Introduction
Metasploit is one important framework which
is used by many penetration testers for exploiting vulnerabilities found during
a security testing project. Most of the times it becomes difficult for a
penetration tester to maintain asset information, the services running and various
vulnerabilities associated with them. Also, most organisations require you to provide
logs during the assignment, for instance the commands that were executed for
finding vulnerabilities and how those vulnerabilities were exploited by the
tester. In order to help my fellow penetration testers with such daunting tasks,
I am writing this article on Metasploit. Hoping to ease some of your work.
Let’s start.
Section1: Setting Up the Database in Metasploit
Since we are working with database along with Metasploit it becomes important to setup some kind of database. PostgreSQL is the default database supported by the Metasploit framework. So before starting Metasploit it is important to initiate the PostgreSQL database where our all data will be stored while using Metasploit.
Let’s start the PostgreSQL database
service:
This command initiates service for PostgreSQL
database.
Command: service postgresql start
Figure
1: Starting the POSTGRESQL Database
Next command checks whether the service is running.
PostgreSQL is a Relational Database
Management System (RDBMS). So now we need to create a database named ‘msfdb‘ which will, by default, be associated with the Metasploit
framework.
Command: msfdb init
Figure
2: Create msfdb Database
We can now check for the database files
(database.yml and database.yml.example) by visiting the path
(/usr/share/metasploit-framework/config/).
Figure
3: Database Files
Now let us check whether the database
‘msfdb’ is associated with Metasploit or not. We can perform this activity by
opening Metasploit terminal and checking the status of the database.
Command: db_status
Figure
4: Checking the Status of Database
As you will notice in Figure 4, postgresql
is now connected to Metasploit-framework (msf).
Note: In case the database is not getting associated with Metasploit for
any technical reasons, you will get a ‘no-connection’ error as shown in the
figure below.
Figure
5: Error in association of 'msfdb' with the Metasploit-framework
In such cases you need to recheck the steps
performed as per the commands mentioned until now in this documentation.
Section 2: Database Commands
Now that we are connected to the database, let me show you some commands that we will be using in this article.
Command: help database
Figure
6: Database Commands
Section 3: Using Workspace Commands
Workspaces are normally used by pen-testers
to save scans from the different locations/networks/subnets. This helps keeping
information separate and avoids confusion.
Command: workspace – h
Figure
7: Workspace Help File
Note:
By default, Metasploit creates ‘default’
workspace. ‘*’ denotes current selected workspace we are working with.
Command: workspace
Figure
8: ‘Default’ Workspace
Command: For workspace
Figure
9: Various Workspace Commands
Refer to further Parts for more information!
