Advice: Getting data out of Metasploit DB

[Quartercask]

Morning

I would really appreciate some advice as to the best way to get data out of Metasploit? I have some really useful data in it which I can get to using the db_hosts, etc. but now I need to take it out to reformat for a report.

I know there's an export, but it doesn't export all information. I'd really appreciate someone with more experience explainng what approach he/she takes, etc. / any help.

Regards

[Renek]

It isn't a matter of getting the data out of Metasploit, it's a matter of getting the data out of your database. Just go open up your database outside of Metasploit and have at it.

[thorin]

Learn SQL.

[Quartercask]

Thanks for the really unhelpful response.

I know I can take the database and query it directly - that goes without saying. What I was asking for was anything that's already in place to make life quick and easy, just like Metasploit. This is supposed to be a beginners forum so you shouldn't be surprised by questions like this.

[Archangel-Amael]

I would suggest you check out the metasploit unleashed documentation. There is plenty of info on how to work with the info in the db's you create.

[thorin]

Thanks for the really unhelpful response.

I know I can take the database and query it directly - that goes without saying. What I was asking for was anything that's already in place to make life quick and easy, just like Metasploit. This is supposed to be a beginners forum so you shouldn't be surprised by questions like this.

I wasn't surprised hence my answer. Learning SQL to pull info directly from the DB seems like the easiest solution, then you can do exactly what you want with it.

I'm not really sure how you expect to get data out of the DB if you don't want to use SQL. Perhaps you're looking for another GUI that can manipulate it, I dunno.

You could simply work with the raw tool output files (i.e.: the files from nmap, etc) with any number of open source and public tools (check google) or use python (or similar) to write your own parser.

Without knowing what data you have, what data you need, and in what format you need it we're not really in a good position to offer anything more complete.

As the lack of details currently stand I'll suggest that perhaps Armitage could help you.....but that's a shot in the dark.

[Quartercask]

Thanks, I appreciate the suggestions.

I've since found I can query mysql direct from BT so problem solved.

Thanks again

[Kx499]

I have used iReports (http://jasperforge.org) in the past, part of the jasperserver and jasperreports software. I stumbled on it from using OSSIM, they use it to report from the MySQL db that they use. I've always wanted to play around with creating some reports from the Metasploit DB, but never have had the time to do it. You should be able to install iReports without the jasperServer to create and export reports.

If you are so inclined to do so, give it a shot and let me know how it works....

[Puertorock]

This site may help some one http://en.wikibooks.org/wiki/Metasploit/UsingMetasploit

Also dont forget to install phpmyadmin

apt-get install phpmyadmin
choose apache2

/etc/init.d/apache2 start

/etc/init.d/mysql start
127.0.0.1/phpmyadmin on your browser and login
login root
pass toor
To access you database (Metasploit)
you can do all this from command which i recommend...(Plain Fun)