Page 1 of 3 123 LastLast
Results 1 to 10 of 25

Thread: auto_pwn and db_destroy confusion

  1. #1
    Member
    Join Date
    May 2006
    Posts
    119

    Default auto_pwn and db_destroy confusion

    using db_nmap [targets] populates the postgres database with hosts. Okay, great. Now after I "db_destroy" then reconnect later, those hosts are still listed. Is there a way to permanently destroy the hosts listed in the postgres database?

    auto_pwn seems to work fine, but I get no listings when I do:

    db_vulns

    is that normal?

    And what does "pwn" stand for anyway?

    I told you I was a newbie!

    Thanks in advance.

  2. #2
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    What was the full command you used for db_destroy?

    Is there anything in db_services?
    What does "db_autopwn -t" return?

    And what does "pwn" stand for anyway?
    This this a serious question or a joke? Anyway......."pwn" = "own"
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  3. #3
    Member
    Join Date
    May 2006
    Posts
    119

    Default

    This is what db_autopwn -t returns

    Analysis completed in 7.71447682380676 seconds (0 vulns / 0 refs)
    msf > db_hosts[*] Host: 192.168.1.1[*] Host: 192.168.1.102[*] Host: 192.168.1.217[*] Host: 10.0.1.1

  4. #4
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default

    From the u833rl33t h4x0r dictionary;

    "You've been PWN'd" - To own a network or Computer;To complete a successful hack

  5. #5
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    Quote Originally Posted by bulgin View Post
    This is what db_autopwn -t returns

    Analysis completed in 7.71447682380676 seconds (0 vulns / 0 refs)
    msf > db_hosts[*] Host: 192.168.1.1[*] Host: 192.168.1.102[*] Host: 192.168.1.217[*] Host: 10.0.1.1
    OK that's one of two questions answered.

    What was the full command you used for db_destroy?

    Is there anything in db_services?
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  6. #6
    Member
    Join Date
    May 2006
    Posts
    119

    Default

    full command for db_destory is just:

    db_destroy

    here is the output from db_services and db_vulns:

    msf > db_services[*] Service: host=192.168.1.100 port=22 proto=tcp

    state=up name=ssh[*] Service: host=192.168.1.100 port=23

    proto=tcp<p> state=up name=telnet[*] Service: host=192.168.1.100

    port=53 proto=tcp state=up name=domain[*] Service:

    host=192.168.1.100<p> port=80 proto=tcp state=up name=http[*]

    Service: host=192.168.1.219 port=631 proto=tcp state=up

    name=ipp[*]<p> Service: host=192.168.1.102 port=135 proto=tcp

    state=up name=msrpc[*] Service: host=192.168.1.102 port=139

    proto=tcp state=up name=netbios-ssn[*] Service: host=192.168.1.102

    port=445 proto=tcp state=up


    name=microsoft-ds[*] Service: host=192.168.1.100 port=22 proto=tcp

    state=up name=ssh[*] Service: host=192.168.1.100 port=23 proto=tcp

    state=up name=telnet[*] Service: host=192.168.1.100 port=53 proto=tcp

    state=up name=domain[*] Service: host=192.168.1.100 port=80

    proto=tcp state=up name=http[*] Service: host=192.168.1.219 port=631

    proto=tcp state=up name=ipp[*] Service: host=192.168.1.102 port=135

    proto=tcp state=up name=msrpc[*] Service: host=192.168.1.102

    port=139 proto=tcp state=up name=netbios-ssn[*] Service:

    host=192.168.1.102 port=445 proto=tcp state=up name=microsoft-ds


    name=snet-sensor-mgmt

    msf > db_vulns
    msf >

  7. #7
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    Ok now we're getting somewhere.

    For db_destroy you have to actually tell it what to destroy, ie:
    db_destroy root:mydbpass@localhost/metasploit

    Would result in:
    Database "metasploit" dropped

    Next, you identified a bunch of services so that part is working correctly. But none of the services were vulnerable to any of the exploits within Metasploit, hence db_vulns is empty.
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  8. #8
    Member
    Join Date
    May 2006
    Posts
    119

    Default

    Thorin -- thank you for your reply. I'm using the start-db_autopwn script provided in BT2. It seems to do everything automatically so:

    1) it doesn't tell me the name of the database and,
    2) nor does it divulge the password.

    I thought that would be the problem but not knowing the database name nor password or at least BT2 start-db_autopwn script not divulging it doesn't help me troubleshoot.

    Would you know the database name it creates and the password it sets? Okay, i guess the database name is db_postgres... but password?

  9. #9
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    Sorry I don't have access to a BT installation to test right now. I'm sure all the details are in the scripts. You could probably also just re-run the script that setup the DB in the first place. Of course if you're using the LiveCD everything will be reset during reboot.
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  10. #10
    Member
    Join Date
    May 2006
    Posts
    119

    Default

    Well I looked at the script for

    start-db_autopwn these are the contents. There is nothing in there about creating a password. Sorry, I'm stupid about this stuff but can manage if I get a few pointers. It looks to me like it's creating a database called metasploit3, but if that's the case then why, once connected, are we supposed to type in load db_postgres? Or is postgres NOT the name of the database created but rather a generic postgres command to connect to ANY database?


    sudo -u postgres initdb /home/postgres/metasploit3
    sudo -u postgres pg_ctl -D /home/postgres/metasploit3 start
    clear
    echo "[************************************************** ************]"
    echo "[*] Postgres should be setup now. To run db_autopwn, please:"
    echo "[*] # su - postgres"
    echo "[*] # cd /pentest/exploits/framework3"
    echo "{*] # ./msfconsole"
    echo "[*] msf> load db_postgres"
    echo "[************************************************** ************]"

Page 1 of 3 123 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •