在Metasploit中使用数据库(PostgreSQL问题处理)
Metasploit支持MySQL、PostgreSQL、SQLite3数据库,将Nmap输出的结果导入Metasploit。
┌──(root💀kali)-[/var/log/postgresql]
└─# services postgresql status
● postgresql.service - PostgreSQL RDBMS
Loaded: loaded (/lib/systemd/system/postgresql.service; disabl>
Active: active (exited) since Wed 2024-01-24 21:55:19 EST; 1mi>
Process: 14717 ExecStart=/bin/true (code=exited, status=0/SUCCE>
Main PID: 14717 (code=exited, status=0/SUCCESS)
CPU: 2ms
//查看PostgreSQL的运行状态,active为已激活。
┌──(root💀kali)-[/var/log/postgresql]
└─# cat /usr/share/metasploit-framework/config/database.yml 1 ⨯
development:
adapter: postgresql
database: msf
username: msf
password: qr0blPOH9ren2IFqwC8RYMvMWQeN43PWfoEDEPJmeAg=
host: localhost
port: 5432
pool: 5
timeout: 5
production:
adapter: postgresql
database: msf
username: msf
password: qr0blPOH9ren2IFqwC8RYMvMWQeN43PWfoEDEPJmeAg=
host: localhost
port: 5432
pool: 5
timeout: 5
test:
adapter: postgresql
database: msf_test
username: msf
password: qr0blPOH9ren2IFqwC8RYMvMWQeN43PWfoEDEPJmeAg=
host: localhost
port: 5432
pool: 5
timeout: 5
//查看数据库中msf账号和密码
msf6 > db_connect msf:qr0blPOH9ren2IFqwC8RYMvMWQeN43PWfoEDEPJmeAg=@localhost:5432/msf
[*] Connected to Postgres data service: localhost/msf
//连接数据库。
msf6 > db_status
[*] Connected to msf. Connection type: postgresql.
//进入msfconsole,查看数据库连接状态。
┌──(root💀kali)-[/var/log/postgresql]
└─# cd /home/kali
//为了确定nmap结果输出位置,先转到在/kali目录下。
┌──(root💀kali)-[/home/kali]
└─# nmap -Pn -sS -A -oX nmapscan_1.xml 192.168.133.0/24 127 ⨯
Starting Nmap 7.92 ( https://nmap.org ) at 2024-01-24 22:08 EST
Nmap scan report for 192.168.133.15
Host is up (0.00025s latency).
Not shown: 997 filtered tcp ports (no-response)
PORT STATE SERVICE VERSION
135/tcp open msrpc Microsoft Windows RPC
139/tcp open netbios-ssn Microsoft Windows netbios-ssn
445/tcp open microsoft-ds?
MAC Address: D4:25:8B:83:5A:AE (Intel Corporate)
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: general purpose
Running (JUST GUESSING): Microsoft Windows XP|7|2008 (89%)
OS CPE: cpe:/o:microsoft:windows_xp::sp3 cpe:/o:microsoft:windows_7 cpe:/o:microsoft:windows_server_2008::sp1 cpe:/o:microsoft:windows_server_2008:r2
Aggressive OS guesses: Microsoft Windows XP SP3 (89%), Microsoft Windows XP SP2 (87%), Microsoft Windows 7 (85%), Microsoft Windows Server 2008 SP1 or Windows Server 2008 R2 (85%)
No exact OS matches for host (test conditions non-ideal).
Network Distance: 1 hop
Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
//Nmap扫描结果,生成XML文件在/kali目录下
msf6 > db_nmap
[*] Usage: db_nmap [--save | [--help | -h]] [nmap options]
msf6 > db_import /home/kali/nmapscan_1.xml
[*] Importing 'Nmap XML' data
[*] Import: Parsing with 'Nokogiri v1.12.5'
[*] Importing host 192.168.133.15
[*] Importing host 192.168.133.76
[*] Importing host 192.168.133.229
[*] Successfully imported /home/kali/nmapscan_1.xml
//使用db_import命令将文件导入到数据库中。
msf6 > hosts -c address
Hosts
=====
address
-------
192.168.133.15
192.168.133.76
192.168.133.229
//使用hosts命令进行核实,将显示数据库中所有已保存的主机信息。
在MSF中运行nmap
msf6 > db_connect msf:qr0blPOH9ren2IFqwC8RYMvMWQeN43PWfoEDEPJmeAg=@localhost:5432/msf
[*] Connected to Postgres data service: localhost/msf
//连接msf数据库。
msf6 > db_nmap -sS -A 192.168.133.15
[*] Nmap: Starting Nmap 7.92 ( https://nmap.org ) at 2024-01-25 01:13 EST
[*] Nmap: Nmap scan report for 192.168.133.15
[*] Nmap: Host is up (0.00039s latency).
[*] Nmap: Not shown: 997 filtered tcp ports (no-response)
[*] Nmap: PORT STATE SERVICE VERSION
[*] Nmap: 135/tcp open msrpc Microsoft Windows RPC
[*] Nmap: 139/tcp open netbios-ssn Microsoft Windows netbios-ssn
[*] Nmap: 445/tcp open microsoft-ds?
[*] Nmap: MAC Address: D4:25:8B:83:5A:AE (Intel Corporate)
[*] Nmap: Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
[*] Nmap: Device type: general purpose
[*] Nmap: Running (JUST GUESSING): Microsoft Windows XP|2008 (87%)
[*] Nmap: OS CPE: cpe:/o:microsoft:windows_xp::sp3 cpe:/o:microsoft:windows_server_2008::sp1 cpe:/o:microsoft:windows_server_2008:r2
[*] Nmap: Aggressive OS guesses: Microsoft Windows XP SP3 (87%), Microsoft Windows Server 2008 SP1 or Windows Server 2008 R2 (85%)
[*] Nmap: No exact OS matches for host (test conditions non-ideal).
[*] Nmap: Network Distance: 1 hop
[*] Nmap: Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
[*] Nmap: Host script results:
[*] Nmap: | smb2-security-mode:
[*] Nmap: | 3.1.1:
[*] Nmap: |_ Message signing enabled but not required
[*] Nmap: | smb2-time:
[*] Nmap: | date: 2024-01-25T06:13:59
[*] Nmap: |_ start_date: N/A
[*] Nmap: |_nbstat: NetBIOS name: DAJI, NetBIOS user: <unknown>, NetBIOS MAC: d4:25:8b:83:5a:ae (Intel Corporate)
[*] Nmap: TRACEROUTE
[*] Nmap: HOP RTT ADDRESS
[*] Nmap: 1 0.39 ms 192.168.133.15
[*] Nmap: OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
[*] Nmap: Nmap done: 1 IP address (1 host up) scanned in 55.64 seconds
//会自动将nmap结果存储在数据库中。
msf6 > services -u
Services
========
host port proto name state info
---- ---- ----- ---- ----- ----
192.168.1 135 tcp msrpc open Microsoft Windows RPC
33.15
192.168.1 139 tcp netbios-ssn open Microsoft Windows net
33.15 bios-ssn
192.168.1 445 tcp microsoft-ds open
33.15
192.168.1 53 tcp domain open dnsmasq 2.51
33.76
192.168.1 3389 tcp ms-wbt-serve open xrdp
33.229 r
//查看扫描结果。
问题一
msf6 > db_connect msf:SNmdENXaBaOPJ4kVMh8u4bIbNhvYwqOyHLorG4vgxgc=@localhost:5432/msf
[-] Failed to connect to the Postgres data service: connection to server at "localhost" (::1), port 5432 failed: Connection refused
Is the server running on that host and accepting TCP/IP connections?
connection to server at "localhost" (127.0.0.1), port 5432 failed: Connection refused
Is the server running on that host and accepting TCP/IP connections?
尝试初始化
┌──(root💀kali)-[/home/kali/Desktop]
└─# msfdb init
问题二
┌──(root💀kali)-[/home/kali/Desktop]
└─# msfdb init 127 ⨯
[+] Starting database
[i] The database appears to be already configured, skipping initialization
//无法初始化
尝试再初始化
┌──(root💀kali)-[/home/kali/Desktop]
└─# msfdb reinit
问题三
┌──(root💀kali)-[/home/kali/Desktop]
└─# msfdb reinit 127 ⨯
[i] Database already started
psql: 错误: 连接到套接字"/var/run/postgresql/.s.PGSQL.5432"上的服务器失败:没有那个文件或目录
服务器是否在本地运行并接受该套接字上的连接?
psql: 错误: 连接到套接字"/var/run/postgresql/.s.PGSQL.5432"上的服务器失败:没有那个文件或目录
服务器是否在本地运行并接受该套接字上的连接?
psql: 错误: 连接到套接字"/var/run/postgresql/.s.PGSQL.5432"上的服务器失败:没有那个文件或目录
服务器是否在本地运行并接受该套接字上的连接?
尝试
查看日志
┌──(root💀kali)-[/var/log/postgresql]
└─# cat postgresql-14-main.log
2024-01-24 06:47:38.587 EST [22553] LOG: invalid value for parameter “lc_messages”:
“en_US.UTF-8”
2024-01-24 06:47:38.587 EST [22553] LOG: invalid value for parameter “lc_monetary”: “en_US.UTF-8”
2024-01-24 06:47:38.587 EST [22553] LOG: invalid value for parameter “lc_numeric”: “en_US.UTF-8”
2024-01-24 06:47:38.587 EST [22553] LOG: invalid value for parameter “lc_time”: “en_US.UTF-8”
2024-01-24 06:47:38.587 EST [22553] FATAL: configuration file “/etc/postgresql/14/main/postgresql.conf” contains errors
pg_ctl: could not start server
//发现是不能识别“en_US.UTF-8”。
┌──(root💀kali)-[/var/log/postgresql]
└─# locale -a
C
C.utf8
POSIX
zh_CN.utf8
//查看本地拥有的编码┌──(root💀kali)-[/var/log/postgresql]
└─# dpkg-reconfigure locales
Generating locales (this might take a while)…
en_US.UTF-8… done
zh_CN.UTF-8… done
Generation complete.
//进入设置选择en_US.UTF-8。┌──(root💀kali)-[/var/log/postgresql]
└─# systemctl restart postgresql
//重新启动数据库服务。┌──(root💀kali)-[/var/log/postgresql]
└─# msfdb reinit
[i] Database already started
[+] Dropping databases ‘msf’
[+] Dropping databases ‘msf_test’
[+] Dropping database user ‘msf’
[+] Deleting configuration file /usr/share/metasploit-framework/config/database.yml
[+] Stopping database
[+] Starting database
[+] Creating database user ‘msf’
为新角色输入的口令:
再输入一遍:
[+] Creating databases ‘msf’
[+] Creating databases ‘msf_test’
[+] Creating configuration file ‘/usr/share/metasploit-framework/config/database.yml’
[+] Creating initial database schema
//再执行reinit。
问题四
msf6 > db_status
[-] Error while running command db_status: connection to server at "localhost" (::1), port 5432 failed: FATAL: password authentication failed for user "msf"
connection to server at "localhost" (::1), port 5432 failed: FATAL: password authentication failed for user "msf"
//无法查看状态,验证失败。
尝试
┌──(root💀kali)-[/var/log/postgresql]
└─# cat /usr/share/metasploit-framework/config/database.yml 1 ⨯
development:
adapter: postgresql
database: msf
username: msf
password: qr0blPOH9ren2IFqwC8RYMvMWQeN43PWfoEDEPJmeAg=
host: localhost
port: 5432
pool: 5
timeout: 5
//查看账号密码。