Metasploit Database – Speed up Your Searches Already

I wanted to share a shorter post this week on setting up the Metasploit database.

Metasploit Database - Introduction

I'm still working on finishing up some vulnserver write-ups, but wanted to continue posting in the meantime.

If you've never setup the Metasploit database, then here is a quick and helpful walkthrough!

Note that you can use the database for a lot more than just speeding up your searches. I've found it invaluable during engagements for various loot and credentials as well.

Also, you can check this post for another write-up, if you don't want to read mine.

Creating the Database

First, you will know that your database is not created/connected if you get output similar to the following.

msf > search ms09_002
[!] Module database cache not built yet, using slow search
^C[-] search: Interrupted

To build the initial database, run the msfdb init command.

msf > msfdb init
[*] exec: msfdb init

[i] Database already started
[+] Creating database user 'msf'
[+] Creating databases 'msf'
[+] Creating databases 'msf_test'
[+] Creating configuration file '/usr/share/metasploit-framework/config/database.yml'
[+] Creating initial database schema

Database Connection

Once you've created the database, you can connect using the db_connect command. Note that you can use the db_status command at any time, to check the status of the database.

As you can see from the previous command, Metasploit places the default configuration file at '/usr/share/metasploit-framework/config/database.yml'.

msf > db_connect
[*]    Usage: db_connect <user:pass>@<host:port>/
[*]       OR: db_connect -y [path/to/database.yml]
[*] Examples:
[*]        db_connect user@metasploit3
[*]        db_connect user:pass@192.168.0.2/metasploit3
[*]        db_connect user:pass@192.168.0.2:1500/metasploit3
msf > db_status
[*] postgresql selected, no connection
msf > db_connect -y /usr/share/metasploit-framework/config/database.yml
[*] Rebuilding the module cache in the background...
msf > db_status
[*] postgresql connected to msf

Also, once Metasploit connects to the database, you can rebuild the module cache using the following command.

msf > db_rebuild_cache

Reconnecting

After the initial configuration, postgres will usually not start at boot time for a default Kali install. If this is the case, you will likely see the following messages.

root@kali:~/vulnserver# msfconsole
[-] Failed to connect to the database: could not connect to server: Connection refused
	Is the server running on host "localhost" (::1) and accepting
	TCP/IP connections on port 5432?
could not connect to server: Connection refused
	Is the server running on host "localhost" (127.0.0.1) and accepting
	TCP/IP connections on port 5432?

In this case, you can restart the postgres server, and configure it to start automatically.

root@kali:~/vulnserver# service postgresql start
root@kali:~/vulnserver#
root@kali:~/vulnserver# update-rc.d postgresql enable

With the database running and connected, searching for specific modules will be much quicker!

msf > search ms09_002

Matching Modules
================

   Name                                                Disclosure Date  Rank    Check  Description
   ----                                                ---------------  ----    -----  -----------
   exploit/windows/browser/ms09_002_memory_corruption  2009-02-10       normal  No     MS09-002 Microsoft Internet Explorer 7 CFunctionPointer Uninitialized Memory Corruption

Metasploit Database - Conclusion

I know this was a shorter post, but I'm still catching up on plenty of other non-blog related things. That, and I was also hosting a Bourbon Bonanza this weekend!

Metasploit Database - Bourbon Bonanza

That said, I'm hoping to write-up some more vulnserver exploits soon as well.

Other than that, stay tuned for my 2019 conference talk schedule!

doyler on Githubdoyler on Twitter
doyler
Ray Doyle is an avid pentester/security enthusiast/beer connoisseur who has worked in IT for almost 16 years now. From building machines and the software on them, to breaking into them and tearing it all down; he's done it all. To show for it, he has obtained an OSCE, OSCP, eCPPT, GXPN, eWPT, eWPTX, SLAE, eMAPT, Security+, ICAgile CP, ITIL v3 Foundation, and even a sabermetrics certification!

He currently serves as a Senior Penetration tester for Avalara, and his previous position was a Principal Penetration Testing Consultant for Secureworks.

When he's not figuring out what cert to get next or side project to work on, he enjoys playing video games, traveling, and watching sports.

Leave a Comment

Filed under Security Not Included

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.