Why Kali installs both metasploit and metasploit-framework packages by default?

**rufe** · 2015-03-28

Vanilla installation of Kali Linux comes with both metasploit and metasploit-framework packages installed.

metasploit-framework package includes the free open-source framework only and keeps all its msf* binaries in /usr/share/metasploit-framework/

metasploit package includes both framework and Rapid7 commercial Metasploit Pro add-ons and keeps its msf* binaries in /opt/metasploit/apps/pro/msf3

All calls to msf* binaries, e.g. msfconsole, or msfvenom are currently resolved to those in /opt/metasploit/apps/pro/msf3/ directory of metasploit package.

Binaries in /usr/share/metasploit-framework/ don't even work out of the box: /usr/share/metasploit-framework/msfconsole doesn't start showing "Could not find rake-10.4.2 in any of the sources. Run `bundle install` to install missing gems." error.

So what is the purpose of keeping the metasploit-framework package installed on the system anyway? In what cases is it actually used?

Thread: Why Kali installs both metasploit and metasploit-framework packages by default?

Thread Tools

Search Thread

Display

Threaded View

Why Kali installs both metasploit and metasploit-framework packages by default?

Similar Threads

Metasploit framework on Kali 2020.1 (updated)

Starting up Metasploit Framework in Kali Linux 2.0

How to install latest metasploit-framework from git on kali 1.1.0a - Wheezy

cannot download "metasploit-framework" and "exploitdb" packages

Posting Permissions