Metasploit Database Problem Summary

Database is very important in metaspoit, as a large-scale penetration test project, the information collected is quite large, when you and your partner to fight together, you may be in different places, so data sharing is very important! And Metasploit can also be compatible with some scanning software, such as Nmap, Nusess, Nexpose and other scanning software, we can save the scan results as an XML file, and then hand over to Metasploit to do exploits ....

So use the database in Metasploit to do the above work!

How to install the database and be compatible with Metasploit

First Metasploit, the PostgreSQL database is used by default. PostgreSQL has been installed by default in a professional infiltration system such as BT5 or Kali. If you are not using BT5, but like ubuntu12.04 and other liunx distributions, Metasploit is also installed yourself, so you need to install the PostgreSQL database yourself

First we install the database :

sudo apt-get install postgresql-8.4 postgresql-client-8.4

After installation, create the user password and database:

1. Su Postgres #进入数据库

2. Createdb Nmap #创建数据库

3 CreateUser Nmap #创建用户

I'm asking you to enter your password and I'm setting up a namp. Enter OK and enter exit to exit

And then it goes into the Msfconsole setup MSF is associated with the PostgreSQL database

After entering the MSF shell, connect to the database using the following command:

db_connect nmap:[email protected]/nmap

You will then see some of the MSF outputs, which are the initial data, and the first associated database will be there, and the second time will be gone.

After waiting for the output to complete, we re-enter the command db_status test whether the link is ok

If you see the following echo, prove that the database has been successfully associated with MSF:

PostgreSQL conneted to Nmap

Opening and viewing ports for Postgres databases

First, check that the database service is turned on, and enter the following command in the shell:

netstat -tnpl | grep postgres

If turned on, note the port

If not, we enter the/etc/init.d/directory, Shell command: LS | grep postgres, find the Metasploit-postgres,shell command:./metasploit-postgres start, you can turn on the Postgres service, if you want to shut down with stop. When turned on, note the port.

View the default password for the Postgres database and connect to the database

The user name and password are placed in the/OPT/METASPLOIT/CONFIG/DATABASE.YML profile, and Vim opens for viewing. The format of the file is shown in the following article:

Development:adapter: "PostgreSQL" Database: "Msf3dev" username: "msf3" Password: "4BFEDFC2" port:7337host: "localhost" Pool:256timeout:5

Enter the Metasploit command line interface: Use the command db_connect to connect to the database, specific command: Db_connect username:[email protected]: Port number/database name.

For the above configuration, our connect command is:

db_connect  msf3: [email protected]:7337

Prompt port error, need to modify postgres default port

The PostgreSQL listening port installed by default on BT5R3 is 7337. If you want to change the listening port, the workaround is as follows:

Modify/opt/metasploit/postgresql/data/postgres.conf in port = 5432

Then the Postgres database can be opened according to question two.

Tips ENCODING Error

First we enter the database:

Su–postgres

Then use UTF8 encoding to create a new database:

Createdb msfbook-e utf8-t Templat0

Finally, typing db_connect [email protected]/msfbook

There will be a bunch of statement output that creates a data table, indicating that there is no problem executing.

Use Db_status check to prompt for normal.

think the Postgres database is uncomfortable, want to change MySQL database

Start Msfconsole first to see what databases are available:

MSF >db_driver[*]active Driver:postgresql[*]available:postgresql,mysql

Active driver:postgresql Description Now the default database is PostgreSQL

Available:postgresql,mysql description of databases supported by MSF with PostgreSQL and MySQL

We can switch the default database using the following command:

MSF >db_driver MySQL

[*] Active Driver:mysql

You have successfully switched to the MySQL database now.

Resources

"Metasploit connection Postgres database in Backtrack"

"Metasploit using PostgreSQL database"

"Metasploit Console connection to PostgreSQL database issues"

The MSF Penetration Testing guide

The MSF Penetration Testing Handbook

Reprinted from: http://www.91ri.org/7262.html