Introducing enum_db for Metasploit Framework
Alright, so over the weekend I had time to convert some of my old scripts into ruby, because you have to keep your mind sharp in some way or another … when it occurred to me that I haven’t contributed to any open source project in a long long looooooooong time. so with the help of some VMs and a few spare hours, I converted a script that I wrote back in the days which I used to use quite a lot for pen testing purposes in different projects. I have committed it into the Metasploit Framework repository and it is now publicly available for the community usage.
enum_db, What does it do ?
enum_db is a post exploitation module (in the MSF repository as post/windows/gather/enum_db) that operates as an enumerator over a meterpreter session on Windows, and evaluates which Database flavors are installed on the host, and which Instances and Ports are available on them.
It supports Mssql, Mysql , Oracle, Sybase, DB2. and uses the vendor specific methods of identifying database installations, instances and connection ports.
There are 3 outputs are available once databases are enumerated as expected – on screen results, loot of the enumeration process and a service report that adds the discovered services to the MSF service table.
How do I get it and run it ?
As a Metasploit pen tester, you should have access to update the repository every now and then, and therefor a simple msfupdate should do the trick.
In order to use the module, you need to first obtain a meterpreter session (I am not going to dive into that, that is part of the pen testing scope of work and knowledge), you then need to issue the following command : run post/windows/gather/enum_db.
This is of course an Open Source contribution to the project, and therefor is available to everyone who wishes to use it. use for good not for evil.