MacOS installation and quick start needs clarity

[kevzettler]

I am trying to install on MacOS. I am using the nightly installer from: https://github.com/rapid7/metasploit-framework/wiki/Nightly-Installers#installing-metasploit-on-linux--macos

Why does this installer need my root password? Thats incredibly sketchy for a "just curl this url" installer. The installer looks like it completes successfully but I then have no idea what it installed or where it installed to.

kevs-mbp:metasploit kevzettler$ curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall && \
>   chmod 755 msfinstall && \
>   ./msfinstall
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  5922  100  5922    0     0  20452      0 --:--:-- --:--:-- --:--:-- 20491
Switching to root user to update the package
Password:
Downloading package...
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  205M  100  205M    0     0  2689k      0  0:01:18  0:01:18 --:--:-- 2423k
Checking signature...
Package "metasploitframework-latest.pkg":
   Status: signed by a certificate trusted by Mac OS X
   Certificate Chain:
    1. Developer ID Installer: Rapid7 LLC (UL6CGN7MAL)
       SHA1 fingerprint: 76 2C 0C 45 5E CD 91 EB B1 2C D1 23 EC FE BE 8A BC C3 BD 69
       -----------------------------------------------------------------------------
    2. Developer ID Certification Authority
       SHA1 fingerprint: 3B 16 6C 3B 7D C4 B7 51 C9 FE 2A FA B9 13 56 41 E3 88 E1 86
       -----------------------------------------------------------------------------
    3. Apple Root CA
       SHA1 fingerprint: 61 1E 5B 66 2C 59 3A 08 FF 58 D1 4A E2 24 52 D1 98 DF 6C 60

Installing package...
installer: Package name is Metasploit-framework
installer: Upgrading at base path /
installer: The upgrade was successful.
Cleaning up...
metasploitframework-latest.pkg

At this point i'm not sure what to do next? I looked into some other guides and i'm supposed to have some cli tools for metasploit like and msf command. but nothings there?

kevs-mbp:metasploit kevzettler$ msf
-bash: msf: command not found
kevs-mbp:metasploit kevzettler$ msfconsole
-bash: msfconsole: command not found

This leaves me very concerned because I just executed some arbitrary script over curl that had root access and have no idea what it did. good thing I don't need this machine I guess.

[busterb]

It's explained a bit more in the manual instructions right below it on that page, though I could see maybe separating the info on what to do next, and the installation. I thought it added symlinks to /usr/local/bin or modified your shell's path, but maybe that doesn't work with the new Catalina default of zsh. It escalates privileges in the same way that double-clicking the installer would graphically prompt you instead if you downloaded and installed manually:

https://github.com/rapid7/metasploit-framework/wiki/Nightly-Installers#macos-manual-installation

Hope that at least helps in the short term.

[busterb]

I just moved the part that describes the initial path to msfconsole higher so it's easier to notice. I'm going to bet since the first run sets up your PATH, that there may need to be a zsh update to make it configure that environment too.

[kevzettler]

For added context i'm on Mojave. I'm not using zsh.

$ uname -a
Darwin kevs-mbp.lan 18.7.0 Darwin Kernel Version 18.7.0: Tue Aug 20 16:57:14 PDT 2019; root:xnu-4903.271.2~2/RELEASE_X86_64 x86_64
kevs-mbp:metasploit kevzettler$ sh --version
GNU bash, version 3.2.57(1)-release (x86_64-apple-darwin18)
Copyright (C) 2007 Free Software Foundation, Inc.

[RA80533]

It seems most of the installation logic is supposed to occur after the native installation process of the .pkg file through the post-install script (postinst):

#!/bin/sh
#
# Perform necessary metasploit setup steps
# after package is installed.
#

BINS="msfbinscan msfconsole msfd msfdb msfelfscan msfmachscan msfpescan msfrop msfrpc msfrpcd msfupdate msfvenom"

if [ -x /usr/sbin/update-alternatives -o -x /usr/bin/update-alternatives ] ; then
	for BIN in $BINS; do
		update-alternatives --install /usr/bin/$BIN $BIN /opt/metasploit-framework/bin/$BIN 100
	done
	echo "Run msfconsole to get started"
else
	echo "Run /opt/metasploit-framework/bin/msfconsole to get started"
fi

exit 0

• The script does not output anything to the console
  The calling line for the .pkg installation (msfupdate.erb#L122) is missing the -dumplog toggle flag.
• The relevant binaries are not linked on macOS
  update-alternatives does not exist on macOS. It's not clear if the script ever worked on macOS for this reason.

The installation process itself seems to unnecessarily require sudo simply to write its files in system-wide locations. It's quite a poor design decision.

[Drjacky]

@RA80533 sudo didn't help.
Neither of
sudo ./msfinstall
or

curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall && \
  chmod 755 msfinstall && \
 sudo ./msfinstall

Download and install the package manually didn't help either!

macOS 13.2 Ventura

[Drjacky]

🎉 This helped me: https://gist.github.com/xl7dev/a19da077792c5894529f

[Manuall Installation]