Tuesday, July 7, 2015

Metasploit- A new Start :)

I am sure there are 100's of blogs on the favorite tool Metasploit. But somehow i felt that there should be some things on my blog as well which will involve some information or troubleshooting of some of the thing that new guys exploring the same face.

I will not go in detail of what Metasploit does and what are its uses or what is its syntax. Rather i will give a small demo on what all things to be kept in mind before diving into the Meta World.

First thing first. Metasploit uses PostgresSQL as its database.

So first what you have to do is the start the Postgres Service.

## service postgresql sart

## /etc/init.d/postgresql start

 For checking the same you can use the following command:

Now once the database service is started start the Metasploit service. You can do the same by the following command :

If you have noticed the first time when install it caches all the modules in the database. The first time the service is launched it will create a database and a database user called as msf3. It also starts the RPC service and the web server automatically.

Now you have activated both the services. Once it is done you are good to go and launch the msfconsole. Once you are in you can check the connectivity with the database by typing the command:

## db_Status

Some important stuffs and extra commands : 
This becomes a tedious task as the connection is lost once you have shutdown the machine. 

So how can we start the service on startup.
Type in the following command and you are done:

## update-rc.d postgresql enable

## update-rc.d metasploit enable

Some Extra Commands:

You can rebuild the cache by typing the following in the msfconsole

## db_rebuild_cache

If you want to have a look on the service, this comes in handy. Sometimes useful while troubleshooting the process described above.

## lsof -nPi |grep LISTEN
## watch -d 'lsof -nPi |grep LISTEN'

That's all for now folks :):)



Setting and Starting Metasploit framework in Kali 2.0

There has been some changes with in terms of Metasploit in Kali 2.0

Quote from the official website (https://www.kali.org/news/kali-linux-20-released/)


Metasploit Community / Pro no longer ships in Kali

At the request of Rapid7, we have removed the Metasploit Community / Pro package from Kali Linux and now host the open-source metasploit-framework package only. For all of you who require Community or Pro, you will now need todownload it from Rapid7 and then register and submit your personal details in order to get a license. In addition, the Rapid7 team no longer maintains the Metasploit package in Kali, which has brought with it some substantial changes – we’ve moved to a “native” setup, where rather than bundling all the required software needed to run Metasploit in one big package, we use native dependencies within Kali to support the metasploit-framework package. This results in a faster, smoother work experience and easier integration with Metasploit dependencies. For more information about this, check out our Metasploit Framework in Kali documentation page."

The regular way for metasploit service is no more available. These are the following steps that you have to perform now.:)

Start the postgresql database the same way as usual and then start the msfdb server as below.


No comments:

Post a Comment