I found some bugs when I play Metasploit and PostgreSQL and Auto Exploitation.
msf > version
Framework: 3.2-release.5378
Console : 3.2-release.5653
$ psql --version
psql (PostgreSQL) 8.3.3
$ createdb --version
createdb (PostgreSQL) 8.3.3
$ dropdb --version
dropdb (PostgreSQL) 8.3.3
When I loaded db_postgres, and run db_create like sqlite3(works) I
got some errors like this..
msf > load db_postgres
[*] Successfully loaded plugin: db_postgres
msf > db_create
createdb: could not connect to database postgres: FATAL: role "root" does not
exist
psql: FATAL: database "metasploit3" does not exist
[*] Database creation complete (check for errors)
..and when I made custom command, it works but I got some more
errors because sql have problems too...
msf > help
(...)
Postgres Database Commands
==========================
Command Description
------- -----------
db_connect Connect to an existing database ( user:[EMAIL
PROTECTED]:port/db )
db_create Create a brand new database ( user:[EMAIL PROTECTED]:port/db
)
db_destroy Drop an existing database ( user:[EMAIL PROTECTED]:port/db )
db_disconnect Disconnect from the current database instance
(...)
msf > db_create metasploit:[EMAIL PROTECTED]:5432/metasploitdb
[*] Warning: You will need to enter the password at the prompts below
Password:
Password:
Password for user metasploit:
ERROR: table "hosts" does not exist
NOTICE: CREATE TABLE will create implicit sequence "hosts_id_seq" for serial
column "hosts.id"
NOTICE: CREATE TABLE / PRIMARY KEY will create implicit index "hosts_pkey" for
table "hosts"
NOTICE: CREATE TABLE / UNIQUE will create implicit index "hosts_address_key"
for table "hosts"
ERROR: table "services" does not exist
NOTICE: CREATE TABLE will create implicit sequence "services_id_seq" for
serial column "services.id"
NOTICE: CREATE TABLE / PRIMARY KEY will create implicit index "services_pkey"
for table "services"
ERROR: table "vulns" does not exist
NOTICE: CREATE TABLE will create implicit sequence "vulns_id_seq" for serial
column "vulns.id"
NOTICE: CREATE TABLE / PRIMARY KEY will create implicit index "vulns_pkey" for
table "vulns"
ERROR: table "refs" does not exist
NOTICE: CREATE TABLE will create implicit sequence "refs_id_seq" for serial
column "refs.id"
NOTICE: CREATE TABLE / PRIMARY KEY will create implicit index "refs_pkey" for
table "refs"
ERROR: table "vulns_refs" does not exist
ERROR: syntax error at or near "create"
LINE 2: create table notes (
^
[*] Database creation complete (check for errors)
Look into code I did found wrong option, like "-P" for
password.[1][2][3]
Then, I made some fixes and improves into data/sql/postgres.sql and
plugins/db_postgres.rb, I hope this patches are useful for Metasploit
for more user friendly when people play with db_autopwn and postgres.
$ diff -Nur db_postgres.rb.old db_postgres.rb
--- db_postgres.rb.old 2008-09-14 23:32:29.000000000 -0300
+++ db_postgres.rb 2008-09-15 02:52:11.000000000 -0300
@@ -56,7 +56,7 @@
def cmd_db_connect(*args)
info = parse_db_uri(args[0])
opts = { 'adapter' => 'postgresql' }
-
+
opts['username'] = info[:user] if (info[:user])
opts['password'] = info[:pass] if (info[:pass])
opts['database'] = info[:name]
@@ -79,19 +79,22 @@
info = parse_db_uri(args[0])
opts = { 'adapter' => 'postgresql' }
argv = []
-
+
if (info[:user])
opts['username'] = info[:user]
argv.push('-U')
argv.push(info[:user])
+ else
+ opts['username'] = 'postgres'
+ argv.push('-U')
+ argv.push('postgres')
end
if (info[:pass])
- print()
- print_status("Warning: You will need to enter
the password at the prompts below")
- print()
+ print()
+ print_status("Warning: You will need to enter the password at
the prompts below")
+ print()
argv.push('-W')
- opts['password'] = info[:pass]
end
if (info[:host])
@@ -106,14 +109,14 @@
argv.push(info[:port])
end
- opts['database'] = info[:name]
+ opts['database'] = info[:name]
cargs = argv.map{|c| "'#{c}' "}.join
sql = File.join(Msf::Config.install_root, "data",
"sql", "postgres.sql")
fd = File.open(sql, 'r')
- system("dropdb #{cargs} #{info[:name]} >/dev/null 2>&1")
+ system("dropdb #{cargs} #{info[:name]} >/dev/null 2>&1")
system("createdb #{cargs} #{info[:name]}")
psql = File.popen("psql -q " + cargs + info[:name], "w")
@@ -142,11 +145,16 @@
if (info[:user])
argv.push('-U')
argv.push(info[:user])
+ else
+ argv.push('-U')
+ argv.push('postgres')
end
if (info[:pass])
- argv.push('-P')
- argv.push(info[:pass])
+ print()
+ print_status("Warning: You will need to enter the password at
the prompts below")
+ print()
+ argv.push('-W')
end
if (info[:host])
$ diff -Nur postgres.sql.old postgres.sql
--- postgres.sql.old 2008-09-14 23:10:04.000000000 -0300
+++ postgres.sql 2008-09-14 23:11:36.000000000 -0300
@@ -1,5 +1,3 @@
-drop table hosts;
-
create table hosts (
id SERIAL PRIMARY KEY,
created TIMESTAMP,
@@ -15,8 +13,6 @@
arch VARCHAR(255)
);
-drop table services;
-
create table services (
id SERIAL PRIMARY KEY,
host_id INTEGER,
@@ -28,8 +24,6 @@
info VARCHAR(1024)
);
-drop table vulns;
-
create table vulns (
id SERIAL PRIMARY KEY,
service_id INTEGER,
@@ -38,8 +32,6 @@
data TEXT
);
-drop table refs;
-
create table refs (
id SERIAL PRIMARY KEY,
ref_id INTEGER,
@@ -47,15 +39,11 @@
name VARCHAR(512)
);
-drop table vulns_refs;
-
create table vulns_refs (
ref_id INTEGER,
vuln_id INTEGER
);
-drop table notes
-
create table notes (
id SERIAL PRIMARY KEY,
host_id INTEGER,
Btw, I have attached the new files too.
Thank all devel for the great job with Metasploit and sorry about
english, I known is not sooo good. ;)
--
Ulisses Castro (thebug)
[EMAIL PROTECTED]
http://ulissescastro.wordpress.com
References:
1 - http://www.postgresql.org/docs/8.3/static/app-psql.html
2 - http://www.postgresql.org/docs/8.0/static/app-psql.html
3 - http://www.postgresql.org/docs/7.4/static/app-psql.html
db_postgres.rb
Description: application/ruby
create table hosts ( id SERIAL PRIMARY KEY, created TIMESTAMP, address VARCHAR(16) UNIQUE, comm VARCHAR(255), name VARCHAR(255), state VARCHAR(255), info VARCHAR(1024), os_name VARCHAR(255), os_flavor VARCHAR(255), os_sp VARCHAR(255), os_lang VARCHAR(255), arch VARCHAR(255) ); create table services ( id SERIAL PRIMARY KEY, host_id INTEGER, created TIMESTAMP, port INTEGER NOT NULL, proto VARCHAR(16) NOT NULL, state VARCHAR(255), name VARCHAR(255), info VARCHAR(1024) ); create table vulns ( id SERIAL PRIMARY KEY, service_id INTEGER, created TIMESTAMP, name VARCHAR(255), data TEXT ); create table refs ( id SERIAL PRIMARY KEY, ref_id INTEGER, created TIMESTAMP, name VARCHAR(512) ); create table vulns_refs ( ref_id INTEGER, vuln_id INTEGER ); create table notes ( id SERIAL PRIMARY KEY, host_id INTEGER, created TIMESTAMP, ntype VARCHAR(512), data TEXT );
signature.asc
Description: PGP signature
_______________________________________________ Framework-Hackers mailing list Framework-Hackers@spool.metasploit.com http://spool.metasploit.com/mailman/listinfo/framework-hackers
