Troubleshooting Metasploit Installation Issues

Version 20

    Metasploit Download

     

    SymptomSolution
    Download fails at x%

    The most common issue is that you have a proxy that is detecting Metasploit as malware and interrupting the download. Here's why:

     

    Metasploit is a software that tests whether a system is vulnerable to certain security issues. To do this, Metasploit exploits the same vulnerabilities as common malware and hacking software. This is what your anti-virus program detects and warns you about, so in this sense your anti-virus software is doing its job.

     

    To get around this issue, download Metasploit from outside your network or download without using the proxy.

     

    Metasploit Installation

     

    SymptomSolution
    Anti-virus program interrupts installation

    This is why we recommend that you disable your AV or exclude the Metasploit directory before you install Metasploit. Here's why:

     

    Metasploit is a software that tests whether a system is vulnerable to certain security issues. To do this, Metasploit exploits the same vulnerabilities as common malware and hacking software. This is what your anti-virus program detects and warns you about, so in this sense your anti-virus software is doing its job.

     

    To successfully use Metasploit to test for the exploitability of the vulnerabilities, you must turn off your anti-virus product or exclude the Metasploit directory (read here how to exclude the Metasploit directory in your anti-virus software). Otherwise, your anti-virus program will prevent you from successfully using Metasploit. For some anti-virus solutions, e.g. Symantec, you may have to turn off the anti-virus service in addition to the settings in the console or UI. The same may be true for your firewall, which needs to be disabled so the payload can connect back to your system after a successful exploitation.


    Rather than changing the configurations on your production machine, you may want to consider setting up a separate virtual machine on your laptop that doesn't have anti-virus or firewall installed. Running Oracle VirtualBox as a virtualization platform and Ubuntu 12.04 as an operating system seems to be a good combination since both of them are free to download and run. Unless you absolutely need Metasploit to run on your production machine, this is the safest and best option for most users.

    Metasploit Registration

     

    SymptomSolution
    Requesting free product key

    If you don't have a product key yet, click the button Get Product Key. Complete the directions on the screen. Once you've completed registering, you will receive an email with a product key that you can paste into the text box on the same screen below. You'll automatically return here after your registration.

     

    metasploit-activation-screen.png

    You have entered in an invalid email/domain. You must enter a valid company email address. Please try again.When registering for the Metasploit Pro trial, free email addresses (Hotmail, Yahoo, GMail) and ISP addresses (myname@comcast.com) are blocked to prevent abuse. You should be able to use an address from a business, work, personal domain or education institution. If you don't have such an address, you can still register for Metasploit Community Edition, which does not have these restrictions.
    Registering without internet connection

    Offline registering and activation is not available for the free Metasploit Community Edition or for the Metasploit Pro trial. However, if your computer is a laptop, you can register and activate from a location where you have Internet and then use it offline later.

     

    If you have a purchased copy of Metasploit Pro, you can request an offline activation file from support@rapid7.com.

     

    Metasploit Activation

    SymptomSolution
    Entering the product key if you have accidentally closed your browser window

    If you have not registered and activated straight after the installation, you can still register and enter the product key at a later time. On the machine that you installed Metasploit, open your browser and go to https://localhost:3790/, then follow the instructions. You can also access the Metasploit Web UI remotely by replacing "localhost" with the machine's IP address.

    Activation Failed: Invalid HTTP response: 401

    This is caused by your network's HTTP proxy intercepting the update request and blocking it. Try connecting without a proxy or activate Metasploit from different network. Once Metasploit is activated, you can use it behind a proxy.

     

    Offline activations are available for qualified Metasploit Pro customers. We regret that we cannot offer offline activations to trial or freeware users.

    Activation Failed: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond. - connect(2)You're having trouble reaching the licensing server through your network connection. If this is a laptop, try connecting to a different network (home, Starbucks, etc.) and activate the license from there. Once it's activated, you should be good to go!
    Activation Failed: Failed DecodeYou're having trouble reaching the licensing server through your network connection. If this is a laptop, try connecting to a different network (home, Starbucks, etc.) and activate the license from there. Once it's activated, you should be good to go!
    Activation Failed: The requested address is not valid in its context. - connect(2).*

    This is usually a DNS resolution problem that is preventing Metasploit from reaching the updates server. Verify that you can resolve and access http://updates.metasploit.com/.If you try to reach it in your browser, you should see the message "Success: The Metasploit Update Server is reachable." If you cannot see it, try accessing it by IP address: http://184.154.104.2. If you can see it now, the issue is with the DNS resolution, and you should add the IP address to your local host list.

    Activation Failed: Hostname not known: updates.metasploit.com

    First, verify that you can resolve and access http://updates.metasploit.com/.If you try to reach it in your browser, you should see the message "Success: The Metasploit Update Server is reachable." If you cannot see it, try accessing it by IP address: http://184.154.104.2. If you can see it now, the issue is with the DNS resolution, and you should add the IP address to your local host list.

     

    After you have verified you can reach updates.metasploit.com, restart the Metasploit services.

     

    On Linux

    Go to the the Metasploit installation directory (in my case /opt/metasploit) and type:

     

    sudo bash ctlscript.sh restart

     

    On Windows

    Click on the Start Menu, and then All Programs. Click on the Metasploit folder, and then click on the Services sub-folder. From here click on stop services. Wait 10 seconds and then go back to this same location and click Start services.


    After the services have restarted, try refreshing the screen in the browser.

    Prohibited Country

    US law prohibits us from providing our software to specific countries; given that a portion of our products are open source, this restriction is enforced during the activation process. This Wikipedia link lists the countries that are on the US embargo list: https://en.wikipedia.org/wiki/United_States_embargoes

     

    If your country is not listed but specific persons in your country are, and the rules indicate we must block access unless we know otherwise - something that is difficult to do. You're still free to use the open source Metasploit Framework, which doesn't require registration, but the commercial interface will not be available. Sorry for the inconvenience

     

    Metasploit Update

    SymptomSolution
    Installation failed: Signature failure

    This points to something between you and the update server modifying the package during the installation process. The most frequent cause is an inline-proxy tripping AV signatures on the contents of the update.

     

    Offline updates are available for qualified Metasploit Pro customers. We regret that we cannot offer offline updates to trial or freeware users.