Wednesday, 5 September 2012

Updating BackTrack, Metasploit and switching to VirtualBox

Hey guys,

Recently I've been trying to update Backtrack and Metasploit, as well as connect up the PostgreSQL database to Metasploit. I've had some difficulties and thought I'd make a quick post to talk about the issues I've encountered and some of the solutions.

For a long while I was using BT5R1 in VMware Workstation 7 which I had upgraded to BT5R2. I wanted to upgrade to BT5R3 but both the ISO and vmware image I had downloaded from the Backtrack site, were giving me errors. Everytime the system was booting I received the error:

"The CPU has been disabled by the guest operating system."

After hours of googling and tweaking settings I couldn't find a solution. Frustrating but well these things happen, if anyone knows a fix I'd be interested to know. Anyhow, there's more than one way to skin a cat so I decided to perform an update from the repository instead.

apt-get update && apt-get dist-upgrade

Followed by an installation of the new tools, check out the link below:

http://www.backtrack-linux.org/backtrack/upgrade-from-backtrack-5-r2-to-backtrack-5-r3/

This update sorted me right out, at least I thought it had...

When I went to run msfupdate it no longer worked and was giving me an error saying my SVN client was too old. At this point I decided to completely remove Metasploit and grab the latest version using SVN as per the advice here:

https://community.rapid7.com/thread/2293


rm -rf /opt/framework/msf3/*
svn co https://metasploit.com/svn/framework3/trunk/ /opt/framework/msf3

The version under /opt/framework/msf3 was now up to date, but did not have database functionality. When trying to do a db_connect I received the error "no database driver installed". I played around with this for a while but couldn't get it working and gave up. More info can be found here:

http://www.backtrack-linux.org/forums/showthread.php?t=40411
http://www.backtrack-linux.org/forums/showthread.php?t=40377

I was also confused why the version in /pentest/exploits/framework was different to /opt/framework/msf3. The whole issue of having two versions of Metasploit was confusing me until I came across this post:

http://www.backtrack-linux.org/forums/showthread.php?t=51173

Up to this point I never realized that BackTrack was held together will a huge set of symbolic links (feel free to send me n00b abuse :) ). I think what I should have done originally was remove Metasploit, grab the latest version using svn, then create a symbolic link (ln -s /opt/metasploit/msf3 /pentest/exploits/framework)  to ensure the /pentest version used the /opt version. Unfortunately I only realized this as I was writing this post! (A nice post on symbolic links: http://www.cyberciti.biz/tips/understanding-unixlinux-symbolic-soft-and-hard-links.html)

So just to re-cap, new versions of BackTrack (both vmx and iso) wouldn't work for me in VMware, I was having issues updating Metasploit and to top it off Metasploit database integration had also stopped working! It wasn't looking good.

The major issue was that I couldn't load up a clean copy of BackTrack. Everything works fine from a clean copy so if I could somehow get a clean copy to load I'd be all sorted. This is where VirtualBox comes in. I'd used VirtualBox in the past and found it to be fairly solid, but had switched to VMware as it's what I had used on my corporate machine. With all the issues I had been having I thought I'd try firing up a clean version of the latest BackTrack iso in VirtualBox. Lo and behold it worked! I felt like an idiot, I'd wasted so much time chasing all these issues, why hadn't I just done this in the first place?




With the fresh copy installed in VirtualBox both msfupdate and Metasploit database work fine. Now I just need to transfer over my Windows images from VMware. I assumed it would be a straight forward import, but it turns out there's even more tweaking to be done due to the fact that the installed kernel and drivers depend on the underlying (virtual) hardware.This means that you can't simply *transfer* a Windows VMware image into VirtualBox.

Hopefully I can figure this out today and I'll put up a post with a step by step.

As a side note, I'm no expert when it's comes to Metasploit, I have no doubt there are probably some really easy solutions to the things above, I just couldn't find them on google. If anyone can explain any of the issues or solutions to me better please leave a comment as I'm eager to learn :)

PwnDizzle

3 comments:

  1. Holy smokes, I'm glad I'm not the only one who has been pulling my hair out with this. I cannot get BackTrack5R3 to work on any VMware setup -- the machine fails to boot (doesn't matter if it's an ISO or a VMware image). So finally I gave up and downloaded BackTrack5R2 instead -- that booted fine, but then Metasploit will. Not. Update!!

    Both msfupdate and SVN update fail when run from BackTrack, but SVN works fine if I run it on my Mac... I read somewhere that the network settings affect the SSL errors (supposedly running the VM under bridged-mode instead of NAT solves this, but it did not solve anything for me).

    ReplyDelete
  2. I was bald by the time I sorted everything out ;)

    I would suggest giving VirtualBox a go if you want to use BT5R3. I did need to reinstall my vm's but since migrating I've had no issues at all.

    Regarding msfupdate in BT, I did come across a strange quirk where if I ran /pentest/exploits/framework3/msfupdate it would fail, however if I went through the GUI menu: Applications -> BackTrack -> Exploitation Tools -> Network Exploitation Tools -> Metasploit Framework -> msfupdate, it would work fine! BT and MSF can be a pain in the ass sometimes :)

    ReplyDelete
  3. Backtrack 5 r3 not update && not upgrade

    ReplyDelete