Mac for Hackers: How to Install RVM to Maintain Ruby Environments in macOS

Nov 2, 2016 06:15 PM
Nov 3, 2016 11:57 PM

We're almost there to completing the setup of your Mac for hacking! Now that we have Git and Homebrew under our belts, it's time to take on something fairly easy, but very important for our hacking needs.

Ruby is an object-oriented scripting language used to write powerful projects such as Metasploit and WPScan. Although Ruby ships with macOS, there isn't a clean way included in the operating system to update and manage Ruby environments (i.e., gem files and Ruby versions).

Why is that so important? The version of Ruby that ships with macOS is usually out of date, and since we're going to need at least the latest version of Ruby—and will have to manage gems (Ruby libraries)—some form of Ruby version management is required. Plus, in some cases, our hacking tools will require a specific Ruby version to run properly, and that means we'll need more than one functioning Ruby version.

There are two leading options for this: rbenv and RVM (Ruby Version Manager). Rbenv is lightweight and modular, which fits more with the Unix philosophy of do one thing and do it well, but I personally prefer RVM. It's an all-encompassing solution to managing environments that meets almost all needs out of the box. It also doesn't hurt that it's the recommended Ruby version manager for working with the Metasploit Framework.

In this tutorial, we'll be looking at installing RVM on macOS and updating to the latest version of Ruby.

Step 1: Install GPG

The current RVM version signs and verifies all releases and the rvm-installer script. In most cases, it's all automated and the installer will check if the downloaded files are signed.

First, we will need to install GPG, an open-source encryption tool which allows us to encrypt and sign data communications. You should have Homebrew installed already, if you've been following this series, so simply execute this command:

  • brew install gpg
636123154873664811.jpg

Step 2: Install RVM

Next, we will execute the RVM installer with the command:

This command tells cURL to get the script, and to follow any location changes reported by the host (-L). It is then piped (|)into bash. The options select the stable version of RVM, enable auto-dependency resolution, and, finally, --ruby installs the latest version of Ruby. Once that completes, we will close the terminal window and open a new one.

Step 3: Check Our Ruby Version

Now we'll check the default version of Ruby on our machine using RVM:

  • rvm list
636123185243978080.jpg

As you can see, our Ruby install is now up to date and ready to go!

Step 4: Install Older Ruby Versions

When we need an older Ruby version to run a tool, RVM makes that a piece of cake. First, open up iTerm and then enter the command:

  • rvm install 2.2.5

Swap out "2.2.5" with whatever version number you want.

636136145193026785.jpg

I selected 2.2.5, since it was a binary version of Ruby, meaning no compile time. You can use the following command to get a list of easy-to-pull-down Ruby versions.

  • rvm list known

The list isn't definitive, but a little checking around on the RVM site will give a more complete list.

Step 5: Switch Between Ruby Versions

Now that we have multiple versions of Ruby installed, we can view which versions are installed with the command:

  • rvm list

In order to switch between them, use the command:

  • rvm use 2.2.5

Change "2.2.5" to the version of Ruby to the one you want to use.

636136150122087121.jpg

Step 6: Remove an Unused Ruby Version

If tools update to the latest version of Ruby, you may want to remove the outdated and unused versions on your machine. Simply enter the command:

  • rvm remove 2.2.5

Replace "2.2.5" with whatever version of Ruby you are trying to remove.

636136151873181852.jpg

If you only want to remove Ruby itself, and not everything related to that version of Ruby, use the command:

  • rvm uninstall 2.2.5

Substitute "2.2.5" with the version of Ruby you are trying to remove.

And Now You've Got Ruby All Ready

RVM is a powerful tool and has many more features geared towards developers. If you have any interest in development with Ruby, I recommend reading through this series. In order to get a firm grasp of what RVM is capable of I recommend using the command "man rvm". With RVM installed on macOS, we can now easily work with GitHub projects that are written in Ruby, and we won't need to worry about multiple versions of Ruby on our machine conflicting.

Stay tuned to future guides in this series on getting a Mac ready for hacking, which will include installing Kali and Metasploit, organizing your tools, and the basics of Vim.

Cover image by cherniga/123RF; Screenshots by Barrow/Null Byte

Comments

No Comments Exist

Be the first, drop a comment!