Managing the Database
The Metasploit Framework provides back end database support for PostgreSQL. The database stores information, such as host data, loot, and exploit results.
Commands that manage the database start with a db_
prefix.
Connecting to a Database
You don't need a database to run the Framework, but it's pretty useful if you want to store and view the data you've collected. To set up a database, take a look at this awesome wiki created by the Fedora Project.
After you've set up the database, you need to connect to it. You will need to manually connect to the database each time you launch msfconsole.
To connect to the database, run the following command in msfconsole:
1msf > db_connect your_msfdb_user:your_msfdb_pswd@127.0.0.1:5432/msf_database
If you configured your PostgreSQL database to run on a port other than 5432
, or you have named your database something other than msf_database
, you will need to replace those values in the previous command with the correct values.
To make sure that the database is connected, you can run the db_status
command, which should return the following:
1msf > db_status2[*] postgresql connected to msf_database
Now, you need to modify the database configuration file to store your database settings. To modify the database configuration file, you will need to edit database.yml
, which is located in /path/to/framework/config
. If you don't have this file, you will need to modify database.yml.example
and save it as database.yml
.
Open a text editor, like vim, and enter the following:
1$ vim /opt/framework/config/database.yml
When the editor appears, the following information needs to be added to the database configuration file:
1development:2adapter: "postgresql"3database: "msf_database"4username: "msf_user"5password: "123456"6port: 54327host: "localhost"8pool: 2569timeout: 51011production:12adapter: "postgresql"13database: "msf_database"14username: "msf_user"15password: "123456"16port: 543217host: "localhost"18pool: 25619timeout: 5
The database, username, password, and port attributes need to be updated with the values you've chosen for your database.
Now, you can run the following command to start the database:
1msf > db_connect -y /opt/metasploit/config/database.yml
Automatically Connecting to the Database
If you want the database to connect every time you launch msfconsole, you can copy the database configuration file and move it to the .msf4
directory. The .msf4
directory is a hidden folder in the home directory that is automatically created by the Metasploit installer. If you cloned Metasploit from GitHub, you will need to manually create the folder.
To copy database.yml
to the .msf4
folder, run the following command:
1cp /opt/framework/config/database.yml /root/.msf4/