Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add enhanced msfdb with web service support #10410

Merged
merged 15 commits into from
Aug 7, 2018
Merged

Add enhanced msfdb with web service support #10410

merged 15 commits into from
Aug 7, 2018

Conversation

mkienow-r7
Copy link
Contributor

@mkienow-r7 mkienow-r7 commented Aug 1, 2018
edited
Loading

Adds enhanced msfdb script to manage a Metasploit Framework database and web service. This is derived from the msfdb script in the rapid7/metasploit-omnibus repo. The script provides command line options to control a number of default values used in the original msfdb when creating and initializing the database. If none of the database related options are modified the script should operate as it did before.

If the --component option is not provided then the command will be executed for the database followed by the web service. This default mode of operation is useful when first setting up the database and web service. The component may be specified if the user wishes to make changes to a given component independent of the other.

By default SSL is enabled and the script will generate a fake "snakeoil" SSL certificate using Rex::Socket::Ssl.ssl_generate_certificate if one is not provided. The generated SSL certificate uses a random common name (CN) which will not match your hostname and thus you will need to make appropriate accommodations when operating with such a certificate. Please generate your own SSL certificate and key instead and supply those to msfdb using the --ssl-cert-file and --ssl-key-file options, and enable SSL verification by passing the option --no-ssl-disable-verify.

Usage: msfdb [options] <command>
Manage a Metasploit Framework database and web service

General Options:
        --component COMPONENT        Component used with provided command (default: all)
                                       (database, webservice)
    -d, --debug                      Enable debug output

Database Options:
        --msf-db-name NAME           Database name (default: msf)
        --msf-db-user-name USER      Database username (default: msf)
        --msf-test-db-name NAME      Test database name (default: msftest)
        --msf-test-db-user-name USER Test database username (default: msftest)
        --db-port PORT               Database port (default: 5433)
        --db-pool MAX                Database connection pool size (default: 200)

Web Service Options:
    -a, --address ADDRESS            Bind to host address (default: localhost)
    -p, --port PORT                  Web service port (default: 8080)
        --[no-]ssl                   Enable SSL (default: true)
        --ssl-key-file PATH          Path to private key (default: /home/msfdev/.msf4/msf-ws-key.pem)
        --ssl-cert-file PATH         Path to certificate (default: /home/msfdev/.msf4/msf-ws-cert.pem)
        --[no-]ssl-disable-verify    Disables (optional) client cert requests (default: true)
        --environment ENV            Web service framework environment (default: production)
                                       (production, development)
        --retry-max MAX              Maximum number of web service connect attempts (default: 10)
        --retry-delay DELAY          Delay in seconds between web service connect attempts (default: 5.0)
        --user USER                  Initial web service admin username (default: )

Commands:
  init     initialize the component
  reinit   delete and reinitialize the component
  delete   delete and stop the component
  status   check component status
  start    start the component
  stop     stop the component
  restart  restart the component

Verification

Note, manually backup your database configuration and DB directory before testing since the script will be making changing or deleting files.

  • If you already have an existing database execute msfdb reinit, otherwise, msfdb init and follow prompts to initialize both a database and web service
  • Verify a web service username, password and API token are provided when the script completes
  • Execute msfdb status
  • Verify the status reports that both database and web service are running
  • Execute curl --insecure https://localhost:8080/api/v1/msf/version | python -m json.tool
  • Verify a JSON "Authenticate to access this resource" error message is returned
  • Execute curl --insecure -H "Accept: application/json" -H "Authorization: Bearer <token>" https://localhost:8080/api/v1/msf/version | python -m json.tool
  • Open a web browser and navigate to https://localhost:8080/api/v1/auth/account. You will need to add an exception in the browser for the fake SSL certificate to get the page to load.
  • Verify You can click Log In and use the username and password provided earlier by msfdb to log in to the web interface, log out and close the browser.
  • Test msfdb with various options and commands and verify that they operate as expected
  • Start msfconsole
  • Add the data service that was started using information provided by the msfdb script. The command will look something like the following: data_services --add --token <token> --ssl --cert ~/.msf4/msf-ws-cert.pem --skip-verify localhost
  • Exploit a host, pull creds and loot
  • Verify use of various commands (hosts, loot, vulns, services, etc.) that create, read, update and delete data work as expected

@mkienow-r7
Add enhanced msfdb with web service support
f458031 
Derived from the msfdb script in the metasploit-omnibus repo.
@mkienow-r7 mkienow-r7 added the msf5 label Aug 1, 2018
@mkienow-r7
Copy link
Contributor Author

Jenkins test this please.

jbarnett-r7
jbarnett-r7 reviewed Aug 1, 2018
View reviewed changes
msfdb Outdated
puts "Please attempt to upgrade the database manually using pg_upgrade."
end
if !fixed
if ask_yn('If your database is corrupt, would you to reinitialize it?')
Copy link
Contributor

@jbarnett-r7 jbarnett-r7 Aug 1, 2018
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Typo here: would you to reinitialize it?. Missing ... you like to ...?

Copy link
Contributor Author

@mkienow-r7 mkienow-r7 Aug 1, 2018
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good catch! I overlooked this from the original script.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also, after re-reading it, the beginning part is confusing. If your database is corrupt... sounds like they are assuming I know if my database is corrupt or not. Maybe something like Your database may be corrupt...?

@jbarnett-r7
Copy link
Contributor

I somehow got myself in some loop of failures and nothing ever seems to resolve:

If your database is corrupt, would you to reinitialize it?: yes
Deleting all data at /home/jbarnett/.msf4/db
Database is no longer running at /home/jbarnett/.msf4/db
Delete database configuration at /home/jbarnett/.msf4/database.yml?: yes
Creating database at /home/jbarnett/.msf4/db
Starting database at /home/jbarnett/.msf4/db...failed
LOG:  database system is shut down
If your database is corrupt, would you to reinitialize it?: yes
Deleting all data at /home/jbarnett/.msf4/db
Database is no longer running at /home/jbarnett/.msf4/db
Delete database configuration at /home/jbarnett/.msf4/database.yml?: yes
Creating database at /home/jbarnett/.msf4/db
Starting database at /home/jbarnett/.msf4/db...failed
LOG:  database system is shut down
If your database is corrupt, would you to reinitialize it?: no
Database not started, try again?: no
Creating database users
Creating initial database schema
Starting database at /home/jbarnett/.msf4/db...failed
LOG:  database system is shut down
If your database is corrupt, would you to reinitialize it?: no
Database not started, try again?: no
Creating database users
Creating initial database schema
Starting database at /home/jbarnett/.msf4/db...failed
LOG:  database system is shut down
If your database is corrupt, would you to reinitialize it?: yes
Deleting all data at /home/jbarnett/.msf4/db
Database is no longer running at /home/jbarnett/.msf4/db
Delete database configuration at /home/jbarnett/.msf4/database.yml?: yes
Creating database at /home/jbarnett/.msf4/db
Starting database at /home/jbarnett/.msf4/db...failed
LOG:  database system is shut down
If your database is corrupt, would you to reinitialize it?:

If I type no at If your database is corrupt, would you to reinitialize it?: then it creates users, tries to start the DB and fails, bringing me back to the same point. If I type yes it deletes my existing configuration and then tries starting again, and fails. Not sure how to get out of this loop.

This also begs the question, should we keep looping like this for users? Or maybe after a few tries, or a specific error, we send them somewhere for more help?

@mkienow-r7
Fix database name typo in privs for development
2c2af11 
Also updates authentication method to trust, but verify. Change made
to original script in parallel see rapid7/metasploit-omnibus/rapid7#73.
@mkienow-r7
Reword prompt from original script
ca1359b
@jbarnett-r7
Copy link
Contributor

I was able to get past the above errors by changing the permissions on /var/run/postgresql to 777. It was trying to create a lock file in there but didn't have write permission, only the postgres user did.

Now that the script can start the database I keep getting the following message when it tries to start the web service.

jbarnett@nexpose-dev:~/goliath$ ./msfdb init
Found a database at /home/jbarnett/.msf4/db, checking to see if it is started
Database already started at /home/jbarnett/.msf4/db
Found web service config at /home/jbarnett/.msf4/msf-ws-config.ru, do you want to overwrite it?: yes
Initial MSF web service account username?[jbarnett]: 
Either MSF web service SSL key /home/jbarnett/.msf4/msf-ws-key.pem or certificate /home/jbarnett/.msf4/msf-ws-cert.pem already exist, overwrite both?: yes
Generating SSL key and certificate for MSF web service
Starting MSF web service
MSF web service not started

We should probably have some sort of help text here, or send the user in some sort of direction on how to resolve the issue.

@jbarnett-r7
Copy link
Contributor

jbarnett-r7 commented Aug 2, 2018
edited
Loading

Getting the following error in the msf-ws.log file when attempting to run the creds command from msfconsole:

2018-08-02 10:17:24 - NoMethodError - undefined method `print_error' for #<MetasploitApiApp:0x0000000006bdc1c0>:
	/home/jbarnett/goliath/lib/msf/core/db_manager/http/servlet_helper.rb:51:in `print_error_and_create_response'
	/home/jbarnett/goliath/lib/msf/core/db_manager/http/servlet/credential_servlet.rb:40:in `rescue in block in get_credentials'
	/home/jbarnett/goliath/lib/msf/core/db_manager/http/servlet/credential_servlet.rb:25:in `block in get_credentials'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1611:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1611:in `block in compile!'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:975:in `block (3 levels) in route!'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:994:in `route_eval'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:975:in `block (2 levels) in route!'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1015:in `block in process_route'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1013:in `catch'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1013:in `process_route'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:973:in `block in route!'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:972:in `each'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:972:in `route!'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1085:in `block in dispatch!'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1067:in `block in invoke'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1067:in `catch'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1067:in `invoke'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1082:in `dispatch!'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:907:in `block in call!'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1067:in `block in invoke'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1067:in `catch'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1067:in `invoke'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:907:in `call!'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:895:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/warden-1.2.7/lib/warden/manager.rb:36:in `block in call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/warden-1.2.7/lib/warden/manager.rb:35:in `catch'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/warden-1.2.7/lib/warden/manager.rb:35:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/rack-protection-1.5.5/lib/rack/protection/xss_header.rb:18:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/rack-protection-1.5.5/lib/rack/protection/base.rb:49:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/rack-protection-1.5.5/lib/rack/protection/base.rb:49:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/rack-protection-1.5.5/lib/rack/protection/path_traversal.rb:16:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/rack-protection-1.5.5/lib/rack/protection/json_csrf.rb:18:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/rack-protection-1.5.5/lib/rack/protection/base.rb:49:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/rack-protection-1.5.5/lib/rack/protection/base.rb:49:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/rack-protection-1.5.5/lib/rack/protection/frame_options.rb:31:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/rack-1.6.10/lib/rack/session/abstract/id.rb:225:in `context'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/rack-1.6.10/lib/rack/session/abstract/id.rb:220:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/rack-1.6.10/lib/rack/nulllogger.rb:9:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/rack-1.6.10/lib/rack/head.rb:13:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:182:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:2013:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1487:in `block in call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1787:in `synchronize'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1487:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:86:in `block in pre_process'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:84:in `catch'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:84:in `pre_process'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:53:in `process'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:39:in `receive_data'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/eventmachine-1.2.7/lib/eventmachine.rb:195:in `run_machine'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/eventmachine-1.2.7/lib/eventmachine.rb:195:in `run'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/thin-1.7.2/lib/thin/backends/base.rb:73:in `start'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/thin-1.7.2/lib/thin/server.rb:162:in `start'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/thin-1.7.2/lib/thin/controllers/controller.rb:87:in `start'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/thin-1.7.2/lib/thin/runner.rb:203:in `run_command'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/thin-1.7.2/lib/thin/runner.rb:159:in `run!'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/thin-1.7.2/bin/thin:6:in `<top (required)>'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/bin/thin:23:in `load'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/bin/thin:23:in `<main>'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/bin/ruby_executable_hooks:15:in `eval'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/bin/ruby_executable_hooks:15:in `<main>'

Also get the same error when running workspace -v

@jbarnett-r7
Copy link
Contributor

I was able to get the script to finish successfully, but was confused as to what to do next. We should add a line to the script output that gives the user the command to run in msfconsole to connect to the data service.

@mkienow-r7
Add print methods from HttpDBManagerService
fbc9d3e
@mkienow-r7
Rework client authentication configuration file
be2ad2b 
Restore the md5 auth-method for the postgres DB, msftest user. Use the
default client authentication config to create roles and databases
before writing our own config.
@mkienow-r7
Output web service information to help user
70b2982
@mkienow-r7
Add required env to fix unexpected behavior
b4085e6
@mkienow-r7 mkienow-r7 added the blocked Blocked by one or more additional tasks label Aug 5, 2018
@mkienow-r7
Copy link
Contributor Author

I have some additional testing to perform.

jbarnett-r7
jbarnett-r7 reviewed Aug 6, 2018
View reviewed changes
msfdb Outdated
# daemonize MSF web service
puts "Starting MSF web service"
if run_cmd("#{thin_cmd} start") == 0
puts "MSF web service started"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This message is a little misleading. See the output below:

Starting MSF web service
MSF web service started
MSF web service does not appear to be online; aborting initialize.

It says that the web service has started, but it never successfully did. I had another web server running on the same port so it never started up, but the logging makes it seem like it did.

msf-ws.log:

/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/eventmachine-1.2.7/lib/eventmachine.rb:531:in `start_tcp_server': no acceptor (port is in use or requires root privileges) (RuntimeError)
	from /home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/eventmachine-1.2.7/lib/eventmachine.rb:531:in `start_server'
	from /home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/thin-1.7.2/lib/thin/backends/tcp_server.rb:16:in `connect'
	from /home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/thin-1.7.2/lib/thin/backends/base.rb:63:in `block in start'
	from /home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/eventmachine-1.2.7/lib/eventmachine.rb:195:in `run_machine'
	from /home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/eventmachine-1.2.7/lib/eventmachine.rb:195:in `run'
	from /home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/thin-1.7.2/lib/thin/backends/base.rb:73:in `start'
	from /home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/thin-1.7.2/lib/thin/server.rb:162:in `start'
	from /home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/thin-1.7.2/lib/thin/controllers/controller.rb:87:in `start'
	from /home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/thin-1.7.2/lib/thin/runner.rb:203:in `run_command'
	from /home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/thin-1.7.2/lib/thin/runner.rb:159:in `run!'
	from /home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/thin-1.7.2/bin/thin:6:in `<top (required)>'
	from /home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/bin/thin:23:in `load'
	from /home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/bin/thin:23:in `<main>'
	from /home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/bin/ruby_executable_hooks:15:in `eval'
	from /home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/bin/ruby_executable_hooks:15:in `<main>'

@jbarnett-r7
Copy link
Contributor

If the database is not running the web service still appears to be started, but it cannot connect to the DB so it starts throwing errors in msf-db-ws.log:

Exiting!
Writing PID to /home/jbarnett/.msf4/msf-ws.pid
Thin web server (v1.7.2 codename Bachmanity)
Maximum connections set to 1024
Listening on localhost:8080, CTRL+C to stop
2018-08-05 21:55:17 - PG::ConnectionBad - could not connect to server: Connection refused
	Is the server running on host "127.0.0.1" and accepting
	TCP/IP connections on port 5433?
:
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/activerecord-4.2.10/lib/active_record/connection_adapters/postgresql_adapter.rb:651:in `initialize'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/activerecord-4.2.10/lib/active_record/connection_adapters/postgresql_adapter.rb:651:in `new'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/activerecord-4.2.10/lib/active_record/connection_adapters/postgresql_adapter.rb:651:in `connect'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/activerecord-4.2.10/lib/active_record/connection_adapters/postgresql_adapter.rb:242:in `initialize'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/activerecord-4.2.10/lib/active_record/connection_adapters/postgresql_adapter.rb:44:in `new'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/activerecord-4.2.10/lib/active_record/connection_adapters/postgresql_adapter.rb:44:in `postgresql_connection'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:438:in `new_connection'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:448:in `checkout_new_connection'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:422:in `acquire_connection'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:349:in `block in checkout'
	/home/jbarnett/.rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/monitor.rb:226:in `mon_synchronize'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:348:in `checkout'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:263:in `block in connection'
	/home/jbarnett/.rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/monitor.rb:226:in `mon_synchronize'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:262:in `connection'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:292:in `with_connection'
	/home/jbarnett/goliath/lib/msf/core/db_manager/user.rb:10:in `users'
	/home/jbarnett/goliath/lib/msf/core/db_manager/http/metasploit_api_app.rb:64:in `block in <class:MetasploitApiApp>'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1611:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1611:in `block in compile!'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1015:in `block in process_route'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1013:in `catch'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1013:in `process_route'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:966:in `block in filter!'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:966:in `each'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:966:in `filter!'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1084:in `block in dispatch!'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1067:in `block in invoke'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1067:in `catch'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1067:in `invoke'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1082:in `dispatch!'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:907:in `block in call!'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1067:in `block in invoke'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1067:in `catch'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1067:in `invoke'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:907:in `call!'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:895:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/warden-1.2.7/lib/warden/manager.rb:36:in `block in call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/warden-1.2.7/lib/warden/manager.rb:35:in `catch'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/warden-1.2.7/lib/warden/manager.rb:35:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/rack-protection-1.5.5/lib/rack/protection/xss_header.rb:18:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/rack-protection-1.5.5/lib/rack/protection/base.rb:49:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/rack-protection-1.5.5/lib/rack/protection/base.rb:49:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/rack-protection-1.5.5/lib/rack/protection/path_traversal.rb:16:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/rack-protection-1.5.5/lib/rack/protection/json_csrf.rb:18:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/rack-protection-1.5.5/lib/rack/protection/base.rb:49:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/rack-protection-1.5.5/lib/rack/protection/base.rb:49:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/rack-protection-1.5.5/lib/rack/protection/frame_options.rb:31:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/rack-1.6.10/lib/rack/session/abstract/id.rb:225:in `context'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/rack-1.6.10/lib/rack/session/abstract/id.rb:220:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/rack-1.6.10/lib/rack/nulllogger.rb:9:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/rack-1.6.10/lib/rack/head.rb:13:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:182:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:2013:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1487:in `block in call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1787:in `synchronize'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1487:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:86:in `block in pre_process'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:84:in `catch'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:84:in `pre_process'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:53:in `process'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:39:in `receive_data'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/eventmachine-1.2.7/lib/eventmachine.rb:195:in `run_machine'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/eventmachine-1.2.7/lib/eventmachine.rb:195:in `run'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/thin-1.7.2/lib/thin/backends/base.rb:73:in `start'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/thin-1.7.2/lib/thin/server.rb:162:in `start'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/thin-1.7.2/lib/thin/controllers/controller.rb:87:in `start'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/thin-1.7.2/lib/thin/runner.rb:203:in `run_command'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/thin-1.7.2/lib/thin/runner.rb:159:in `run!'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/thin-1.7.2/bin/thin:6:in `<top (required)>'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/bin/thin:23:in `load'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/bin/thin:23:in `<main>'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/bin/ruby_executable_hooks:15:in `eval'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/bin/ruby_executable_hooks:15:in `<main>'
2018-08-05 21:55:22 - PG::ConnectionBad - could not connect to server: Connection refused
	Is the server running on host "127.0.0.1" and accepting
	TCP/IP connections on port 5433?
:
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/activerecord-4.2.10/lib/active_record/connection_adapters/postgresql_adapter.rb:651:in `initialize'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/activerecord-4.2.10/lib/active_record/connection_adapters/postgresql_adapter.rb:651:in `new'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/activerecord-4.2.10/lib/active_record/connection_adapters/postgresql_adapter.rb:651:in `connect'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/activerecord-4.2.10/lib/active_record/connection_adapters/postgresql_adapter.rb:242:in `initialize'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/activerecord-4.2.10/lib/active_record/connection_adapters/postgresql_adapter.rb:44:in `new'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/activerecord-4.2.10/lib/active_record/connection_adapters/postgresql_adapter.rb:44:in `postgresql_connection'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:438:in `new_connection'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:448:in `checkout_new_connection'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:422:in `acquire_connection'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:349:in `block in checkout'
	/home/jbarnett/.rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/monitor.rb:226:in `mon_synchronize'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:348:in `checkout'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:263:in `block in connection'
	/home/jbarnett/.rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/monitor.rb:226:in `mon_synchronize'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:262:in `connection'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:292:in `with_connection'
	/home/jbarnett/goliath/lib/msf/core/db_manager/user.rb:10:in `users'
	/home/jbarnett/goliath/lib/msf/core/db_manager/http/metasploit_api_app.rb:64:in `block in <class:MetasploitApiApp>'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1611:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1611:in `block in compile!'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1015:in `block in process_route'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1013:in `catch'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1013:in `process_route'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:966:in `block in filter!'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:966:in `each'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:966:in `filter!'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1084:in `block in dispatch!'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1067:in `block in invoke'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1067:in `catch'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1067:in `invoke'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1082:in `dispatch!'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:907:in `block in call!'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1067:in `block in invoke'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1067:in `catch'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1067:in `invoke'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:907:in `call!'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:895:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/warden-1.2.7/lib/warden/manager.rb:36:in `block in call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/warden-1.2.7/lib/warden/manager.rb:35:in `catch'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/warden-1.2.7/lib/warden/manager.rb:35:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/rack-protection-1.5.5/lib/rack/protection/xss_header.rb:18:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/rack-protection-1.5.5/lib/rack/protection/base.rb:49:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/rack-protection-1.5.5/lib/rack/protection/base.rb:49:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/rack-protection-1.5.5/lib/rack/protection/path_traversal.rb:16:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/rack-protection-1.5.5/lib/rack/protection/json_csrf.rb:18:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/rack-protection-1.5.5/lib/rack/protection/base.rb:49:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/rack-protection-1.5.5/lib/rack/protection/base.rb:49:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/rack-protection-1.5.5/lib/rack/protection/frame_options.rb:31:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/rack-1.6.10/lib/rack/session/abstract/id.rb:225:in `context'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/rack-1.6.10/lib/rack/session/abstract/id.rb:220:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/rack-1.6.10/lib/rack/nulllogger.rb:9:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/rack-1.6.10/lib/rack/head.rb:13:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:182:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:2013:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1487:in `block in call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1787:in `synchronize'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1487:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:86:in `block in pre_process'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:84:in `catch'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:84:in `pre_process'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:53:in `process'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:39:in `receive_data'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/eventmachine-1.2.7/lib/eventmachine.rb:195:in `run_machine'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/eventmachine-1.2.7/lib/eventmachine.rb:195:in `run'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/thin-1.7.2/lib/thin/backends/base.rb:73:in `start'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/thin-1.7.2/lib/thin/server.rb:162:in `start'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/thin-1.7.2/lib/thin/controllers/controller.rb:87:in `start'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/thin-1.7.2/lib/thin/runner.rb:203:in `run_command'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/thin-1.7.2/lib/thin/runner.rb:159:in `run!'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/thin-1.7.2/bin/thin:6:in `<top (required)>'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/bin/thin:23:in `load'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/bin/thin:23:in `<main>'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/bin/ruby_executable_hooks:15:in `eval'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/bin/ruby_executable_hooks:15:in `<main>'
2018-08-05 21:55:27 - PG::ConnectionBad - could not connect to server: Connection refused
	Is the server running on host "127.0.0.1" and accepting
	TCP/IP connections on port 5433?
:
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/activerecord-4.2.10/lib/active_record/connection_adapters/postgresql_adapter.rb:651:in `initialize'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/activerecord-4.2.10/lib/active_record/connection_adapters/postgresql_adapter.rb:651:in `new'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/activerecord-4.2.10/lib/active_record/connection_adapters/postgresql_adapter.rb:651:in `connect'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/activerecord-4.2.10/lib/active_record/connection_adapters/postgresql_adapter.rb:242:in `initialize'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/activerecord-4.2.10/lib/active_record/connection_adapters/postgresql_adapter.rb:44:in `new'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/activerecord-4.2.10/lib/active_record/connection_adapters/postgresql_adapter.rb:44:in `postgresql_connection'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:438:in `new_connection'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:448:in `checkout_new_connection'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:422:in `acquire_connection'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:349:in `block in checkout'
	/home/jbarnett/.rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/monitor.rb:226:in `mon_synchronize'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:348:in `checkout'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:263:in `block in connection'
	/home/jbarnett/.rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/monitor.rb:226:in `mon_synchronize'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:262:in `connection'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:292:in `with_connection'
	/home/jbarnett/goliath/lib/msf/core/db_manager/user.rb:10:in `users'
	/home/jbarnett/goliath/lib/msf/core/db_manager/http/metasploit_api_app.rb:64:in `block in <class:MetasploitApiApp>'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1611:in `call'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1611:in `block in compile!'
	/home/jbarnett/.rvm/gems/ruby-2.5.1@metasploit-framework/gems/sinatra-1.4.8/lib/sinatra/base.rb:1015:in `block

To reproduce:

  • Run msfdb reinit
  • It asks if you want to overwrite your database.yml. I typed no. The script continues on to start the web service, which I think probably shouldn't happen.
  • Respond to the following commands to successfully configure and set up the web service
  • The log says the web service starts successfully, but then says that it does not appear to be online.
jbarnett@nexpose-dev:~/goliath$ ./msfdb reinit
No data at /home/jbarnett/.msf4/db, doing nothing
Found database config at /home/jbarnett/.msf4/database.yml, do you want to overwrite it?: no
Stopping MSF web service PID 29766
Delete MSF web service configuration at /home/jbarnett/.msf4/msf-ws-config.ru?: yes
Initial MSF web service account username?[jbarnett]: 
Either MSF web service SSL key /home/jbarnett/.msf4/msf-ws-key.pem or certificate /home/jbarnett/.msf4/msf-ws-cert.pem already exist, overwrite both?: yes
Generating SSL key and certificate for MSF web service
Starting MSF web service
MSF web service started
MSF web service does not appear to be online; aborting initialize.

jbarnett-r7
jbarnett-r7 reviewed Aug 6, 2018
View reviewed changes
msfdb
end

def reinit_db
delete_db
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see that this is "by design", but running msfdb reinit deletes the user's data without prompting. This caught me off guard when I got back in and was wondering why my data was not present. I feel like we should prompt the user before deleting even if it is the reinit command.

jbarnett@nexpose-dev:~/goliath$ ./msfdb reinit
Deleting all data at /home/jbarnett/.msf4/db
Stopping database at /home/jbarnett/.msf4/db
Delete database configuration at /home/jbarnett/.msf4/database.yml?: yes
Creating database at /home/jbarnett/.msf4/db
Starting database at /home/jbarnett/.msf4/db...success
Creating database users
Writing client authentication configuration file /home/jbarnett/.msf4/db/pg_hba.conf
Stopping database at /home/jbarnett/.msf4/db
Starting database at /home/jbarnett/.msf4/db...success
Creating initial database schema
MSF web service is no longer running

@mkienow-r7
Copy link
Contributor Author

Thanks for the great testing notes! Much of the control flow for the database component was left untouched from the original msfdb, however, I agree the mentioned improvements would be valuable.

@mkienow-r7 mkienow-r7 added database and removed blocked Blocked by one or more additional tasks labels Aug 7, 2018
@mkienow-r7 mkienow-r7 mentioned this pull request Aug 7, 2018
Merged
@jbarnett-r7
Copy link
Contributor

I feel like the messaging could be simpler here for the webservice status. What if I'm a noob that doesn't know what a PID file is?

jbarnett@nexpose-dev:~/goliath$ ./msfdb status
Database is not running at /home/jbarnett/.msf4/db
No MSF web service PID file found at /home/jbarnett/.msf4/msf-ws.pid

@mkienow-r7
Copy link
Contributor Author

mkienow-r7 commented Aug 7, 2018
edited
Loading

@jbarnett-r7 I’m trying to provide some context and details similar to the feedback for the database.

Database is not running at /home/jbarnett/.msf4/db

Does "MSF web service is not running: No PID file found at /home/jbarnett/.msf4/msf-ws.pid" sound better?

@jbarnett-r7 jbarnett-r7 merged commit 75249d8 into rapid7:master Aug 7, 2018
jbarnett-r7 added a commit that referenced this pull request Aug 7, 2018
@jbarnett-r7
Land #10410, add script for setting up and managing data services
201b91f 
The msfdb script allows you to create, delete, start, and
stop local and remote data services. The database backend requires
PostgreSQL and the webservice provides a REST API to interact with it.
@jbarnett-r7
Copy link
Contributor

Release Notes

Adds a script for configuring and managing the database backend and web service for REST API. See msfdb --help for more information.

@mkienow-r7 mkienow-r7 deleted the data-service-deployment branch August 15, 2018 16:53
@mkienow-r7 mkienow-r7 mentioned this pull request Jan 15, 2019
Merged
15 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jbarnett-r7 jbarnett-r7 jbarnett-r7 left review comments

Assignees
No one assigned
Labels
database msf5
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@mkienow-r7 @jbarnett-r7