Closed VirusEmp closed 5 years ago
first make sure you have the right port connection for postgresql then build a new database then make the databse the default for metasploit on start of msfconsole
this is it below if you dnt wanna click link: Allowing password authentication to access postgres on localhost
Allow the possibility for account msf_user to use password based authentication to connect to databasse msf_user. Edit "/var/lib/pgsql/data/pg_hba.conf", change:
host all all 127.0.0.1/32 ident
to
host "msf_database" "msf_user" 127.0.0.1/32 md5 host all all 127.0.0.1/32 ident
See also: Postgresql Wiki: Client Authentication and Postgresql Documentation: pg_hba.conf 🔗 Starting postgres
user@magnolia:$ sudo -s user@magnolia:$ postgresql-setup initdb user@magnolia:$ systemctl start postgresql.service
🔗 Becoming the postgres user
root@magnolia:# su postgres
🔗 Creating a database user
postgres@magnolia:$ createuser msf_user -P Enter password for new role: yourmsfpassword Enter it again: yourmsfpassword Shall the new role be a superuser? (y/n) n Shall the new role be allowed to create databases? (y/n) n Shall the new role be allowed to create more new roles? (y/n) n
🔗 Creating a database
postgres@magnolia:$ createdb --owner=msf_user msf_database
🔗 Configure Metasploit
Start the framework by running msfconsole, then enter the following commands:
msf > db_status [*] postgresql selected, no connection msf> db_connect msf_user:yourmsfpassword@127.0.0.1:5432/msf_database NOTICE: CREATE TABLE will create implicit sequence "hosts_id_seq" for serial column "hosts.id" NOTICE: CREATE TABLE / PRIMARY KEY will create implicit index "hosts_pkey" for table "hosts" [..] NOTICE: CREATE TABLE will create implicit sequence "mod_refs_id_seq" for serial column "mod_refs.id" NOTICE: CREATE TABLE / PRIMARY KEY will create implicit index "mod_refs_pkey" for table "mod_refs"
🔗 Enable the database on startup
Write the database configuration to separate configuration file so the password doesn't get printed on the screen during each start of the msfconsole.Please not the attributes are prepended with spaces characters not tabs.
$ cat > /opt/metasploit4/config/database.yml << EOF production: adapter: postgresql database: msf_database username: msf_user password: yourmsfpassword host: 127.0.0.1 port: 5432 pool: 75 timeout: 5 EOF
Use the database configuration file and connect to this database during each startup of msfconsole. Also change to the workspace of yur current pentesting project.
$ cat > ~/.msf4/msfconsole.rc << EOF db_connect -y /opt/metasploit4/config/database.yml workspace -a YourProject EOF
🔗 Using the database
Once you have database configured and connected you can use it to store information. First check the database status:
msf > db_status [*] postgresql connected to msf_database
Thanks to fedora for saving my time
Database configuration is specific to method of installation. msfdb
was recently expanded to be used with development environments. Can you provide detail on your installation method here?
my metasploit came with the parrot os..and was updated when i upgraded my distro to parrot sec 4.4,even before the upgrade,metasploit wasn't connecting to the db.me thinking it was a probs with my distro i had to upgrade to the lastest release.still had the same problem til i cam across that great help on fedora
Ah, looking at what you experienced, likely you ran into a conflict in configuration specific to parrot sec due to postgresql handling that is different or conflicts with the official nightly embedded versions.
Unfortunately, not all possible configurations for all forks of framework can be forseen and supported. I am closing this as not a issue in the master/4.x official packages. However your comments here and the issue will likely help others in the future.
VirusEmp... I have been experiencing the same issue and I strictly followed you steps to fix the issue but it didn't work for me...When it comes to the part of creating a new user sudo su - postgres postgres@kali:~$ createuser msf_user -P Enter password for new role: Enter it again: createuser: could not connect to database postgres: could not connect to server: No such file or directory Is the server running locally and accepting connections on Unix domain socket "/var/run/postgresql/.s.PGSQL.5432"? postgres@kali:~$ this is error i get...PLEASE ASSIST me fix this i have tried many trials and errors even by uninstalling and reintsalling postgresql but it seems to not be working
I am on Kali linux running msf5, postgresql verion 11
Kali maintains their own fork of metasploit-framework, many of the change are around how it interacts with and sets up a database.
See https://github.com/rapid7/metasploit-framework/issues/11369 for notes from Kali about how Debian-specific tools have needed special handling to get database functionality up to date.
Nexpose uses the same port as metasploit. Whatever starts first will get the 5432 and is able to connect.
Steps to reproduce
How'd you do it?
the error is following below
┌─[root@parrot]─[/home/user] └──╼ #service postgresql start ┌─[root@parrot]─[/home/user] └──╼ #msfdb init [i] Database already started [i] The database appears to be already configured, skipping initialization ┌─[root@parrot]─[/home/user] └──╼ #msfconsole [-] Failed to connect to the database: FATAL: password authentication failed for user "msf" FATAL: password authentication failed for user "msf"
i have seen alot of people say i should use the following command
msfdb delete msfdb init msfconsole i did that and the error below came up ┌─[root@parrot]─[/home/user] └──╼ #msfdb delete [i] Database already started [+] Dropping databases 'msf' [+] Dropping databases 'msf_test' [+] Dropping database user 'msf' [+] Deleting configuration file /usr/share/metasploit-framework/config/database.yml [+] Stopping database ┌─[root@parrot]─[/home/user] └──╼ #msfdb init [+] Starting database [+] Creating database user 'msf' [+] Creating databases 'msf' [+] Creating databases 'msf_test' [+] Creating configuration file '/usr/share/metasploit-framework/config/database.yml' [+] Creating initial database schema rake aborted! PG::ConnectionBad: FATAL: password authentication failed for user "msf" FATAL: password authentication failed for user "msf" /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/postgresql_adapter.rb:651:in
initialize' /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/postgresql_adapter.rb:651:in
new' /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/postgresql_adapter.rb:651:inconnect' /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/postgresql_adapter.rb:242:in
initialize' /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/postgresql_adapter.rb:44:innew' /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/postgresql_adapter.rb:44:in
postgresql_connection' /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:438:innew_connection' /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:448:in
checkout_new_connection' /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:422:inacquire_connection' /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:349:in
block in checkout' /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:348:incheckout' /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:263:in
block in connection' /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:262:inconnection' /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:571:in
retrieve_connection' /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_handling.rb:113:inretrieve_connection' /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_handling.rb:87:in
connection' /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/migration.rb:941:ininitialize' /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/migration.rb:823:in
new' /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/migration.rb:823:inup' /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/migration.rb:801:in
migrate' /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/tasks/database_tasks.rb:139:inmigrate' /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/railties/databases.rake:44:in
block (2 levels) in <top (required)>' /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/rake-12.3.1/exe/rake:27:in `<top (required)>' Tasks: TOP => db:migrate (See full trace by running task with --trace) ┌─[✗]─[root@parrot]─[/home/user] └──╼ #msfconsole [-] Failed to connect to the database: FATAL: password authentication failed for user "msf" FATAL: password authentication failed for user "msf"even before i type msfconsole it can't create a new database.
NB: Os:Parrot sec Arch: 64bit Postgresql Version:11 Metasploit version:4.17.25-dev Thank you for your help This section should also tell us any relevant information about the environment; for example, if an exploit that used to work is failing, tell us the victim operating system and service versions.
Expected behavior
What should happen?
Current behavior
What happens instead?
You might also want to check the last ~1k lines of
/opt/metasploit/apps/pro/engine/config/logs/framework.log
or~/.msf4/logs/framework.log
for relevant stack tracesSystem stuff
Metasploit version
Get this with the
version
command in msfconsole (orgit log -1 --pretty=oneline
for a source install).I installed Metasploit with:
OS
What OS are you running Metasploit on?