Managing the Database

The Metasploit Framework provides back end database support for PostgreSQL. The database stores information, such as host data, loot, and exploit results.

Commands that manage the database start with a db_ prefix.

Connecting to a Database

You don't need a database to run the Framework, but it's pretty useful if you want to store and view the data you've collected. To set up a database, take a look at this awesome wiki created by the Fedora Project.

After you've set up the database, you need to connect to it. You will need to manually connect to the database each time you launch msfconsole.

To connect to the database, run the following command in msfconsole:

1
msf > db_connect your_msfdb_user:your_msfdb_pswd@127.0.0.1:5432/msf_database

If you configured your PostgreSQL database to run on a port other than 5432, or you have named your database something other than msf_database, you will need to replace those values in the previous command with the correct values.

To make sure that the database is connected, you can run the db_status command, which should return the following:

1
msf > db_status
2
[*] postgresql connected to msf_database

Now, you need to modify the database configuration file to store your database settings. To modify the database configuration file, you will need to edit database.yml, which is located in /path/to/framework/config. If you don't have this file, you will need to modify database.yml.example and save it as database.yml.

Open a text editor, like vim, and enter the following:

1
$ vim /opt/framework/config/database.yml

When the editor appears, the following information needs to be added to the database configuration file:

1
development:
2
adapter: "postgresql"
3
database: "msf_database"
4
username: "msf_user"
5
password: "123456"
6
port: 5432
7
host: "localhost"
8
pool: 256
9
timeout: 5
10
11
production:
12
adapter: "postgresql"
13
database: "msf_database"
14
username: "msf_user"
15
password: "123456"
16
port: 5432
17
host: "localhost"
18
pool: 256
19
timeout: 5

The database, username, password, and port attributes need to be updated with the values you've chosen for your database.

Now, you can run the following command to start the database:

1
msf > db_connect -y /opt/metasploit/config/database.yml

Automatically Connecting to the Database

If you want the database to connect every time you launch msfconsole, you can copy the database configuration file and move it to the .msf4 directory. The .msf4 directory is a hidden folder in the home directory that is automatically created by the Metasploit installer. If you cloned Metasploit from GitHub, you will need to manually create the folder.

To copy database.yml to the .msf4 folder, run the following command:

1
cp /opt/framework/config/database.yml /root/.msf4/