准备环境
- 先把官方的仓库Fork一份到你自己的帐号下,再把自己仓库的代码克隆到本地,例如:
➜ IdeaProjects git clone <https://github.com/cn-kali-team/metasploit-framework>
正克隆到 'metasploit-framework'...
remote: Enumerating objects: 619757, done.
remote: Total 619757 (delta 0), reused 0 (delta 0), pack-reused 619757
接收对象中: 100% (619757/619757), 711.56 MiB | 9.62 MiB/s, 完成.
处理 delta 中: 100% (456555/456555), 完成.
正在更新文件: 100% (11980/11980), 完成.
- 切换到项目根目录查看
.ruby-version
文件,就是Ruby的最低支持版本,为了不污染本地的ruby环境,所以一般使用Ruby虚拟环境,这里我使用rbenv,我这手工安装和配置,你也可以是哟给你自动化的脚本安装,rbenv-installer。
安装rbenv
➜ ~ git clone <https://github.com/rbenv/rbenv.git> ~/.rbenv
正克隆到 '/home/kali-team/.rbenv'...
remote: Enumerating objects: 3013, done.
remote: Counting objects: 100% (117/117), done.
remote: Compressing objects: 100% (66/66), done.
remote: Total 3013 (delta 62), reused 91 (delta 51), pack-reused 2896
接收对象中: 100% (3013/3013), 606.48 KiB | 1.79 MiB/s, 完成.
处理 delta 中: 100% (1871/1871), 完成.
➜ ~ echo 'export PATH="$HOME/.rbenv/bin:$PATH"' >> ~/.zshrc
➜ metasploit-framework git:(master) rbenv init
# Load rbenv automatically by appending
# the following to ~/.zshrc:
eval "$(rbenv init - zsh)"
- 装完还要安装一个插件
ruby-build
,这样可以使用install命令了。
➜ ~ mkdir -p "$(rbenv root)"/plugins
➜ ~ git clone <https://github.com/rbenv/ruby-build.git> "$(rbenv root)"/plugins/ruby-build
正克隆到 '/home/kali-team/.rbenv/plugins/ruby-build'...
remote: Enumerating objects: 12252, done.
remote: Counting objects: 100% (945/945), done.
remote: Compressing objects: 100% (326/326), done.
remote: Total 12252 (delta 636), reused 818 (delta 556), pack-reused 11307
接收对象中: 100% (12252/12252), 2.55 MiB | 4.15 MiB/s, 完成.
处理 delta 中: 100% (8103/8103), 完成.
- 按照提示把eval这行配置好,装完再重新加载一下环境变量,然后切换到项目根目录安装Ruby。
➜ metasploit-framework git:(master) rbenv install
Downloading ruby-3.0.2.tar.gz...
-> <https://cache.ruby-lang.org/pub/ruby/3.0/ruby-3.0.2.tar.gz>
Installing ruby-3.0.2...
Installed ruby-3.0.2 to /home/kali-team/.rbenv/versions/3.0.2
➜ metasploit-framework git:(master)
更新rbenv
- 长时间不更新,metaploit官方会更新ruby的版本,如果找不到最新版本,切换到rbenv目录执行一下
➜ ~ cd .rbenv/
➜ .rbenv git:(master) git pull
remote: Enumerating objects: 339, done.
remote: Counting objects: 100% (323/323), done.
remote: Compressing objects: 100% (170/170), done.
remote: Total 339 (delta 191), reused 251 (delta 141), pack-reused 16
接收对象中: 100% (339/339), 109.23 KiB | 26.00 KiB/s, 完成.
处理 delta 中: 100% (194/194), 完成 15 个本地对象.
来自 <https://github.com/rbenv/rbenv>
0843745..61747c0 master -> origin/master
* [新分支] fallback-to-path -> origin/fallback-to-path
* [新标签] v1.2.0 -> v1.2.0
更新 0843745..61747c0
➜ metasploit-framework git:(MicrosoftTeams) git -C ~/.rbenv/plugins/ruby-build pull
remote: Enumerating objects: 1341, done.
remote: Counting objects: 100% (1209/1209), done.
remote: Compressing objects: 100% (182/182), done.
remote: Total 1341 (delta 1025), reused 1152 (delta 1000), pack-reused 132
接收对象中: 100% (1341/1341), 238.35 KiB | 26.00 KiB/s, 完成.
处理 delta 中: 100% (1123/1123), 完成 241 个本地对象.
来自 <https://github.com/rbenv/ruby-build>
- 再次执行就可以找到最新版本的ruby了,这个是我最近遇到的问题,补充上来了
➜ metasploit-framework git:(MicrosoftTeams) rbenv install --list-all|grep 3.0.5
3.0.5
➜ metasploit-framework git:(MicrosoftTeams) cat .ruby-version
3.0.5
➜ metasploit-framework git:(MicrosoftTeams)
- 安装项目依赖库,中间可以要安装一些原生依赖:比如
postgresql-libs
这些。
metasploit-framework git:(master) gem install bundler
Fetching bundler-2.3.17.gem
Successfully installed bundler-2.3.17
Parsing documentation for bundler-2.3.17
Installing ri documentation for bundler-2.3.17
Done installing documentation for bundler after 0 seconds
1 gem installed
➜ metasploit-framework git:(master) bundle install
...
Using metasploit-framework 6.2.5 from source at `.`
Bundle complete! 15 Gemfile dependencies, 190 gems now installed.
Use `bundle info [gemname]` to see where a bundled gem is installed.
- 验证环境是否安装好,之前当前文件夹的
msfconsole
如果能进入控制台就说明环境安装好了。
➜ metasploit-framework git:(master) ./msfconsole
_ _
/ \\ /\\ __ _ __ /_/ __
| |\\ / | _____ \\ \\ ___ _____ | | / \\ _ \\ \\
| | \\/| | | ___\\ |- -| /\\ / __\\ | -__/ | || | || | |- -|
|_| | | | _|__ | |_ / -\\ __\\ \\ | | | | \\__/| | | |_
|/ |____/ \\___\\/ /\\ \\\\___/ \\/ \\__| |_\\ \\___\\
=[ metasploit v6.2.5-dev-ed2c64bffd ]
+ -- --=[ 2227 exploits - 1172 auxiliary - 398 post ]
+ -- --=[ 864 payloads - 45 encoders - 11 nops ]
+ -- --=[ 9 evasion ]
Metasploit tip: Open an interactive Ruby terminal with
irb
msf6 >
- 安装ruby或者依赖的时候可能会遇到网络问题,可以装一个创建转到国内源
git clone <https://github.com/andorchen/rbenv-china-mirror.git> "$(rbenv root)"/plugins/rbenv-china-mirror
➜ metasploit-framework git:(master) bundle config mirror.<https://rubygems.org> <https://mirrors.tuna.tsinghua.edu.cn/rubygems>
➜ metasploit-framework git:(master) gem sources --add <https://mirrors.tuna.tsinghua.edu.cn/rubygems/> --remove <https://rubygems.org/>
<https://mirrors.tuna.tsinghua.edu.cn/rubygems/> added to sources
<https://rubygems.org/> removed from sources
➜ metasploit-framework git:(master) bundle install
Fetching source index from <https://mirrors.tuna.tsinghua.edu.cn/rubygems/>
GitHook
➜ metasploit-framework git:(master) ln -sf ../../tools/dev/pre-commit-hook.rb ./.git/hooks/post-merge
调试
require pry
binding.pry
提交前
ruby tools/dev/msftidy_docs.rb documentation/modules/post/multi/gather/minio_client.md
rubocop -a modules/post/multi/gather/minio_client.rb