Team metasploit and msfgui on Windows

First, in answer to a common question, the new msfgui can be run on Windows if Java is installed by double-clicking (starting in your program files directory) MetasploitFramework3msf3dataguimsfgui.jar so make a shortcut to that and place it on your desktop. Next think about the fact that Metasploit has more features and runs with less memory and about twice as fast for me on ruby1.9.1 on Linux, your desktop will probably boot faster, and many other security tools also run better, if not exclusively on Linux, and at least think about downloading a free Linux distro and setting up an easy dual-boot system. Please.

Also, if you have tried to run msfgui on linux, you may have previously been forced to fully specify the path instead of using a symlinked command. The launcher now dereferences symlinks, so now you can just type msfgui at a console and assuming java is in your path, the gui will now come up.

Collaborative Metasploit

Even if you are a console junkie, and I admit, the console is still often my first choice, the new msfgui is beginning to provide some capabilities not present in the classic interface. One example is the ability to use the capabilities of Metasploit collaboratively; you can start an msfrpcd and connect to it from different systems via msfgui. This allows all members to see the running jobs, launch exploits and other modules, see database data identified by imported scans or scanner auxiliary modules, and see the running sessions. Currently, however, different pen-testers should not try to interact with the same session at the same time; as long as only one has the interaction window up for a session, everything works great. But if more than one pen-tester attempt to interact with the session, only one will see the output. This behavior will be changed once the proper mechanism for resending output and maybe input is decided. In the meantime, select different sessions and enjoy collaboratively analyzing and assessing networks.

Oh and console junkies can still share the same daemon; just open a new console from the menu. It supports tab completion, and you can use all your favorite commands. Happy owning.

  1. No comments yet.
(will not be published)