Exporting and Importing Data

You can export data from a project to back up and create archives of collected data. When you export a project, its contents are copied and saved to a file that can be imported into other projects or shared with other instances of Metasploit.

Exporting Data from a Workspace

From the Pro Console, you can export the following:

  • XML export - An XML file that contains the attributes for most of the objects in a project and can be imported into another project. XML exports are particularly useful if you have a data set that you want to reuse in another project or share with another instance of Metasploit. For example, you can export an XML of project data if you want to reuse the scan data from a particular project.

XML exports do not include any looted files, task logs, or reports.

  • PWDump - A text file that contains all of the credentials for a project, including plaintext passwords, SMB hashes, and SSH keys. Credentials can be masked to enumerate user names only.
  • CSV - A CSV file that contains the contents for a particular table in the database, such as the hosts table or credentials table. CSV files can be exported from the command line for reporting purposes, but cannot be imported back into a project.

Exporting a Workspace

The db_export command enables you to export the project to an XML file. To export a project, use the following syntax:

1
msf-pro > db_export -f xml -a /path/to/export-name.xml

Where the -f option specifies the file type and the -a option defines the file path and file name.

For example, if you want to export a project to the Documents directory and name the file 'project-export', you can run the following:

1
msf-pro > db_export -f xml -a /home/john/Documents/project.export.xml

Exporting a PWDump

A PWDump is a text file that contains all of the credentials for a project, including plaintext passwords, SMB hashes, and SSH keys. You can export a PWDump file to perform offline password cracking with a tool like John the Ripper.

Only credentials that have logins are exported in a PWDump. If a credential does not have a related login, it is not included in the exported file.

To export a PWDump file, use the following syntax:

1
msf-pro > db_export -f <format> -a /path/to/pwdump.txt

Where the -f option specifies the file type and the -a option defines the file path and file name.

For example, if you want to export a PWDump from a project and name it 'project-pwdump', you can run the following:

1
msf-pro > db_export -f pwdump -a /home/john/Documents/project-dump.txt

Exporting a CSV from the Hosts, Services, and Credentials Tables

From the console, you can export data from the hosts, services, and credentials tables to a CSV file. To do this, add the -o option and the output file path and name to the hosts, services, and creds commands.

To export a CSV, use the following syntax:

1
msf-pro > services -o /path/to/export-file.csv

By default, if you do not specify any additional options, all columns from the table are exported. To specify the columns you want to export, you can supply the -c option to export a specific column from the table.

1
msf-pro > services -c name,proto,state -o /path/to/export-file.csv

To view the columns that are available for a particular table, use the -h option.

1
msf-pro > services -h
2
3
Available columns: created_at, info, name, port, proto, state, updated_at

Exporting Hosts Example

1
msf-pro > hosts -c address,arch,os_flavor -o /path/to/export-file.csv

Exporting Services Example

1
msf-pro > services -c name,proto,state -o /path/to/export-file.csv

Exporting Credentials Example

1
msf-pro > creds -c name,proto,state -o /path/to/export-file.cs

Importing Data

You can import ZIP, XML, and PWDump files into a project.

To import data into a project, you use the db_import command as shown below:

1
msf-pro > db_import /path/to/file

For example, to import an XML file located in the Documents directory, you can run the following:

1
msf-pro > db_import /home/john/Documents/export.xml

The data is imported into the current project. After the results are imported, you have these commands to view and manage the imported data. Each command also has a set of options that you can see with -h:

  • creds
  • hosts
  • loot
  • notes
  • services
  • vulns

For example, if you want to view all the hosts that were imported, you can run the following:

1
msf-pro > hosts
2
3
Hosts
4
=====
5
addresss mac name os_name os_flavor os_sp purpose info comments
6
======== === ==== ======= ========= ===== ======= ==== ========
7
192.168.0.1
8
192.168.0.2