Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Revert back to Kali 2 repository version? #6335

Closed
FalcoGer opened this issue Dec 11, 2015 · 5 comments
Closed

Revert back to Kali 2 repository version? #6335

FalcoGer opened this issue Dec 11, 2015 · 5 comments

Comments

@FalcoGer
Copy link

I followed the instructions to install the latest nightly build for Metasploit-Framework:
curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall &&
chmod 755 msfinstall &&
./msfinstall

This did work fine. However, it is full of bugs, crashing and using a different database than before, now using one database for armitage and another for the console (msf3 and msf respectively). I tried to uninstall via apt-get, and reinstall. But this installer did something to my package sources and it redownloaded the nightly build. I could downgrade again by deleting the files in /var/lib/apt/lists:
downloads.metasploit.com_data_releases_metasploit-framework_apt_dists_lucid_InRelease
downloads.metasploit.com_data_releases_metasploit-framework_apt_dists_lucid_main_binary-amd64_Packages
downloads.metasploit.com_data_releases_metasploit-framework_apt_dists_lucid_main_binary-i386_Packages

and reinstalling then. However whenever I run apt-get update it would recreate those files. sources.list does not have a new repository in it that i could simply take out.
Issue is: I want to revert back, tell me how please.
Another issue is now that after uninstalling and reinstalling everything, my armitage doesn't work at all anymore. At first it asked for a database to connect to, telling me to set an environment variable. I did that. After that it started, though it was not showing hosts, even after I add them manually, not responding to any commands I type into the console. Starting it from console throws timeouts on startup for different commands (db_status, some listener jobs). Basically it's completely useless now.

@bcook-r7
Copy link
Contributor

What you are likely running into is not a big-enough connection pool for the database. Edit your database.yml file (likely either under ~/.msf4/database.yml or /usr/share/metasploit-framework/config/database.yml ) and ensure that the 'pool' argument is big enough, like '200'. As of recently, the installer would create a database.yml file under ~/.msf4/ that only had a pool size of 5, which was too small for armitage. If you find your system has both ~/.msf4/database.yml and /usr/share/metasploit-framework/config/database.yml, try deleting or moving ~/.msf4/database.yml out of the way, and you should see it use your original database.

Uninstall steps coming in a sec if that doesn't help.

@bcook-r7
Copy link
Contributor

Note that on Kali, the above installer should refuse to make any changes to your database at all when running as the root user; are you running Kali as a regular non-root user?

At any rate, to remove, try these steps:

  • run 'apt-get clean'
  • run 'msfdb stop' if you got a prompt to create a database the first time you ran msfconsole, and if you have a ~/.msf4/database.yml file and ~/.msf4/db directory (you shouldn't have these if you were running as root)
  • rm /etc/apt/sources.list.d/metasploit-framework.list, or edit the file and comment out the top line with a # character
  • run 'apt-get update; apt-get install metasploit-framework' to revert back to the original Kali package
  • rm or move ~/.msf4/database.yml, ~/.msf4/initial_setup_complete and ~/.msf4/db if they exist

I'd be happy help improve the experience for future versions; typically we haven't been testing the installs with armitage, but that's a good point.

@FalcoGer
Copy link
Author

Thank you for the quick reply.
I can not run msfdb as root, which I do since I'm the only user on my laptop, and most of the tools require to run as root anyway.
I find this odd, since the database runs on my root account, was initialized on it. And I could at one point run msfdb as root, resetting it, hoping it would solve my issues. In fact after reverting I could do so again.
I stopped postgresql service and deleted /usr/share/metasploit-framework/config/database.yml as I couldn't do msfdb stop at the suggested time, doing a reinit afterwards and changing the pool to 200 as suggested. Also changed timeout to 50 from 5, assuming it is in milliseconds.
I did not have any database files in ~/.msf4/

I do have the old version back now, although armitage still doesn't work.
on term after startup:

armitage
[-] Timed out while executing 'db_status' last read = {data=, busy=false, prompt=msf > }; current prompt = 'msf > '
[-] Timed out while executing 'setg' last read = {data=, busy=false, prompt=msf > }; current prompt = 'msf > '
[-] Timed out while executing 'db_connect msf:"b1QEYTXns2dMrudyNkkW8AwhqDdUAbAAYif2qQRvTVQ="@localhost:5432/msf' last read = {data=, busy=false, prompt=msf > }; current prompt = 'msf > '
[] Warning: @(armitage.ConsoleQueue@216aabc1, 'x', '') at preferences.sl:425
[-] Timed out while executing 'use windows/meterpreter/reverse_tcp' last read = {data=, busy=false, prompt=msf > }; current prompt = 'msf > '
[
] Used the tab method:
[-] Timed out while executing 'show exploits' last read = {data=, busy=false, prompt=msf > }; current prompt = 'msf > '
[] Remote Exploits Synced
[-] Timed out while executing 'jobs' last read = {data=, busy=false, prompt=msf > }; current prompt = 'msf > '
[
] Starting Cortana on
[*] Creating a default reverse handler... 0.0.0.0:27110

armitage console (nothing appears on term when I type this):
msf > db_status
msf > help
msf > search php type:exploit
msf > echo test

I can use the UI without any problems, it just doesn't do anything.
I guess that's not really a problem belonging here though.
Thanks for your support. I wish you would update the installation instructions, to make it clear how to remove it all.

edit: after msfdb reinit, it would delete the environment variable MSF_DATABASE_CONFIG
Also there doesn't seem to be a location specification inside that database.yml file where the actual database is found. Maybe armitage thinks the database is in another spot, than msfconsole, but can't find it, even though the config file is valid?

@busterb
Copy link
Member

busterb commented Dec 11, 2015

This is a point of divergence between Kali Linux's installation and the more general omnibus installers.

Kali assumes you have a system-wide PostgreSQL instance that is the right version to work with metasploit. So, msfdb in Kali Linux's package is written to make that assumption, and assumes you are running as root.

The omnibus installers instead assume that you are not running as root, and do not have a system-wide postgresql installation, so the database server is bundled in, and the database runs as the user who is using framework with data instead stored in the user's home directory. Omnibus does have a special Kali Linux exception, where if it sees the system-wide database, it will try using that (and it will bail if running as root).

rapid7/metasploit-omnibus@ba405f6

I thought we had bundled the uninstall bits for Linux into 'msfremove' command, but apparently we only added it for OS X and Windows. Will make sure we add Linux as well:

https://github.com/rapid7/metasploit-omnibus/blob/master/config/templates/metasploit-framework-wrappers/msfremove.erb

I'm not sure how Kali's armitage package determines where the database config is, but I think you're right, this is probably now beyond the scope of this issue. Thanks for the feedback.

@bcook-r7
Copy link
Contributor

I made a ticket on the omnibus repo to simplify removal. Closing this out.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants