Metasploit db_autopwn using PostgreSQL
Now I've been reading on the Metasploit site and it seems to me that a lot of users have been having issues using db_autopwn. The most common problem would be that some exploits work manually but fail with autopwn or it fails to create a reverse shell or bind shell.
I've had that problem too but figured out how to solve it, seems like there's something wrong with the sqlite3. (Read this from the metasploit issue site) so now I will show you how to use PostgreSQL for autopwn.
Ok so after you install postgreSQL (it is installed by default in Backtrack) we need to configure it a little.
The first thing you will realise is that if you try to start it using:
Code:
/etc/init.d/postgresql-8.3 start (8.3 is the vesrion might be different in your case)
it gives you an error:
Code:
The PostgreSQL server failed to start. Please check the log output:
2008-03-24 18:46:11 CDT FATAL: could not load server certificate file "server.crt": No such file or directory
[fail]
To solve this issue all you have to do is disable SSL from the postgres.conf file:
Code:
kate /etc/postgresql/8.3/main/postgresql.conf
Just comment the line "ssl = true # (change requires restart)" like this:
Code:
# - Security and Authentication -
#authentication_timeout = 1min # 1s-600s
#ssl = true # (change requires restart)
#ssl_ciphers = 'ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH' # allowed SSL ciphers
# (change requires restart)
#password_encryption = on
#db_user_namespace = off
Now that we've done that let's connect to our postgreSQL and change the password:
Code:
sudo su postgres -c psql
ALTER USER postgres WITH PASSWORD 'your password';
\q
sudo passwd -d postgres
sudo su postgres -c passwd
Now enter the same password that you used previously('your password').
After doing so we go to our framework folder:
Code:
cd /pentest/exploits/framework3
./msfconsole
db_driver postgresql
db_connect postgres:"postgreSQL password"@127.0.0.1/metasploit ("metasploit" being the name of the database).
Now you can go use autopwn :D
Hope it helps someone.
P.S. Sorry if I have writing mistakes I wrote it very fast.
Re: Metasploit db_autopwn using PostgreSQL
Great write up, thanks! :)
Re: Metasploit db_autopwn using PostgreSQL
A+ worked for me! thank you sickness for the post :D
metasploit's msfconsole -- metasploit v3.4.1-dev [core:3.4 api:1.0] -- would output the following when attemtping to use sqlite3 ::
Code:
msf > db_driver sqlite3
[*] Using database driver sqlite3
msf > db_connect
[-] Note that sqlite is not supported due to numerous issues.
[-] It may work, but don't count on it
[*] Successfully connected to the database
[*] File: /root/.msf3/sqlite3.db
(bold+RED colored text is my emphasis)
using your directions above, has things looking good over here!
Re: Metasploit db_autopwn using PostgreSQL
Thanks for the writeup, but I have an issue:
msf> db_driver postgresql
[-] Invalid driver specified
it appears to only have sqlite. what do I have to do to add the postgres driver to msf?
did these already:
gem install pg
gem install postgres
gem install postgres-pr
do I have to recompile?
Re: Metasploit db_autopwn using PostgreSQL
Try reinstalling postgreSQL :P and do it again.
Re: Metasploit db_autopwn using PostgreSQL
I did a bunch of stuff:
rebuild the gems (this time from inside msf) <- got errors about ruby.h
drop include folder from the 1.9.1 sources in /opt/metasploit3/lib/ruby/
rebuild the gems
still didn't work, installed libpgsql-ruby
rebuild the gems
still failed:
exited all the terminals and restarted the console... <POOF> the postgres driver works.
Had to create the metasploit database from inside psql, but all seems fine now.
Re: Metasploit db_autopwn using PostgreSQL
I'm having similar problems. I can gem install postgres by itself, but that's not gonna work ;)
Here is the error I'm getting:
Code:
[*] exec: gem install postgres
Building native extensions. This could take a while...
ERROR: Error installing postgres:
ERROR: Failed to build gem native extension.
/opt/metasploit3/bin/ruby extconf.rb
extconf.rb:4:in `<main>': uninitialized constant PLATFORM (NameError)
Gem files will remain installed in /opt/metasploit3/lib/ruby/gems/1.9.1/gems/postgres-0.7.9.2008.01.28 for inspection.
Results logged to /opt/metasploit3/lib/ruby/gems/1.9.1/gems/postgres-0.7.9.2008.01.28/ext/gem_make.out
When trying to gem instal pg, I get this:
Code:
[*] exec: gem install pg
Building native extensions. This could take a while...
ERROR: Error installing pg:
ERROR: Failed to build gem native extension.
/opt/metasploit3/bin/ruby extconf.rb
mkmf.rb can't find header files for ruby at /opt/metasploit3/lib/ruby/include/ruby.h
Gem files will remain installed in /opt/metasploit3/lib/ruby/gems/1.9.1/gems/pg-0.9.0 for inspection.
Results logged to /opt/metasploit3/lib/ruby/gems/1.9.1/gems/pg-0.9.0/ext/gem_make.out
I've reinstalled postgresql and started from scratch, I've closed all my open shells and started with fresh ones, and I've restarted the system. I've googled a little bit and I've only found similar problems in OSX :|
Any ideas?
Re: Metasploit db_autopwn using PostgreSQL
Can you enter postgreSQL ?
If you can make the database manually and try again with metasploit O_o
Re: Metasploit db_autopwn using PostgreSQL
Very weird. 18436572's magic must of rubbed off on me. I literally stopped what I was doing, left and went to Walmart, came back with MSF still open and everything worked. :|
Re: Metasploit db_autopwn using PostgreSQL
Try the following...
Quote:
apt-get remove postgresql-8.3
apt-get install postgresql-8.3
ln –s /etc/init.d/postgresql-8-3 /etc/init.d/postgresq
cd /etc/ssl/certs
make-ssl-cert generate-default-snakeoil –force-overwrite
createuser –U postgres –P postgres
/etc/init.d/postgresql-8.3 restart
cd /pentest/exploits/framework3
./msfconsole
db_connect postgres : postgres@localhost
Let us know if that helps with the issues you guys are seeing...
