Strona główna > Back Track 5, Metasploit > Installing Metasploit Framework + PostgreSQL Under VMware BackTrack 5

Installing Metasploit Framework + PostgreSQL Under VMware BackTrack 5

Installing Metasploit Framework + PostgreSQL Under VMware BackTrack 5

I’ve just installed the new and improved BackTrack 5 in VMware. As always, i made an apt-get update && apt-get dist-upgrade -y and after that a msfupdate.I launched Metasploit framework, and was about to start postgresql when i realized that BT 5 is with MySQL.

I created a workaround script, its not pretty but it works. You will need the following packages installed before running the script:

apt-get install postgresql-client libpq-dev

Copy the script into a file e.g script.sh,

chmod +x script.sh, ./script.sh

The commands (script.sh ) I used was:

#!/bin/sh

## Kill database process
echo "Killing database process .."
kill $(pgrep postgres) > /dev/null 2>&1

## replace the md5 auth with trust for local ipv4 connections
echo "Allowing all local IPV4 connections .."
cp /opt/framework3/postgresql/data/pg_hba.conf /opt/framework3/postgresql/data/pg_hba.conf.bak
cat /opt/framework3/postgresql/data/pg_hba.conf | sed -e 's/host all all 127.0.0.1\/32 md5/host all all 127.0.0.1\/32 trust/' > /opt/framework3/postgresql/data/tmp.conf
mv /opt/framework3/postgresql/data/tmp.conf /opt/framework3/postgresql/data/pg_hba.conf

## restart postgres server (only necessary during this process, on reboot it will start automatically)
echo "Restarting postgres server (only necessary during this process, on reboot it will start automatically) .."
su postgres -c "/opt/framework3/postgresql/bin/postgres -D /opt/framework3/postgresql/data -p 7175 &"
# wait for server to start
sleep 5

## Now we can access via psql we can change user for database
echo "Changing postgres user postgres's password to 'postgres_password' .."
su postgres -c "psql -h 127.0.0.1 -p 7175 -c \"ALTER USER postgres WITH PASSWORD 'postgres_password'\";" > /dev/null 2>&1

## Create a database for usage with msf
echo "Creating database 'msf_db' for use with metasploit .."
su postgres -c "psql -h 127.0.0.1 -p 7175 -c \"CREATE DATABASE msf_db\";" > /dev/null 2>&1

## change back to md5 auth
echo "Changing back to md5 auth .."
cat /opt/framework3/postgresql/data/pg_hba.conf | sed -e 's/host all all 127.0.0.1\/32 trust/host all all 127.0.0.1\/32 md5/' > /opt/framework3/postgresql/data/tmp.conf
mv /opt/framework3/postgresql/data/tmp.conf /opt/framework3/postgresql/data/pg_hba.conf

###############################

## msfconsole

## change ruby version
echo "##################################"
echo "Changing Ruby version - please choose the '0' option .."
echo "##################################"
update-alternatives --config ruby

## install postgres gem
gem install postgres

# go into msfconsole and choose the db_driver
echo "Updating msf .."
/opt/framework3/msf3/msfupdate

echo
echo "#################################################"
echo "starting msfconsole .."
echo "#################################################"

/opt/framework3/msf3/msfconsole
Result of the script

root@bt:/opt/framework3# ./script.sh
Killing database process ..
Allowing all local IPV4 connections ..
Restarting postgres server (only necessary during this process, on reboot it will start automatically) ..
FATAL:  bogus data in lock file „postmaster.pid”: „”
Changing postgres user postgres’s password to ‚postgres_password’ ..
Creating database ‚msf_db’ for use with metasploit ..
Changing back to md5 auth ..
##################################
Changing Ruby version – please choose the ‚0’ option ..
##################################
There are 2 choices for the alternative ruby (providing /usr/bin/ruby).

  Selection    Path                Priority   Status
————————————————————
  0            /usr/bin/ruby1.8     500       auto mode
  1            /usr/bin/ruby1.8     500       manual mode
* 2            /usr/bin/ruby1.9.2   400       manual mode

Press enter to keep the current choice[*], or type selection number: 0
update-alternatives: using /usr/bin/ruby1.8 to provide /usr/bin/ruby (ruby) in auto mode.
Building native extensions.  This could take a while…
—————————————————————————

This is an old, deprecated version of the Ruby PostgreSQL driver that hasn’t
been maintained or supported since early 2008.

You should install/require ‚pg’ instead.

If you need the ‚postgres’ gem for legacy code that can’t be converted, you can
still install it using an explicit version, like so:

  gem install postgres -v ‚0.7.9.2008.01.28’
  gem uninstall postgres -v ‚>0.7.9.2008.01.28’

If you have any questions, the nice folks in the Google group can help:

  http://goo.gl/OjOPP / ruby-pg@googlegroups.com

—————————————————————————
Successfully installed pg-0.13.2
Successfully installed postgres-0.8.1
2 gems installed
Installing ri documentation for pg-0.13.2…

Enclosing class/module ‚rb_mPG’ for class Connection not known

Enclosing class/module ‚rb_mPG’ for class Result not known
Installing ri documentation for postgres-0.8.1…
Installing RDoc documentation for pg-0.13.2…

Enclosing class/module ‚rb_mPG’ for class Connection not known

Enclosing class/module ‚rb_mPG’ for class Result not known
Installing RDoc documentation for postgres-0.8.1…
Updating msf ..
[*]
[*] Attempting to update the Metasploit Framework…
[*]

A    external/source/armitage
A    external/source/armitage/lib
A    external/source/armitage/lib/postgresql-9.1-901.jdbc4.jar
A    external/source/armitage/lib/sleep.jar
A    external/source/armitage/lib/msgpack-0.5.1-devel.jar
A    external/source/armitage/lib/jgraphx.jar
A    external/source/armitage/scripts
A    external/source/armitage/scripts/tokens.sl
A    external/source/armitage/scripts/server.sl
A    external/source/armitage/scripts/shell.sl
A    external/source/armitage/scripts/modules.sl
A    external/source/armitage/scripts/targets.sl

………………………………………………………………..

##################################################
starting msfconsole ..
##################################################

Call trans opt: received. 2-19-98 13:24:18 REC:Loc

Trace program: running

wake up, Neo…
the matrix has you
follow the white rabbit.

knock, knock, Neo.

(`.         ,-,
` `.    ,;’ /
`.  ,’/ .’
`. X /.’
.-;–”–.._` ` (
.’            /   `
,           ` ‚   Q ‚
,         ,   `._    \
,.|         ‚     `-.;_’
:  . `  ;    `  ` –,.._;
‚ `    ,   )   .’
`._ ,  ‚   /_
; ,”-,;’ „-
„-..__„–`

=[ metasploit v4.4.0-dev [core:4.4 api:1.0]
+ — –=[ 843 exploits – 471 auxiliary – 142 post
+ — –=[ 250 payloads – 27 encoders – 8 nops
=[ svn r15247 updated 5 days ago (2012.05.03)

msf > db_status
[*] postgresql selected, no connection
msf > db_connect postgres:postgres_password@127.0.0.1:7175/msf_db

msf > db_status
[*] postgresql connected to msf_db

Reklamy
  1. Brak komentarzy.
  1. No trackbacks yet.

Skomentuj

Wprowadź swoje dane lub kliknij jedną z tych ikon, aby się zalogować:

Logo WordPress.com

Komentujesz korzystając z konta WordPress.com. Wyloguj / Zmień )

Zdjęcie z Twittera

Komentujesz korzystając z konta Twitter. Wyloguj / Zmień )

Zdjęcie na Facebooku

Komentujesz korzystając z konta Facebook. Wyloguj / Zmień )

Zdjęcie na Google+

Komentujesz korzystając z konta Google+. Wyloguj / Zmień )

Connecting to %s

%d blogerów lubi to: