Kali下Metasploit自动连接postgresql

1. 启动postgresql

root@kali:~# service postgresql start

2. 设置用户与数据库

root@kali:~# su postgres
postgres@kali:/root$ createuser msf4 -P
Enter password for new role:
Enter it again:
postgres@kali:/root$ createdb --owner=msf4 msf4

postgres@kali:/root$ exit

exit

root@kali:~#

3. 测试数据库连接状态

root@kali:~# msfconsole
### ###
msf > db_connect msf4:password@localhost/msf4
[*] Rebuilding the module cache in the background...
msf > db_status
[*] postgresql connected to msf4
msf > search 2015-0531
[!] Module database cache not built yet, using slow search #这里要稍等一下才会正常,可以考虑关闭应用重启一下
msf >

4. 设置自动连接

自动连接可以通过配置文件 /usr/share/metasploit-framework/config/database.yml 完成,内容可以通过复制database.yml.example并修改内容来完成设置。

root@kali:/usr/share/metasploit-framework/config# cp database.yml.example database.yml
root@kali:/usr/share/metasploit-framework/config# vi database.yml
root@kali:/usr/share/metasploit-framework/config# cat database.yml
# Please only use postgresql bound to a TCP port.
# Only postgresql is supportable for metasploit-framework
# these days. (No SQLite, no MySQL).
#
# To set up a metasploit database, follow the directions hosted at:
# http://r-7.co/MSF-DEV#set-up-postgresql
development: &pgsql
adapter: postgresql
database: msf4 #主要改红色的这三个值
username: msf4
password: password
host: localhost
port: 5432
pool: 5
timeout: 5
# You will often want to seperate your databases between dev
# mode and prod mode. Absent a production db, though, defaulting
# to dev is pretty sensible for many developer-users.
production: &production
<<: *pgsql
# Warning: The database defined as "test" will be erased and
# re-generated from your development database when you run "rake".
# Do not set this db to the same as development or production.
#
# Note also, sqlite3 is totally unsupported by Metasploit now.
test:
<<: *pgsql
database: metasploit_framework_test
username: metasploit_framework_test
password: ___________________________

重新执行msfconsole即可直接链接数据库

root@kali:~# msfconsole
### ###
msf > db_status
[*] postgresql connected to msf4
msf > search CVE-2015-0311
Matching Modules
================
Name Disclosure Date Rank Description
---- --------------- ---- -----------
exploit/multi/browser/adobe_flash_uncompress_zlib_uaf 2014-04-28 great Adobe Flash Player ByteArray UncompressViaZlibVariant Use After Free
msf >

5. . .

之前遇到过填database.yml内容无效的版本,是通过在用户的家目录下创建配置文件完成的,等遇到类似的再补充。

posted @ 2016-02-17 21:53  Sarshes  阅读(1224)  评论(0编辑  收藏  举报