Results 1 to 6 of 6

Thread: BT5 + Metasploit + MySQL standalone server

Threaded View

  1. #1
    Senior Member fnord0's Avatar
    Join Date
    Jul 2008
    Posts
    144

    Thumbs up BT5 + Metasploit + MySQL standalone server

    metasploit on BT5 can be used out-of-the-box with MySQL by running "msfconsole" and then changing the database driver to mysql by issuing the 'db_driver mysql' command. the process looks like this ::
    Code:
    root@root:~# msfconsole
          [.......] ----SNIP---- [.......]
    msf > db_status
    [*] postgresql connected to msf3
    msf > db_driver mysql
    [*] Using database driver mysql
    msf > db_status
    [*] mysql connected to msf3
    the purpose of this tutorial is to explain howto setup a standalone mysql server on BT5, and have metasploit connect to it. this is how I am doing it (using ruby1.8 - I have been unsuccessful at getting this to work with ruby 1.9.2 that comes with backtrack5 at this time). later I will update this HOWTO with using rvm, which negates the requirement to switch ruby version manually ::

    here is all the commands that are required, then below this will be the commands + output for reference ::
    Code:
    apt-get install libmysqlclient-dev
    start mysql
    mysql -u root -p'toor'
    create database pwbv3;
    grant usage on *.* to root@localhost identified by 'pass123';
    grant all privileges on pwbv3.* to root@localhost;
    exit
    mysql -u root -p'pass123' pwbv3      ## just to verify u can connect to the mydsql db right
    quit
    update-alternatives --config ruby
    0                                 ## this will select ruby1.8 auto mode
    ruby -v                           ## this will verify you are running ruby 1.8.7
    gem install mysql
    ruby1.8 /pentest/exploits/framework3/msfconsole
    db_driver mysql
    db_connect root:pass123@127.0.0.1:3306/pwbv3
    db_status
    and here is the commands that you run above with the full output ::
    Code:
    root@root:~# apt-get install libmysqlclient-dev
    root@root:~# start mysql
    mysql start/running, process 3714
    
    root@root:~# mysql -u root -p'toor'
    Welcome to the MySQL monitor.  Commands end with ; or \g.
    Your MySQL connection id is 39
    Server version: 5.1.41-3ubuntu12.10 (Ubuntu)
    
    Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
    
    mysql> create database pwbv3;
    Query OK, 1 row affected (0.00 sec)
    
    mysql> grant usage on *.* to root@localhost identified by 'pass123';
    Query OK, 0 rows affected (0.00 sec)
    
    mysql> grant all privileges on pwbv3.* to root@localhost;
    Query OK, 0 rows affected (0.00 sec)
    
    mysql> exit
    Bye
    
    root@root:~# mysql -u root -p'pass123' pwbv3
    Welcome to the MySQL monitor.  Commands end with ; or \g.
    Your MySQL connection id is 41
    Server version: 5.1.41-3ubuntu12.10 (Ubuntu)
    
    Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
    
    mysql> quit
    Bye
    
    root@root:~# update-alternatives --config ruby
    There are 2 choices for the alternative ruby (providing /usr/bin/ruby).
    
      Selection    Path                Priority   Status
    ------------------------------------------------------------
      0            /usr/bin/ruby1.8     500       auto mode
      1            /usr/bin/ruby1.8     500       manual mode
    * 2            /usr/bin/ruby1.9.2   400       manual mode
    
    Press enter to keep the current choice[*], or type selection number: 0
    update-alternatives: using /usr/bin/ruby1.8 to provide /usr/bin/ruby (ruby) in auto mode.
    
    root@root:~# ruby -v
    ruby 1.8.7 (2010-01-10 patchlevel 249) [i486-linux]
    
    root@root:~# gem install mysql
    Building native extensions.  This could take a while...
    Successfully installed mysql-2.8.1
    1 gem installed
    Installing ri documentation for mysql-2.8.1...
    
    No definition for next_result
    
    No definition for field_name
    
    No definition for field_table
    
    No definition for field_def
    
    No definition for field_type
    
    No definition for field_length
    
    No definition for field_max_length
    
    No definition for field_flags
    
    No definition for field_decimals
    
    No definition for time_inspect
    
    No definition for time_to_s
    
    No definition for time_get_year
    
    No definition for time_get_month
    
    No definition for time_get_day
    
    No definition for time_get_hour
    
    No definition for time_get_minute
    
    No definition for time_get_second
    
    No definition for time_get_neg
    
    No definition for time_get_second_part
    
    No definition for time_set_year
    
    No definition for time_set_month
    
    No definition for time_set_day
    
    No definition for time_set_hour
    
    No definition for time_set_minute
    
    No definition for time_set_second
    
    No definition for time_set_neg
    
    No definition for time_set_second_part
    
    No definition for time_equal
    
    No definition for error_errno
    
    No definition for error_sqlstate
    Installing RDoc documentation for mysql-2.8.1...
    
    No definition for next_result
    
    No definition for field_name
    
    No definition for field_table
    
    No definition for field_def
    
    No definition for field_type
    
    No definition for field_length
    
    No definition for field_max_length
    
    No definition for field_flags
    
    No definition for field_decimals
    
    No definition for time_inspect
    
    No definition for time_to_s
    
    No definition for time_get_year
    
    No definition for time_get_month
    
    No definition for time_get_day
    
    No definition for time_get_hour
    
    No definition for time_get_minute
    
    No definition for time_get_second
    
    No definition for time_get_neg
    
    No definition for time_get_second_part
    
    No definition for time_set_year
    
    No definition for time_set_month
    
    No definition for time_set_day
    
    No definition for time_set_hour
    
    No definition for time_set_minute
    
    No definition for time_set_second
    
    No definition for time_set_neg
    
    No definition for time_set_second_part
    
    No definition for time_equal
    
    No definition for error_errno
    
    No definition for error_sqlstate
    
    root@root:~# ruby1.8 /pentest/exploits/framework3/msfconsole
    
                    _                  _       _ _                                                            
                   | |                | |     (_) |                                                           
     _ __ ___   ___| |_ __ _ ___ _ __ | | ___  _| |_                                                          
    | '_ ` _ \ / _ \ __/ _` / __| '_ \| |/ _ \| | __|                                                         
    | | | | | |  __/ || (_| \__ \ |_) | | (_) | | |_                                                          
    |_| |_| |_|\___|\__\__,_|___/ .__/|_|\___/|_|\__|                                                         
                                | |                                                                           
                                |_|                                                                           
                                                                                                              
    
           =[ metasploit v3.7.0-release [core:3.7 api:1.0]
    + -- --=[ 684 exploits - 355 auxiliary
    + -- --=[ 217 payloads - 27 encoders - 8 nops
    
    msf > db_driver mysql
    [*] Using database driver mysql
    msf > db_connect root:pass123@127.0.0.1:3306/pwbv3
    msf > db_status
    [*] mysql connected to pwbv3
    msf > db_nmap -sS -n 192.168.99.133
    [*] Nmap: Starting Nmap 5.51 ( http://nmap.org ) at 2011-05-13 17:13 EDT
    [*] Nmap: Nmap scan report for 192.168.99.133
    [*] Nmap: Host is up (0.00027s latency).
    [*] Nmap: Not shown: 998 closed ports
    [*] Nmap: PORT    STATE SERVICE
    [*] Nmap: 22/tcp  open  ssh
    [*] Nmap: 111/tcp open  rpcbind
    [*] Nmap: MAC Address: XX:XX:XX:XX:XX:XX (VMware)
    [*] Nmap: Nmap done: 1 IP address (1 host up) scanned in 1.29 seconds
    
    msf > db_hosts
    
    Hosts
    =====
    
    address         mac                name  os_name  os_flavor  os_sp  purpose  info  comments
    -------         ---                ----  -------  ---------  -----  -------  ----  --------
    192.168.99.133  XX:XX:XX:XX:XX:XX                                                  
    
    msf > exit
    Last edited by fnord0; 05-14-2011 at 03:50 AM.
    'see the fnords!'

Similar Threads

  1. Mysql / metasploit error
    By zimsabre in forum Beginners Forum
    Replies: 3
    Last Post: 08-05-2010, 11:37 AM
  2. Stuck on aufs 2-standalone.tree-29-20090518
    By Datenshi in forum OLD BackTrack 4 General Support
    Replies: 4
    Last Post: 11-22-2009, 02:18 AM
  3. mysql db_create error metasploit
    By hhmatt in forum OLD BT4beta Bugs and Fixes
    Replies: 5
    Last Post: 02-27-2009, 03:46 AM
  4. can not start mysql server
    By kieuanh in forum OLD Newbie Area
    Replies: 4
    Last Post: 09-08-2008, 08:36 AM
  5. Metasploit = mysql pen test
    By edges in forum OLD Newbie Area
    Replies: 5
    Last Post: 06-10-2008, 10:13 AM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •