. +download page. This is an all-in-one installer with Metasploit own versions of +Ruby, Java and PostgreSQL. -An optional cron script to keep the framework up to date is distributed inside -the /usr/doc/framework-3.3 directory. Also, note that the install directory -has been switched to /opt/metasploit3. +Take a look at README.SLACKWARE for important build requirements and upgrading +suggestions. diff --git a/network/framework/README.SLACKWARE b/network/framework/README.SLACKWARE new file mode 100644 index 0000000000..1843fc9496 --- /dev/null +++ b/network/framework/README.SLACKWARE @@ -0,0 +1,45 @@ +You will need "postgres" user and group before running the installer, if you +haven't installed SlackBuilds PostgreSQL you should run these commands to be +compatible: + + # groupadd -g 209 postgres + # useradd -u 209 -g 209 -d /var/lib/pgsql postgres + +otherwise, you're already setup. Also, remember to add something like: + + # Start Metasploit Framework PostgreSQL + if [ -x /etc/rc.d/rc.framework-postgres ]; then + /etc/rc.d/rc.framework-postgres start + fi + +to /etc/rc.d/rc.local to start the shipped PostgreSQL daemon and something +like: + + # Stop Metasploit Framework PostgreSQL + if [ -x /etc/rc.d/rc.framework-postgres ]; then + /etc/rc.d/rc.framework-postgres stop + fi + +to /etc/rc.d/rc.local_shutdown to stop the service. +Default database server listening port is 7175, if you want to use another +port, just export the PG_PORT variable when running the SlackBuild, like this: + + # PG_PORT="5454" ./framework.SalckBuild + +An optional cron script to keep the framework up to date is distributed inside +the /usr/doc/framework-${VERSION} directory and it's called "msfupdate.sh", +there also is a logrotate config file called "msfupdate.logrotate" which can +be useful. +With older version of the framework, if you used the autoupdate script, future +package updates could break your current working copy, tainting the .svn +metadata. To avoid doing so, the tip was to run: + + # removepkg framework + # rm -rf /opt/metasploit3 + +both as root, before proceeding with the package update. +Starting with Metasploit Framework 3.6.0, the installation directory changed +again, this time to /opt/framework-${VERSION}. Unless there will be any other +changes from upstream, this is a great solution as it will enable seamless +upgrades between svn and packaged versions, just remember to backup PostgreSQL +data stored inside "/opt/framework-${OLDER_VERSION}/postgresql/data/". diff --git a/network/framework/doinst.sh b/network/framework/doinst.sh new file mode 100644 index 0000000000..9d76d6e68a --- /dev/null +++ b/network/framework/doinst.sh @@ -0,0 +1,21 @@ +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +# Keep same perms on rc.framework-postgres.new: +if [ -e etc/rc.d/rc.framework-postgres ]; then + cp -a etc/rc.d/rc.framework-postgres etc/rc.d/rc.framework-postgres.new.incoming + cat etc/rc.d/rc.framework-postgres.new > etc/rc.d/rc.framework-postgres.new.incoming + mv etc/rc.d/rc.framework-postgres.new.incoming etc/rc.d/rc.framework-postgres.new +fi + +config etc/rc.d/rc.framework-postgres.new + diff --git a/network/framework/framework.SlackBuild b/network/framework/framework.SlackBuild index 71b6c29d29..30e87929d6 100644 --- a/network/framework/framework.SlackBuild +++ b/network/framework/framework.SlackBuild @@ -23,7 +23,7 @@ # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. PRGNAM=framework -VERSION=${VERSION:-3.4.1} +VERSION=${VERSION:-4.0.0} BUILD=${BUILD:-1} TAG=${TAG:-_SBo} @@ -43,14 +43,36 @@ PKG=$TMP/package-$PRGNAM OUTPUT=${OUTPUT:-/tmp} BASEINSTDIR="opt" -INSTDIR="$BASEINSTDIR/metasploit3" +INSTDIR="$BASEINSTDIR/framework-${VERSION}" + +# PostgreSQL user and group +PG_UID=${PG_UID:-209} +PG_GID=${PG_GID:-209} + +# On which port is PostgreSQL listening to? +# Default is 7175, set PG_PORT to any other value if you want to customize it. +PG_PORT=${PG_PORT:-7175} + +# Bail out if user or group isn't valid on your system +# For slackbuilds.org, assigned postgres uid/gid are 209/209 +# See http://slackbuilds.org/uid_gid.txt +# Other popular choice is 26/26 +if ! grep ^postgres: /etc/group 2>&1 > /dev/null; then + echo " You must have a postgres group to run this script." + echo " # groupadd -g $PG_GID postgres" + exit 1 +elif ! grep ^postgres: /etc/passwd 2>&1 > /dev/null; then + echo " You must have a postgres user to run this script." + echo " # useradd -u $PG_UID -g $PG_GID -d /var/lib/pgsql postgres" + exit 1 +fi if [ "$ARCH" = "i486" ]; then - INSTALLERARCH="i686" + INSTALLERARCH="" elif [ "$ARCH" = "i686" ]; then - INSTALLERARCH="i686" + INSTALLERARCH="" elif [ "$ARCH" = "x86_64" ]; then - INSTALLERARCH="x86_64" + INSTALLERARCH="-x64" fi set -e @@ -58,42 +80,57 @@ set -e rm -rf $PKG mkdir -p $TMP $PKG $OUTPUT -# Unpack the installer -sh $CWD/framework-$VERSION-linux-$INSTALLERARCH.run --noexec --keep --target $TMP/$PRGNAM-$VERSION - -# Install the framework under /opt/metasploit3 -( cd $TMP/$PRGNAM-$VERSION - mkdir -p $PKG/$INSTDIR - echo "Extracting the Metasploit operating environment..." - tar --directory=$PKG/$BASEINSTDIR -xf metasploit.tar - cp run.sh env.sh $PKG/$INSTDIR/ - cp msfupdate $PKG/$INSTDIR/app/ - echo "" - - echo "Extracting the Metasploit Framework..." - tar --directory=$PKG/$INSTDIR -xf msf3.tar - echo "" - - echo "Installing links into /usr/bin..." - mkdir -p $PKG/usr/bin - ( cd $PKG/usr/bin - for file in $(ls ../../$INSTDIR/bin/msf*); do - ln -sf $file $(basename $file) - done - ) - echo "" -) || exit 1 +# Install Metasploit Framework DIRECTLY under /opt/framework-${VRESION} (sorry!) +echo "Installing the Metasploit Framework..." +chown root:root $CWD/framework-$VERSION-linux$INSTALLERARCH-full.run +chmod 755 $CWD/framework-$VERSION-linux$INSTALLERARCH-full.run +$CWD/framework-$VERSION-linux$INSTALLERARCH-full.run \ + --mode unattended \ + --unattendedmodeui minimal \ + --postgres_port $PG_PORT + +# Stop Metasploit Framework PostgreSQL +echo "Stopping Metasploit Framework PostgreSQL..." +/etc/init.d/framework-postgres stop + +# Move install dir +mkdir -p $PKG/$BASEINSTDIR +mv /$INSTDIR $PKG/$BASEINSTDIR/ + +# Fix init script and move it to the right directory +# This script is not handled by the uninstaller and the user should not call +# the uninstall script anyway, so no problem if we made it more Slackware-ish +echo "Fixing Metasploit Framework PostgreSQL init script..." +mkdir -p $PKG/etc/rc.d +mv /etc/init.d/framework-postgres $PKG/etc/rc.d/rc.framework-postgres.new +chown root:root $PKG/etc/rc.d/rc.framework-postgres.new +chmod 755 $PKG/etc/rc.d/rc.framework-postgres.new + +# Install /usr/bin links +mkdir -p $PKG/usr/bin +echo "Installing links into /usr/bin..." +( cd $PKG/usr/bin + for file in $(ls ../../$INSTDIR/app/msf*); do + ln -sf $file $(basename $file) + done + # also links armitage + ln -sf ../../$INSTDIR/app/armitage armitage +) # Every useful doc is included inside the framework folder, just copy over the # README which contains the important copyright disclaimer and the cron script mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION cp -a $PKG/$INSTDIR/msf3/README $PKG/usr/doc/$PRGNAM-$VERSION cat $CWD/msfupdate.sh > $PKG/usr/doc/$PRGNAM-$VERSION/msfupdate.sh +cat $CWD/msfupdate.logrotate > $PKG/usr/doc/$PRGNAM-$VERSION/msfupdate.logrotate cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild +cat $CWD/README.SLACKWARE > $PKG/usr/doc/$PRGNAM-$VERSION/README.SLACKWARE mkdir -p $PKG/install cat $CWD/slack-desc > $PKG/install/slack-desc +cat $CWD/doinst.sh > $PKG/install/doinst.sh +# Do NOT chown -R root:root or it will bork the shipped PostgreSQL +# installation: the bitrock installer should have taken care of permissions cd $PKG -chown -R root:root . /sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-tgz} diff --git a/network/framework/framework.info b/network/framework/framework.info index 21df8e3791..7eeb16c6fb 100644 --- a/network/framework/framework.info +++ b/network/framework/framework.info @@ -1,10 +1,10 @@ PRGNAM="framework" -VERSION="3.4.1" -HOMEPAGE="http://www.metasploit.com/framework/" -DOWNLOAD="http://www.metasploit.com/releases/framework-3.4.1-linux-i686.run" -MD5SUM="c7fe42bd511bbd4263ac5d3a2a21d415" -DOWNLOAD_x86_64="http://www.metasploit.com/releases/framework-3.4.1-linux-x86_64.run" -MD5SUM_x86_64="a83aab1be7e2fae24cc7ba8ff92bfd57" +VERSION="4.0.0" +HOMEPAGE="http://www.metasploit.com/" +DOWNLOAD="http://updates.metasploit.com/data/releases/framework-4.0.0-linux-full.run" +MD5SUM="198a40fd0210985b7dd068858fed0ca6" +DOWNLOAD_x86_64="http://updates.metasploit.com/data/releases/framework-4.0.0-linux-x64-full.run" +MD5SUM_x86_64="60a027a115d50206a01d8dc513ee5049" MAINTAINER="Marco Bonetti" EMAIL="sid77@slackware.it" -APPROVED="Erik Hanson" +APPROVED="rworkman" diff --git a/network/framework/msfupdate.logrotate b/network/framework/msfupdate.logrotate new file mode 100644 index 0000000000..8e69c35a9c --- /dev/null +++ b/network/framework/msfupdate.logrotate @@ -0,0 +1,10 @@ +/var/log/msfupdate.log { + daily + rotate 5 + compress + delaycompress + missingok + notifempty + create 0644 root root +} + diff --git a/network/framework/msfupdate.sh b/network/framework/msfupdate.sh index b7e95054db..b952c1fa70 100644 --- a/network/framework/msfupdate.sh +++ b/network/framework/msfupdate.sh @@ -1,2 +1,2 @@ #!/bin/sh -/usr/bin/msfupdate > /var/log/msfupdate.log 2>&1 +/usr/bin/msfupdate >> /var/log/msfupdate.log 2>&1 diff --git a/network/framework/slack-desc b/network/framework/slack-desc index ddc2bd0831..9e5976eee0 100644 --- a/network/framework/slack-desc +++ b/network/framework/slack-desc @@ -6,7 +6,7 @@ # customary to leave one space after the ':'. |-----handy-ruler------------------------------------------------------| -framework: The Metasploit Framework (http://www.metasploit/framework/) +framework: The Metasploit Framework (http://www.metasploit/) framework: framework: The Metasploit Framework is a development platform for creating framework: security tools and exploits. The framework is used by network |