1.出现问题
安装后,到/metasploit/apps/pro/msf3目录,运行msfcli,但出现错误提示,意思是无法编译本地的一个模块。
查了下,发现是没有安装ruby1.9.1-dev,安装后,运行budle install仍然报错,错误提示变成缺少类库。
2.安装类库
于是逐个安装缺失的类库。安装记录如下,我的是安装这些后,成功运行msfconsole了。
sudo apt-get install ruby1.9.1-dev
bundle install
sudo apt-get install postgresql
sudo apt-get install ruby-all-dev
apt-cache search libpq
sudo apt-get install libpq-dev
apt-cache search pcap
sudo apt-get install libpcap-dev
apt-cache search libsqlite
sudo apt-get install libsqlite3-dev
bundle install
3.创建数据库
现在,工作已经基本就绪,但为了更好地发挥其性能,还是要对数据库进行基本设置。现在,msf只支持postgreSQL,这个 数据库的操作其mySQL有较大的不同。
下面是我在shell中的操作记录,目的在于建立一个名为msfbook的数据库,同时建立一个用户msf来操作该数据库:
23:42:47@~/Downloads$sudo -u postgres createuser --superuser msf //建立超级用户msf
[sudo] password for westnorth:
23:46:35@~/Downloads$sudo -u postgres psql //进入postgreSQL的shell
psql (9.3.4)
Type "help" for help.
postgres=# \password msf //给该用户赋予密码
Enter new password://用户msf的密码
Enter it again:
postgres=# \q
could not save history to file "/var/lib/postgresql/.psql_history": No such file or directory
23:47:13@~/Downloads$
23:47:26@~/Downloads$sudo -u postgres createdb -O msf msfbook //创建数据库msfbook,并将其所有者指定为msf
4.设置msf与数据库的连接
一般来说,设置数据库以写配置文件比较理想。配置文件编辑命令如下,将xx换成自己的安装目录:
sudo gvim ××/metasploit/apps/pro/msf3/config/database.yml
在其中设置数据库名与用户、密码后,就可使用db_connect命令连接数据库了。命令如下:
msf > db_connect -y config/database.yml
[*] Rebuilding the module cache in the background...
msf > db_status
[*] postgresql connected to msfbook
5.使用数据库
下面是在msf中使用数据库的例子:
msf > sudo nmap -Pn -sS -A -oX hosts.xml 192.168.1.0/24 ***将扫描结果写入hosts.xml
[*] exec: sudo nmap -Pn -sS -A -oX hosts.xml 192.168.1.0/24
Starting Nmap 6.40 ( http://nmap.org ) at 2014-07-11 00:15 CST
Nmap scan report for 192.168.1.1
Host is up (0.0021s latency).
Not shown: 955 filtered ports, 44 closed ports
PORT STATE SERVICE VERSION
80/tcp open httpTP-LINK WR541G/542G WAP http config
| http-auth:
| HTTP/1.1 401 N/A
|_ Basic realm=TP-LINK Wireless Router WR541G/542G
|_http-methods: No Allow or Public header in OPTIONS response (status code 401)
|_http-title: Site doesn't have a title (text/html).
MAC Address: 00:21:27:8F:74:82 (Tp-link Technology Co.)
Device type: media device|broadband router|general purpose
Running: VBrick embedded, Westell embedded, Wind River VxWorks
OS CPE: cpe:/h:vbrick:4300 cpe:/h:westell:wirespeed_6100 cpe:/o:windriver:vxworks
OS details: VBrick 4300 video encoder, Westell WireSpeed Dual Connect 6100 DSL router, VxWorks
Network Distance: 1 hop
Service Info: Device: WAP
TRACEROUTE
HOP RTT ADDRESS
1 2.14 ms 192.168.1.1
Nmap scan report for 192.168.1.106
Host is up (0.024s latency).
Not shown: 999 closed ports
PORT STATE SERVICEVERSION
62078/tcp open tcpwrapped
MAC Address: F0:CB:A1:31:63:93 (Apple)
Device type: media device|phone
Running: Apple iOS 4.X|5.X|6.X
OS CPE: cpe:/o:apple:iphone_os:4 cpe:/a:apple:apple_tv:4 cpe:/o:apple:iphone_os:5 cpe:/o:apple:iphone_os:6
OS details: Apple Mac OS X 10.8.0 - 10.8.3 (Mountain Lion) or iOS 4.4.2 - 6.1.3 (Darwin 11.0.0 - 12.3.0)
Network Distance: 1 hop
TRACEROUTE
HOP RTT ADDRESS
1 24.11 ms 192.168.1.106
Nmap scan report for 192.168.1.107
Host is up (0.000045s latency).
All 1000 scanned ports on 192.168.1.107 are closed
Too many fingerprints match this host to give specific OS details
Network Distance: 0 hops
OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 256 IP addresses (3 hosts up) scanned in 232.38 seconds
msf > hosts -c address ×××××使用数据库记录
Hosts
=====
address
-------