Problems trying to open up postgresql access to remote machines.
So I'm running backtrack 5. Postgresql is already installed, but I need to change the settings so that the server accepts connections from other machines (instead of only accepting connections on localhost).
This is what I've changed.
/opt/metasploit/postgresql/scripts/ctl.sh
added "-h 192.168.1.111" (without any quotes) to the POSTGRESQL_START variable. This is the IP of my backtrack VM.
/opt/metasploit/config/database.yml
Changed 'localhost' to '192.168.1.111' (with single quotes)
/opt/metasploit/postgresql/data/postgresql.conf
changed #listen_address from 'localhost' to 'localhost,192.168.1.111' (with single quotes)
/opt/metasploit/postgresql/data/pg_hba.conf
Added the following lines:
host all all 192.168.1.1/32 md5
host all all 192.168.1.111 md5
host all all 192.168.1.109 md5
192.168.1.1/32 didn't appear to work, so I explicitly added the backtrack box and the box I want to remotely access the database from.
So, the problem is when I start msfconsole (or teamserver) I get the error "Failed to connect to the database: could not connect to server: Connection refused." and then the question "Is the server running on host "192.168.1.111" and accepting TCP/IP connections on port 7337?"
Since I edited all of that and rebooted the machine before trying to open a console, I would think it should be. But apparently I did something wrong. Any ideas what that could be?
Thanks.
Charles.
Re: Problems trying to open up postgresql access to remote machines.
Okay, so I got it working. Apparently having 192.168.1.111 and localhost in the listen_address was causing a problem.
So current settings:
listen_address = "*"
local all all md5
host all all 127.0.0.1/32 md5
host all all 0.0.0.0/0 password
host all all ::1/128 md5
database.yml changes reverted
ctl.sh changes reverted
Metasploit works fine, and I can connect to the server remotely. However, I do not have any credentials to login with. The msf user role is not acceptable for logging in from a remote machine, and I do not know the default password for user postgres, so I cannot login as postgres unless I change the line in pg_hba.conf to "host all all 0.0.0.0/0 trust". And that's far from ideal, it leaves the database open to anyone who might come across it.
So, what's the default postgres password in backtrack 5 R2? (It's not toortoor)
Charles.
