Tuesday, October 16, 2012

Metasploit and Postgres Setup

Here are some notes that I took to setup my msf and postgres.

Starting Postgres

rt@bt:$ sudo -s
rt@bt:$ postgresql-setup initdb
rt@bt:$ systemctl start postgresql.service


Creating a database user

postgres@bt:$ createuser msf_user -P
Enter password for new role: <btpassword>
Enter it again: <btpassword>
Shall the new role be a superuser? (y/n) n
Shall the new role be allowed to create databases? (y/n) n
Shall the new role be allowed to create more new roles? (y/n) n


Creating a database
postgres@bt:$ createdb --owner=msf_user msf_database


Configure Metasploit
rt@bt:$ msfconsole
msf > db_status
[*] postgresql selected, no connection
msf> db_connect msf_user:btpassword@127.0.0.1:5432/msf_database
NOTICE:  CREATE TABLE will create implicit sequence "hosts_id_seq" for serial column "hosts.id"
NOTICE:  CREATE TABLE / PRIMARY KEY will create implicit index "hosts_pkey" for table "hosts"
[..]
NOTICE:  CREATE TABLE will create implicit sequence "mod_refs_id_seq" for serial column "mod_refs.id"
NOTICE:  CREATE TABLE / PRIMARY KEY will create implicit index "mod_refs_pkey" for table "mod_refs"

Enable the database on startup
This is to write the database configuration to a separate configuration file so the password doesn't get printed on the screen during each start of the msfconsole.
$ cat > /opt/metasploit-framework/database.yml << EOF
production:
    adapter: postgresql
    database: msf_database
    username: msf_user
    password: yourmsfpassword
    host: 127.0.0.1
    port: 5432
    pool: 75
    timeout: 5
EOF
Database connection and Workspace
$ cat > ~/.msf4/msfconsole.rc << EOF
db_connect -y /opt/metasploit4/config/database.yml
workspace -a YourProject
EOF


Using the database
msf > db_status
[*] postgresql connected to msf_database
msf > db_nmap 192.168.1.0/24
msf > hosts
Hosts
=====
address        mac                name       os_name  os_flavor  os_sp  purpose  info  comments
-------        ---                ----       -------  ---------  -----  -------  ----  --------
192.168.1.1    11:22:33:44:55:66  router     Linux    2.6.X             device        
192.168.1.100  22:33:44:55:66:77  mixer      Linux    2.6.X             device         
msf > help database
Database Backend Commands
=========================
    Command        Description
    -------        -----------
    creds          List all credentials in the database
    db_connect     Connect to an existing database
    db_disconnect  Disconnect from the current database instance
    db_export      Export a file containing the contents of the database
    db_import      Import a scan result file (filetype will be auto-detected)
    db_nmap        Executes nmap and records the output automatically
    db_status      Show the current database status
    hosts          List all hosts in the database
    loot           List all loot in the database
    notes          List all notes in the database
    services       List all services in the database
    vulns          List all vulnerabilities in the database
    workspace      Switch between database workspaces
To list databases

postgres@bt:$ psql -l

To assign ownership of a database
postgres@bt:$ psql -c "ALTER DATABASE msf_database OWNER TO msf_user;" 

To add or change the password for a user
postgres@bt:$ psql -c "ALTER USER msf_user WITH ENCRYPTED PASSWORD 'omgwtfbbq';" 

To drop a database
postgres@bt:$ dropdb msf_database

To drop a user
postgres@bt:$ dropuser msf_user
psql commands
select version(); - show the db version
\h - get help
\q - quit