FValkyrie_17's Infosec Notes
  • 1nf05EC N0TE5
  • Networking and Network Security
    • Security Models
    • Host Discovery
    • Port Scanning - Service and OS Discovery
    • Port Scanning - Common Firewall and IDS Evasion
    • Naming/Name Service and Directory Service
    • DNS
      • DNS Basics
      • DNS Pentest
    • NetBIOS
      • NetBIOS Basics
      • NetBIOS Pentest
    • BGP(Border Gateway Protocol) and AS Numbers (Autonomous System Numbers)
    • MS-RPC (Remote Procedure Call)
    • SMB (Server Message Block)
      • Basics of SMB
      • SMB Pentesting
    • LDAP (Lightweight Directory Access Protocol)
      • LDAP Working
      • LDAP Exploitation
    • RDP (Remote Desktop Protocol) and VNC (Virtual Network Computing)
    • Telnet (Teletype Network Protocol)
    • FTP (File Transfer Protocol)
    • NFS (Network File System)
    • SSH (Secure Socket Shell)
      • Port Forwarding Primer
    • SQL servers
      • MS-SQL (Microsoft SQL Service)
      • MySQL
    • Hydra Cheat Sheet
    • SMTP
    • SLP (Service Location Protocol)
    • SNMP
      • SNMP Basics
      • SNMP Pentest
    • NTP
    • File Transfer Primers
    • Regex 101
  • Make your dumb netcat shell interactive and awesome
  • Metasploit Primer
    • Important Terminologies
    • Working with Metasploit Database
  • Reverse Engineering 101
    • x86-64 assembly tutorial
      • Introduction to x86-64
  • Web Application Security
    • Security Policies
      • Same Origin Policy
      • Security Headers
        • CSP (Content Security Policy)
        • HSTS (Strict-Transport-Security Header)
        • X-Content-Type-Options
        • X-Frame-Options
        • Referrer-Policy
    • Authentication Bypass
  • Linux Privilege Escalation
    • Permissions in Linux
    • Enumeration
    • Using files with SUID/SGID permission set
    • Using Kernel Exploits
    • Using Service Exploits
    • Exploiting Weak File Permissions
    • Exploiting Sudo
    • Cron Jobs
  • windows privilege escalation
    • Windows Basics
    • PsTools Primer
    • Persistence Techniques
  • Android application security testing
    • Setting it Up
      • Installing Android SDK and emulator
      • Setting up Frida-Server on Android Device
  • HTB writeups
    • Archetype (HTB Starting Point 2x1)
    • Oopsie (HTB Starting Point 2x2)
    • Lame
    • Jerry
  • THM writeups
    • Vulnuniversity
  • Preparation Notes
    • CEH Practical Prep Notes
Powered by GitBook
On this page
  • Setting it up
  • Workspace management
  • Adding a new workspace
  • Deleting a workspace
  • Switching workspaces
  • List all hosts
  • Adding new hosts
  • Deleting hosts
  • Nmap scanning with db_nmap
  • Database Commands cheatsheet

Was this helpful?

  1. Metasploit Primer

Working with Metasploit Database

How to use metasploit database effectively

Setting it up

Metasploit has a database function to simplify project management and avoid confusion when setting up parameter values.

You will first need to start the PostgreSQL database, which Metasploit will use with the following command:

systemctl start postgresql

Then you will need to initialize the Metasploit Database using the msfdb init command.

root@ip-10-10-46-245:~# systemctl start postgresql
root@ip-10-10-46-245:~# msfdb init

To check if the database has been initiated properly we can troubleshoot using db_status command in msfconsole.

msf6 > db_status
[*] Connected to msfdb. Connection type: postgresql.

Workspace management

The database feature will allow you to create workspaces to isolate different projects. When first launched, you should be in the default workspace. You can list available workspaces using the workspace command. 

msf6 > workspace
* default

Adding a new workspace

Add a workspace using the -a parameter. 

msf6 > workspace -a <workspace_name>

Deleting a workspace

Delete a workspace using the -d parameter, respectively. 

sf6 > workspace -d new_workspace
[*] Deleted workspace: new_workspace

Switching workspaces

You can switch workspaces using the workspace name

msf6 > workspace new
[*] Workspace: new

List all hosts

msf6 > hosts

Hosts
=====

address        mac                name     os_name  os_flavor  os_sp  purpose  info  comments
-------        ---                ----     -------  ---------  -----  -------  ----  --------
10.10.170.76   02:a0:d8:c5:80:23  target1  Linux               3.X    server
10.10.205.0
10.10.224.231

Adding new hosts

msf6 > hosts -a <ip_address> -n <new_name>

The hostname can also be left blank, which can be auto-populated by commands like db_nmap.

Deleting hosts

msf6 > hosts -d 10.10.170.76

Hosts
=====

address  mac  name  os_name  os_flavor  os_sp  purpose  info  comments
-------  ---  ----  -------  ---------  -----  -------  ----  --------

Nmap scanning with db_nmap

The db_nmap command can be useful for scanning hosts and services

Database Commands cheatsheet

Command
Description

analyze

Analyze database information about a specific address or address range

db_connect

Connect to an existing data service

db_disconnect

Disconnect from the current data service

db_export

Export a file containing the contents of the database

db_import

Import a scan result file (filetype will be auto-detected)

db_nmap

Executes nmap and records the output automatically

db_rebuild_cache

Rebuilds the database-stored module cache (deprecated)

db_remove

Remove the saved data service entry

db_save

Save the current data service connection as the default to reconnect on startup

db_status

Show the current data service status

hosts

List all hosts in the database

klist

List Kerberos tickets in the database

loot

List all loot in the database

notes

List all notes in the database

services

List all services in the database

vulns

List all vulnerabilities in the database

workspace

Switch between database workspaces

PreviousImportant TerminologiesNextx86-64 assembly tutorial

Last updated 7 months ago

Was this helpful?