Backtrack 5, Metasploit, and PostgreSQL Pentest-Labs.

org

http://www.pentest-labs.org/blog/backtrack-5-metasploit-and-postgresql

Friday May 27, 2011

Follow me on Twitter

Backtrack 5, Metasploit, and PostgreSQL

Posts By Month

Backtrack 5 ships with some very nice features, however I will be discussing Metasploit and PostgreSQL within this post. Backtrack 5 ships with metasploit and postgresql out of the box, which means that postgres is already running within BT5. One thing to note here is that you may need to install the postgres gem and specify the db_driver within msf. I installed the gem using ruby version 1.8.7, I get errors installing the postgres gem using ruby version 1.9.2_dev. There are some very nice how-tos for this over at the BT5 forums. Update 6/1/2011 MSF does not contain any postgres drivers if launched from /pentest/exploits /framework3 however, if launched from you path then drivers are available and postgresql is initialized and connected. However, it is not running on the default 5432 tcp port, instead postgres is running on localhost:7175. A quick netstat -antp | grep 7175 command will display if any service is running on a port.

June 2013

But, if we try to stop the postgres service using /etc/init.d/postgresql-8.4 stop, we get no luck no service is running called postresql-8.4. Hmm, lets display all services with the service status-all command. We see the following, which indicates that the installation of postgresql is associated with msf by default within BT5. As we can see this service is called framework-postgres NICE =)

What does this mean, it means we know the service name so we can start and stop the service, stop auto-run at boot time, and we know that the installation of postgres is associated primarily with metasploit. But hey, the postgres config files are not in there default location. Well ok, letf find where they are. Lets start with where metasploit is installed. the framework3 directory within the /pentest/exploits/ directory is a symbolic link to /opt/framework3/msf3. Therefore, we look inside these directories and see a postgresql directory within the /opt/framework3 directory. However if we start metasploit and try to connect to the database with user and password of root:toor we get an authentication error. So what is the user and password combo used?

1 of 3

13/06/2013 17:35

Backtrack 5, Metasploit, and PostgreSQL Pentest-Labs.org

http://www.pentest-labs.org/blog/backtrack-5-metasploit-and-postgresql

password. Nice info, however, instead of specifying the username and password everytime we connect to msf and want to use the postgresql database, we can use the db_connect command with the database.yml file.

As we can see, we have a username of msf and a randomly generated password. I am running a few different BT5 virtual machines and each one has a different password. Nice. Now to connect msf to the database we just use the db_connect command with the right syntax to use the yml file, with the absolute path to the file specified.

Now we are in business. I figured I would do a little write-up on this since I have not seen a lot of documentation for this anywhere, hope you enjoy. To be honest I am finding more and more very nice features the BT5 developers introduced. Nice work.

November 2011 (1)

2 of 3

13/06/2013 17:35

Backtrack 5, Metasploit, and PostgreSQL Pentest-Labs.org

http://www.pentest-labs.org/blog/backtrack-5-metasploit-and-postgresql

3 of 3

13/06/2013 17:35