I wanted to experiment with running Kali using Windows Subsystem for Linux on Windows 10. This will let you run native Linux command-line tools directly on Windows. I created this guide to get you a Kali WSL install with Metasploit running on Windows 10. If you want to install Metasploit directly in Windows without the Windows Subsystem for Linux, read after step #13.
- Open and run Windows PowerShell as administrator
- Enter the following command:
Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Windows-Subsystem-Linux - Reboot Windows
- Open the Microsoft Store on Windows 10 and install Kali Linux
- Launch Kali Linux when it is done installing and type a username and password when prompted.
- Type: sudo apt-get update (enter password if prompted)
- Type: sudo apt-get dist-upgrade
- Type: sudo apt-get clean
- Now we have to add the Kali Linux folder as an exception to the built-in Virus and threat protection so it doesn’t keep blocking/removing Metasploit:
Go to Start > Settings > Update & Security > Windows Security > Virus & threat protection
Under Virus & threat protection settings, select Manage settings, and then under Exclusions, select Add or remove exclusions.
- Add your Kali folder as an exclusion:
Located under: %LocalAppData%\Packages\KaliLinux.<Package_ID>\LocalState
Example: C:\Users\yourname\AppData\Local\Packages\KaliLinux.random##sandletters\LocalState - Now go back to your Kali Linux terminal and run this command to install Metasploit:
sudo apt-get install metasploit-framework - Finally, run Metasploit by typing: msfconsole
- Have fun experimenting and adding whatever else you want to Kali Linux
Also, if you just want to install Metasploit in Windows and are using the built-in virus and threat protection, you can download Metasploit Framework for Windows and add c:\metasploit-framework as an exclusion folder (like in step #9). The msfconsole command and all related tools will be added to the system %PATH% environment variable so you can use Metasploit within Command Prompt.
These alternate methods may be helpful for someone who has limited resources on their computer (ex. RAM/CPU) and can benefit from running with the least amount of VMs as possible. It’s also good to experiment with relatively new technology like Windows Subsystem for Linux.
I still highly recommend a full native Linux install or a Linux VM for familiarization and skill building.
Jaimin Pandya says
Good stuff Rami.
I have done this before and the Kali Linux application for Windows is pretty cool. But like you said in the end, it makes sense to have a native Linux and practice on that. I find Kali Linux to be intuitive and their GUI is also evolving making it easy to understand for new users