This article will just provide some quick steps to get Backbox Linux ready with a DB for Metasploit to use. To learn more about any of the framework commands shown below try running them with a ‘-h’ switch to see the help.
First start postgresql
sudo service postgresql start
Then login as the DBA and create a user and database
su – postgres
CREATE USER user_name WITH PASSWORD ‘SecretPassword’;
CREATE DATABASE db_name;
GRANT ALL PRIVILEGES ON DATABASE db_name to user_name;
\q
Now we launch Metasploit and connect it to our DB
sudo msfconsole
db_connect user_name:SecretPassword@localhost/db_name
db_status
Now let’s create some workspaces to hold our discoveries
workspace -a Company_A
workspace -a Domain_A
workspace -a Network_192
If we have some previously mapped data we can import it to the workspace
workspace Network_192
db_import /home/user/nmaps/*.xml
Or we can just start a new scan to import directly
db_nmap -sV -O 192.168.0.0/24
Now we should see our scanned hosts and services
hosts
services
Lastly if you want to move the data to other DB servers MSF also provides a quick export function
db_export /home/user/msfdb_dump.xml
That concludes this short lesson, happy hunting!
