Barry Shteiman

Confessions Of A Dangerous Mind

Database Enumeration Module (for MSF)

Introducing enum_db for Metasploit Framework

Alright, so over the weekend I had time to convert some of my old scripts into ruby, because you have to keep your mind sharp in some way or another … when it occurred to me that I haven’t contributed to any open source project in a long long looooooooong time. so with the help of some VMs and a few spare hours, I converted a script that I wrote back in the days which I used to use quite a lot for pen testing purposes in different projects. I have committed it into the Metasploit Framework repository and it is now publicly available for the community usage.

enum_db, What does it do ?

enum_db is a post exploitation module (in the MSF repository as post/windows/gather/enum_db) that operates as an enumerator over a meterpreter session on Windows, and evaluates which Database flavors are installed on the host, and which Instances and Ports are available on them.

It supports Mssql, Mysql , Oracle, Sybase, DB2. and uses the vendor specific methods of identifying database installations, instances and connection ports.

There are 3 outputs are available once databases are enumerated as expected – on screen results, loot of the enumeration process and a service report that adds the discovered services to the MSF service table.

How do I get it and run it ?

As a Metasploit pen tester, you should have access to update the repository every now and then, and therefor a simple msfupdate should do the trick.

In order to use the module, you need to first obtain a meterpreter session (I am not going to dive into that, that is part of the pen testing scope of work and knowledge), you then need to issue the following command : run post/windows/gather/enum_db.

Final Words

This is of course an Open Source contribution to the project, and therefor is available to everyone who wishes to use it. use for good not for evil.


Leave a Reply

Your email address will not be published. Required fields are marked *