Kali下Metasploit自动连接postgresql
1. 启动postgresql
root@kali:~# service postgresql start
2. 设置用户与数据库
root@kali:~# su postgres postgres@kali:/root$ createuser msf4 -P Enter password for new role: Enter it again: postgres@kali:/root$ createdb --owner=msf4 msf4
postgres@kali:/root$ exit
exit
root@kali:~#
3. 测试数据库连接状态
root@kali:~# msfconsole ### ### msf > db_connect msf4:password@localhost/msf4 [*] Rebuilding the module cache in the background... msf > db_status [*] postgresql connected to msf4 msf > search 2015-0531 [!] Module database cache not built yet, using slow search #这里要稍等一下才会正常,可以考虑关闭应用重启一下 msf >
4. 设置自动连接
自动连接可以通过配置文件 /usr/share/metasploit-framework/config/database.yml 完成,内容可以通过复制database.yml.example并修改内容来完成设置。
root@kali:/usr/share/metasploit-framework/config# cp database.yml.example database.yml root@kali:/usr/share/metasploit-framework/config# vi database.yml root@kali:/usr/share/metasploit-framework/config# cat database.yml # Please only use postgresql bound to a TCP port. # Only postgresql is supportable for metasploit-framework # these days. (No SQLite, no MySQL). # # To set up a metasploit database, follow the directions hosted at: # http://r-7.co/MSF-DEV#set-up-postgresql development: &pgsql adapter: postgresql database: msf4 #主要改红色的这三个值 username: msf4 password: password host: localhost port: 5432 pool: 5 timeout: 5 # You will often want to seperate your databases between dev # mode and prod mode. Absent a production db, though, defaulting # to dev is pretty sensible for many developer-users. production: &production <<: *pgsql # Warning: The database defined as "test" will be erased and # re-generated from your development database when you run "rake". # Do not set this db to the same as development or production. # # Note also, sqlite3 is totally unsupported by Metasploit now. test: <<: *pgsql database: metasploit_framework_test username: metasploit_framework_test password: ___________________________
重新执行msfconsole即可直接链接数据库
root@kali:~# msfconsole ### ### msf > db_status [*] postgresql connected to msf4 msf > search CVE-2015-0311 Matching Modules ================ Name Disclosure Date Rank Description ---- --------------- ---- ----------- exploit/multi/browser/adobe_flash_uncompress_zlib_uaf 2014-04-28 great Adobe Flash Player ByteArray UncompressViaZlibVariant Use After Free msf >
5. . .
之前遇到过填database.yml内容无效的版本,是通过在用户的家目录下创建配置文件完成的,等遇到类似的再补充。
若未特殊声明,本博客内容均为作者原创并首发于博客园。欢迎转载,但转载后必须在明显位置给出作者以及原文链接,否则保留追究法律责任的权利。