adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Updated Metasploit Remote Data Service and REST API (markdown)

Browse Source
This commit is contained in:
jbarnett-r7
2018-08-28 13:58:18 -05:00
parent d6120d3774
commit 4143f69865
1 changed files with 27 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Metasploit-Remote-Data-Service-and-REST-API.md
+27 -3
View File
@@ -28,11 +28,29 @@ http://\<interface\>:\<port\>/api/v1/api-docs
The `db_connect` command can be used to connect to the remote data service, or a Postgres database, to enable data storage.
### Connecting
To connect, enter `db_connect <url>` in msfconsole. The URL can be either an http(s) string pointing to a remote data store, such as `http://127.0.0.1:8080` or `https://127.0.0.1:8080`, or a custom Postgres string such as `user:password@127.0.0.1:8080/database_name`.
You can use the `db_connect` command to connect to the desired data service. Please note that you can only be connected to one data service at a time. The `db_disconnect` command will need to be used before switching to a new data service. You can use `db_status` to see information about the currently connected data service.
**Usage:**
* `db_connect <options> <url>`
* Options:
* `-l`,`--list-services` - List the available data services that have been previously saved.")
* `-n`,`--name` - Connect to a previously saved data service by specifying the name.")
* `-c`,`--cert` - Certificate file matching the remote data server's certificate. Needed when using self-signed SSL cert.
* `-t`,`--token` - The API token used to authenticate to the remote data service.
* `--skip-verify` - Skip validating authenticity of server's certificate. NOT RECOMMENDED.
* Examples:
* `db_connect http://localhost:8080` - Connect to the Metasploit REST API instance at localhost running on port 8080
* `db_connect -c ~/.msf4/msf-ws-cert.pem -t 72ce00fd9ab1a96970137e5a12faa12f38dcc4a9e42158bdd3ce7043c65f5ca37b862f3faf3630d2 https://localhost:8080` - Connect to the server running at localhost on port 8080 that has SSL and authentication enabled.
* `db_connect -l` - List the data services that have been saved using the `db_save` command.
* `db_connect -n LA_server` - Connect to the data service named "LA_server" that has been previously saved using `db_save`.
* URL Formats
* HTTP - `http://<host>:<port>`
* HTTPS - `https://<host>:<port>`
* Postgres - `<user>:<password>@<host>:<port>/<database name>`
### Saving the Connection
Data services can be saved for later use using the `db_save` command.
The currently connected data service can be saved for later use using the `db_save` command. The `default` connection is the data service that msfconsole will connect to on startup.
**Usage:**
* `db_save <options> <name>`
@@ -42,5 +60,11 @@ Data services can be saved for later use using the `db_save` command.
* `--delete` - Delete the specified data service.
* Examples:
* `db_save new_york_server` - Save the current connection as "new_york_server".
* `db_save -d la_server` - Save the current connection as "la_server" and set it as the default.
* `db_save -d LA_server` - Save the current connection as "LA_server" and set it as the default.
* `db-save --delete new_york_server` - Delete the "new_york_server" entry.
### Notes ###
There are a few pieces of information to keep in mind when using data services with Metasploit Framework.
* A Postgres database connection is required before connecting to a remote data service.
* The configuration from the `database.yml` will still be honored for the foreseeable future, but a saved default data service will take priority when it is present.