En la nuevas actualizaciones de metasploit y backtrack el trabajar con metasploit y base de datos era muy sencillo y lo utilizaba para pasar los resultdos de NESSUS y NeXpose. Pero cone estas actualizaciones la manera de trabar es diferente, bueno solo al hacer la conexion y la destuccion de la base. Paso unos ejemplos de configuracion y uso:
Configuring Databases
msf > db_driver
[*] Active Driver: postgresql
[*] Available: postgresql, mysql, sqlite3
MYSQL
root@bt4:~# /etc/init.d/mysql start
Starting MySQL database server: mysqld.
Checking for corrupt, not cleanly closed and upgrade needing tables..
root@bt4:~#
msf > db_driver mysql
[*] Using database driver mysql
msf > db_connect
[*] Usage: db_connect @/
[*] OR: db_connect -y [path/to/database.yml]
[*] Examples:
[*] db_connect user@metasploit3
[*] db_connect user:pass@192.168.0.2/metasploit3
[*] db_connect user:pass@192.168.0.2:1500/metasploit3
msf > db_connect root:toor@127.0.0.1/msf3
**** Una vez terminando de usarla, destuirla o bien para empezar de nuevo ****
msf > db_destroy root:toor@127.0.0.1/msf3
Database "msf3" dropped
PostgreSQL
root@bt4:~# /etc/init.d/postgresql-8.3 start
Starting PostgreSQL 8.3 database server: mainThe PostgreSQL server failed to start. Please check the log output:
2010-11-23 08:18:57 MST FATAL: could not load server certificate file "server.crt": No such file or directory
failed!
root@bt4:~# apt-get install postgresql-backtrack-config
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer required:
libshishi0 shishi-common
Use 'apt-get autoremove' to remove them.
The following NEW packages will be installed:
postgresql-backtrack-config
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 6004B of archives.
After this operation, 0B of additional disk space will be used.
Get:1 http://archive.offensive-security.com pwnsauce/microverse postgresql-backtrack-config 8.3-bt0 [6004B]
Fetched 6004B in 0s (9282B/s)
Selecting previously deselected package postgresql-backtrack-config.
(Reading database ... 258288 files and directories currently installed.)
Unpacking postgresql-backtrack-config (from .../postgresql-backtrack-config_8.3-bt0_i386.deb) ...
Setting up postgresql-backtrack-config (8.3-bt0) ...
root@bt4:~# /etc/init.d/postgresql-8.3 start
Starting PostgreSQL 8.3 database server: main.
root@bt4:~#
msf > db_driver
[*] Active Driver: postgresql
[*] Available: postgresql, mysql, sqlite3
msf > db_connect postgres:toor@127.0.0.1/msf3
NOTICE: CREATE TABLE will create implicit sequence "hosts_id_seq" for serial column "hosts.id"
NOTICE: CREATE TABLE / PRIMARY KEY will create implicit index "hosts_pkey" for table "hosts"
NOTICE: CREATE TABLE will create implicit sequence "clients_id_seq" for serial column "clients.id"
NOTICE: CREATE TABLE / PRIMARY KEY will create implicit index "clients_pkey" for table "clients"
...snip...
NOTICE: CREATE TABLE / PRIMARY KEY will create implicit index "web_vulns_pkey" for table "web_vulns"
NOTICE: CREATE TABLE will create implicit sequence "imported_creds_id_seq" for serial column "imported_creds.id"
NOTICE: CREATE TABLE / PRIMARY KEY will create implicit index "imported_creds_pkey" for table "imported_creds"
**** Una vez terminando de usarla, destuirla o bien para empezar de nuevo ****
msf > db_destroy postgres:toor@127.0.0.1/msf3
[*] Warning: You will need to enter the password at the prompts below
Password:
Sqlite3
Podemos usar el sqlite3, puesto que este es con el que trabajabamos con anterioridad y es bastante facil de manipular.
msf > db_driver sqlite3
[*] Using database driver sqlite3
msf > db_connect
[-] Note that sqlite is not supported due to numerous issues.
[-] It may work, but don't count on it
[*] Successfully connected to the database
[*] File: /root/.msf3/sqlite3.db
msf > db_hosts
Hosts
=====
address address6 arch comm comments created_at info mac name os_flavor os_lang os_name os_sp purpose state updated_at svcs vulns workspace
------- ------- ----- ------- ----- ---------- ---- ----- ---------
No hay comentarios.:
Publicar un comentario