Since Metasploit was removed from the official Termux repositories, installing it became difficult due to Ruby gem compilation errors (Nokogiri/Gumbo, bundler conflicts, Ruby version mismatches). This script provides three installation methods โ including the new recommended proot-distro approach which completely bypasses all gem errors using Rapid7's official pre-built package.
| Method | Android | Stability | Disk | Recommended |
|---|---|---|---|---|
| ๐ Proot-Distro (Debian) | 7.0+ | โญโญโญโญโญ | ~300MB | โ YES |
| โ๏ธ Direct Install (Modern) | 7.0+ | โญโญโญ | ~150MB | |
| ๐น๏ธ Legacy Install | 4.4โ6.0 | โญโญ | ~150MB | For old devices only |
Why Proot? Debian proot uses Rapid7's official omnibus package โ a pre-compiled binary with its own embedded Ruby. No gem compilation, no Nokogiri errors, no bundler issues. Ever.
- Termux latest version from F-Droid (NOT Play Store)
- Minimum 2GB free internal storage (3GB+ recommended for proot)
- Stable internet connection
- Android 7.0+ for proot method / Android 4.4+ for legacy
# 1. Update Termux
apt update && apt upgrade -y
# 2. Install git
apt install git -y
# 3. Clone this repository
git clone https://github.com/h4ck3r0/Metasploit-termux
# 4. Enter directory
cd Metasploit-termux
# 5. Grant permissions
chmod +x *
# 6. Run installer
bash metasploit.sh[1] Metasploit Installation
โโโ [1] Legacy (Android 4.4 - 6.0)
โโโ [2] Modern Direct (Android 7.0+)
โโโ [3] Proot-Distro / Debian โ RECOMMENDED
[2] Repair
[3] Backup
[4] Restore
[5] Update
[6] Exit
๐ก Select Option 1 โ then Option 3 for the most stable installation.
msfconsoleThis automatically:
- Starts PostgreSQL database
- Enters the Debian environment (proot method)
- Launches
msfconsole
All paths below work inside the Debian proot environment.
| Inside Debian | Maps to | Access from Android |
|---|---|---|
/sdcard/ |
Phone internal storage | File Manager root |
/sdcard/MSF/payloads/ |
Payload output folder | Internal Storage โ MSF โ payloads |
/sdcard/MSF/loot/ |
Loot/captured data | Internal Storage โ MSF โ loot |
/sdcard/MSF/backups/ |
Backup storage | Internal Storage โ MSF โ backups |
/root/msf-output/ |
Alias for /sdcard/MSF/ |
Same as above |
# Drop into a full Debian shell
msf-shell
# Inside Debian โ build a tool, then copy to phone:
gcc exploit.c -o exploit
cp exploit /sdcard/MSF/exploit
# Exit back to Termux
exit# From inside Debian (msf-shell):
cp /root/myfile.apk /sdcard/MSF/myfile.apk
# From Termux (outside proot):
cp ~/proot-distro/installed-rootfs/debian/root/myfile /sdcard/MSF/If Metasploit breaks after a Termux update:
bash metasploit.sh
# Choose Option 2 โ RepairThe repair script will:
- Reinstall all dependencies
- Fix Nokogiri gem (Gumbo disabled)
- Reinstall bundle gems
- Fix PostgreSQL PID issues
bash metasploit.sh
# Choose Option 3 โ BackupBackup is saved to: Internal Storage โ MSF โ backups/
You can view it from any Android file manager.
bash metasploit.sh
# Choose Option 4 โ Restore
# Select backup from the numbered listbash metasploit.sh
# Choose Option 5 โ UpdateOr manually update MSF inside Debian (proot method):
msf-shell
apt update && apt upgrade metasploit-framework -y
exitAndroid 12+ aggressively kills background processes. To disable this:
# Requires ADB from a PC:
adb shell device_config set_sync_disabled_for_tests persistent
adb shell device_config put activity_manager max_phantom_processes 2147483647Also: Go to Android Settings โ Apps โ Termux โ Battery โ Unrestricted
| Problem | Fix |
|---|---|
msfconsole: command not found |
Re-run installer or check ls $PREFIX/bin/msfconsole |
Could not start server (PostgreSQL) |
rm ~/proot-distro/installed-rootfs/debian/var/run/postgresql/.s.* then retry |
Gem::LoadError on startup |
Run Repair from main menu |
bundle install fails |
Use proot method โ bypasses all gem issues |
| Process killed by Android | Disable battery optimization for Termux |
/sdcard not accessible |
Run termux-setup-storage in Termux |
proot-distro: command not found |
pkg install proot-distro |
This tool is for educational and authorized penetration testing purposes only.
Unauthorized access to systems is illegal. The author is not responsible for misuse.
Always get written permission before testing any system you do not own.
Developed by Raj Aryan (h4ck3r0) โ Give a โญ if this helped you!