To download and update the Metasploit 3.0 framework, a user could execute the commands below. (Some output has been removed for the sake of brevity, and we assume that the Subversion client command svn is installed.) Because we want to see how the Metasploit update process communicates with the update server, we take a packet trace on the iptablesfw system with tcpdump and then switch over to the int_scanner system to perform the update. (The -s 0 command-line argument to tcpdump ensures that the full length of each packet is recorded.)
[iptablesfw]# tcpdump -i ethl -s 0 -l -nn port 443 -w metasploit_update.pcap [int_scanner]$ http://framework-mirrors.metasploit.com/msf/downloader/framework-3.0.tar.gz
[int_scanner]$ tar xfz framework-3.0.tar.gz [int_scanner]$ cd framework-3.0 [int_scanner]$ svn update
4 Subversion (see http://subversion.tigris.org) is a fantastic mechanism for tracking changes in source code (and even in binary files). All of the projects at http://www.cipherdyne.org are tracked within a Subversion repository, and even files used to write this book were tracked within Subversion during the writing process.
O Error validating server certificate for 'https://metasploit.com:443':
- The certificate is not issued by a trusted authority. Use the fingerprint to validate the certificate manually!
- Hostname: metasploit.com
- Valid: from Tue, 31 Jul 2007 15:39:57 GMT until Wed, 30 Jul 2008 15:39:57 GMT © - Issuer: Development, The Metasploit Project, San Antonio, Texas, US
- Fingerprint: 05:aa:fd:bb:ea:cb:5d:bb:00:69:6b:d9:5e:35:cf:75:83:3e:fc:ff (R)eject, accept (t)emporarily or accept (p)ermanently? t
U external/ruby-lorcon/extconf.rb Updated to revision 4592
At © above, you see that Metasploit uses a self-signed SSL certificate, and at you see the issuer and fingerprint information for that certificate, which we accept temporarily by pressing t. At this point, our local exploit database and all associated source code files are synchronized with the latest versions available via the Metasploit Subversion repository, and we have the metasploit_update.pcap file that contains a packet capture of the entire update process. (You can download this file from http://www .cipherdyne.org/ LinuxFirewalls.)
Was this article helpful?