Exporting and Importing Data
You can export data from a project to back up and create archives of collected data. When you export a project, its contents are copied and saved to a file that can be imported into other projects or shared with other instances of Metasploit.
Exporting Data from a Workspace
From the Pro Console, you can export the following:
- XML export - An XML file that contains the attributes for most of the objects in a project and can be imported into another project. XML exports are particularly useful if you have a data set that you want to reuse in another project or share with another instance of Metasploit. For example, you can export an XML of project data if you want to reuse the scan data from a particular project.
XML exports do not include any looted files, task logs, or reports.
- PWDump - A text file that contains all of the credentials for a project, including plaintext passwords, SMB hashes, and SSH keys. Credentials can be masked to enumerate user names only.
- CSV - A CSV file that contains the contents for a particular table in the database, such as the hosts table or credentials table. CSV files can be exported from the command line for reporting purposes, but cannot be imported back into a project.
Exporting a Workspace
The db_export
command enables you to export the project to an XML file. To export a project, use the following syntax:
1msf-pro > db_export -f xml -a /path/to/export-name.xml
Where the -f
option specifies the file type and the -a
option defines the file path and file name.
For example, if you want to export a project to the Documents directory and name the file 'project-export', you can run the following:
1msf-pro > db_export -f xml -a /home/john/Documents/project.export.xml
Exporting a PWDump
A PWDump is a text file that contains all of the credentials for a project, including plaintext passwords, SMB hashes, and SSH keys. You can export a PWDump file to perform offline password cracking with a tool like John the Ripper.
Only credentials that have logins are exported in a PWDump. If a credential does not have a related login, it is not included in the exported file.
To export a PWDump file, use the following syntax:
1msf-pro > db_export -f <format> -a /path/to/pwdump.txt
Where the -f
option specifies the file type and the -a
option defines the file path and file name.
For example, if you want to export a PWDump from a project and name it 'project-pwdump', you can run the following:
1msf-pro > db_export -f pwdump -a /home/john/Documents/project-dump.txt
Exporting a CSV from the Hosts, Services, and Credentials Tables
From the console, you can export data from the hosts, services, and credentials tables to a CSV file. To do this, add the -o
option and the output file path and name to the hosts
, services
, and creds
commands.
To export a CSV, use the following syntax:
1msf-pro > services -o /path/to/export-file.csv
By default, if you do not specify any additional options, all columns from the table are exported. To specify the columns you want to export, you can supply the -c
option to export a specific column from the table.
1msf-pro > services -c name,proto,state -o /path/to/export-file.csv
To view the columns that are available for a particular table, use the -h
option.
1msf-pro > services -h23Available columns: created_at, info, name, port, proto, state, updated_at
Exporting Hosts Example
1msf-pro > hosts -c address,arch,os_flavor -o /path/to/export-file.csv
Exporting Services Example
1msf-pro > services -c name,proto,state -o /path/to/export-file.csv
Exporting Credentials Example
1msf-pro > creds -c name,proto,state -o /path/to/export-file.cs
Importing Data
You can import ZIP, XML, and PWDump files into a project.
To import data into a project, you use the db_import
command as shown below:
1msf-pro > db_import /path/to/file
For example, to import an XML file located in the Documents directory, you can run the following:
1msf-pro > db_import /home/john/Documents/export.xml
The data is imported into the current project. After the results are imported, you have these commands to view and manage the imported data. Each command also has a set of options that you can see with -h
:
creds
hosts
loot
notes
services
vulns
For example, if you want to view all the hosts that were imported, you can run the following:
1msf-pro > hosts23Hosts4=====5addresss mac name os_name os_flavor os_sp purpose info comments6======== === ==== ======= ========= ===== ======= ==== ========7192.168.0.18192.168.0.2