Metasploit自动连接postgresql
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Metasploit自动连接postgresql相关的知识,希望对你有一定的参考价值。
1. 启动postgresql
[email protected]:~# service postgresql start
2. 设置用户与数据库
[email protected]:~# su postgres [email protected]:/root$ createuser msf4 -P Enter password for new role: Enter it again: [email protected]:/root$ createdb --owner=msf4 msf4
[email protected]:/root$ exit
exit
[email protected]:~#
3. 测试数据库连接状态
[email protected]:~# msfconsole ### ### msf > db_connect msf4:[email protected]/msf4 [*] Rebuilding the module cache in the background... msf > db_status [*] postgresql connected to msf4 msf > search 2015-0531 [!] Module database cache not built yet, using slow search #这里要稍等一下才会正常,可以考虑关闭应用重启一下 msf >
4. 设置自动连接
自动连接可以通过配置文件 /usr/share/metasploit-framework/config/database.yml 完成,内容可以通过复制database.yml.example并修改内容来完成设置。
[email protected]:/usr/share/metasploit-framework/config# cp database.yml.example database.yml [email protected]:/usr/share/metasploit-framework/config# vi database.yml [email protected]:/usr/share/metasploit-framework/config# cat database.yml # Please only use postgresql bound to a TCP port. # Only postgresql is supportable for metasploit-framework # these days. (No SQLite, no mysql). # # To set up a metasploit database, follow the directions hosted at: # http://r-7.co/MSF-DEV#set-up-postgresql development: &pgsql adapter: postgresql database: msf3 #主要该红色的这三个值 username: msf3 password: jinchangkun host: localhost port: 5432 pool: 5 timeout: 5 # You will often want to seperate your databases between dev # mode and prod mode. Absent a production db, though, defaulting # to dev is pretty sensible for many developer-users. production: &production <<: *pgsql # Warning: The database defined as "test" will be erased and # re-generated from your development database when you run "rake". # Do not set this db to the same as development or production. # # Note also, sqlite3 is totally unsupported by Metasploit now. test: <<: *pgsql database: metasploit_framework_test username: metasploit_framework_test password: ___________________________
重新执行msfconsole即可直接链接数据库
[email protected]:~# msfconsole ### ### msf > db_status [*] postgresql connected to msf4 msf > search CVE-2015-0311 Matching Modules ================ Name Disclosure Date Rank Description ---- --------------- ---- ----------- exploit/multi/browser/adobe_flash_uncompress_zlib_uaf 2014-04-28 great Adobe Flash Player ByteArray UncompressViaZlibVariant Use After Free msf >
5. . .
之前遇到过填database.yml内容无效的版本,是通过在用户的家目录下创建配置文件完成的,等遇到类似的再补充。
以上是关于Metasploit自动连接postgresql的主要内容,如果未能解决你的问题,请参考以下文章
markdown Metasploit连接Postgresql