search

rapid7 / metasploit-framework

Metasploit Framework
https://www.metasploit.com/
Other
34.25k stars 14k forks source link

why metasploit is very slow at startup? #19637

Closed saeedahm closed 5 days ago

saeedahm commented 1 week ago

Hi in version v6.3.43-dev its ok and works fine (speed i mean) in latest version of kali like 2024.* like version v6.4.18-dev its very slow at startup and working with it , not even startup but it using it is slow too like 6.4.16 version have 2376 exploits and latest version have 2437 exploits or for payloads the same if like it was 3000 we can say it takes time but the versions are close to each other i heared that some people said that it takes time to load modules in memory but Only a few modules have been added but even im wrong after startup even modules loaded in memory when runing exploit command have delay between the old version i mentioned and latest version I need an explanation please

LongWayHomie commented 1 week ago

Yeah, can confirm that in Kali Rolling after the update to version 6.4.34-dev it takes really time to boot up the console. About nearly 5 minutes. Here's the execution of time with exit command:

root@kali:~# time msfconsole -x 'exit'
Metasploit tip: Search can apply complex filters such as search cve:2009 
type:exploit, see all the filters with help search

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%     %%%         %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%  %%  %%%%%%%%   %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%  %  %%%%%%%%   %%%%%%%%%%% https://metasploit.com %%%%%%%%%%%%%%%%%%%%%%%%
%%  %%  %%%%%%   %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%  %%%%%%%%%   %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%  %%%  %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%    %%   %%%%%%%%%%%  %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%  %%%  %%%%%
%%%%  %%  %%  %      %%      %%    %%%%%      %    %%%%  %%   %%%%%%       %%
%%%%  %%  %%  %  %%% %%%%  %%%%  %%  %%%%  %%%%  %% %%  %% %%% %%  %%%  %%%%%
%%%%  %%%%%%  %%   %%%%%%   %%%%  %%%  %%%%  %%    %%  %%% %%% %%   %%  %%%%%
%%%%%%%%%%%% %%%%     %%%%%    %%  %%   %    %%  %%%%  %%%%   %%%   %%%     %
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%  %%%%%%% %%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%          %%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

       =[ metasploit v6.4.34-dev                          ]
+ -- --=[ 2461 exploits - 1267 auxiliary - 432 post       ]
+ -- --=[ 1471 payloads - 49 encoders - 11 nops           ]
+ -- --=[ 9 evasion                                       ]

Metasploit Documentation: https://docs.metasploit.com/

[*] Starting persistent handler(s)...

real    4m42.594s
user    0m12.650s
sys     0m0.867s

root@kali:~#
dwelch-r7 commented 1 week ago

This is definitely unexpected, not sure what the cause would be but it's not something we're experiencing when we've installed directly from github/using our installer, if anyone runs into the issue when it's installed via another method other than kali that'd be great if you cold update us here

In the meantime could you @saeedahm and @LongWayHomie try booting up msfconsole with the flag --defer-module-loads and let us know if that has any effect on the load time? It's unlikely to fix the problem but it might help us narrow down the root of the issue

LongWayHomie commented 1 week ago

Tried again today and it seems the issue is gone. I have tried to use --defer-module-loads and msf opened in like 2 seconds, while after that (without this parameter) it opened in 12 seconds. Tried to upgrade the Kali via apt so maybe this resolved the issue. So I guess there's some weird things happening within Kali itself.

root@kali:~# time msfconsole -x 'exit' --defer-module-loads
Metasploit tip: Set the current module's RHOSTS with database values using 
hosts -R or services -R

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%     %%%         %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%  %%  %%%%%%%%   %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%  %  %%%%%%%%   %%%%%%%%%%% https://metasploit.com %%%%%%%%%%%%%%%%%%%%%%%%
%%  %%  %%%%%%   %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%  %%%%%%%%%   %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%  %%%  %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%    %%   %%%%%%%%%%%  %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%  %%%  %%%%%
%%%%  %%  %%  %      %%      %%    %%%%%      %    %%%%  %%   %%%%%%       %%
%%%%  %%  %%  %  %%% %%%%  %%%%  %%  %%%%  %%%%  %% %%  %% %%% %%  %%%  %%%%%                                                                                                                                                              
%%%%  %%%%%%  %%   %%%%%%   %%%%  %%%  %%%%  %%    %%  %%% %%% %%   %%  %%%%%                                                                                                                                                              
%%%%%%%%%%%% %%%%     %%%%%    %%  %%   %    %%  %%%%  %%%%   %%%   %%%     %                                                                                                                                                              
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%  %%%%%%% %%%%%%%%%%%%%%                                                                                                                                                              
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%          %%%%%%%%%%%%%%                                                                                                                                                              
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%                                                                                                                                                              

       =[ metasploit v6.4.34-dev                          ]                                                                                                                                                                                
+ -- --=[ 2461 exploits - 1267 auxiliary - 432 post       ]                                                                                                                                                                                
+ -- --=[ 1471 payloads - 49 encoders - 11 nops           ]                                                                                                                                                                                
+ -- --=[ 9 evasion                                       ]

Metasploit Documentation: https://docs.metasploit.com/

[*] Starting persistent handler(s)...

real    0m2.463s
user    0m2.072s
sys     0m0.360s
root@kali:~# time msfconsole -x 'exit'
Metasploit tip: Search can apply complex filters such as search cve:2009 
type:exploit, see all the filters with help search

  Metasploit Park, System Security Interface                                                                                                                                                                                               
  Version 4.0.5, Alpha E                                                                                                                                                                                                                   
  Ready...                                                                                                                                                                                                                                 
  > access security                                                                                                                                                                                                                        
  access: PERMISSION DENIED.
  > access security grid
  access: PERMISSION DENIED.
  > access main security grid
  access: PERMISSION DENIED....and...
  YOU DIDN'T SAY THE MAGIC WORD!
  YOU DIDN'T SAY THE MAGIC WORD!                                                                                                                                                                                                           
  YOU DIDN'T SAY THE MAGIC WORD!                                                                                                                                                                                                           
  YOU DIDN'T SAY THE MAGIC WORD!                                                                                                                                                                                                           
  YOU DIDN'T SAY THE MAGIC WORD!                                                                                                                                                                                                           
  YOU DIDN'T SAY THE MAGIC WORD!                                                                                                                                                                                                           
  YOU DIDN'T SAY THE MAGIC WORD!                                                                                                                                                                                                           

       =[ metasploit v6.4.34-dev                          ]
+ -- --=[ 2461 exploits - 1267 auxiliary - 432 post       ]
+ -- --=[ 1471 payloads - 49 encoders - 11 nops           ]
+ -- --=[ 9 evasion                                       ]

Metasploit Documentation: https://docs.metasploit.com/

[*] Starting persistent handler(s)...

real    0m12.426s
user    0m11.631s
sys     0m0.759s
saeedahm commented 6 days ago

the problem solved with --defer-module-loads option and works fine i didnt tested from installing directly from github i got many errors installing gems and stucked on pcaprub gem but i guess the problem was solved. many thanks