SECTORIX

Confessions of a Dangerous Mind

Database Enumeration Module (for MSF)

Introducing enum_db for Metasploit Framework

Alright, so over the weekend I had time to convert some of my old scripts into ruby, because you have to keep your mind sharp in some way or another … when it occurred to me that I haven’t contributed to any open source project in a long long looooooooong time. so with the help of some VMs and a few spare hours, I converted a script that I wrote back in the days which I used to use quite a lot for pen testing purposes in different projects. I have committed it into the Metasploit Framework repository and it is now publicly available for the community usage.

enum_db, What does it do ?

enum_db is a post exploitation module (in the MSF repository as post/windows/gather/enum_db) that operates as an enumerator over a meterpreter session on Windows, and evaluates which Database flavors are installed on the host, and which Instances and Ports are available on them.

It supports Mssql, Mysql , Oracle, Sybase, DB2. and uses the vendor specific methods of identifying database installations, instances and connection ports.

There are 3 outputs are available once databases are enumerated as expected – on screen results, loot of the enumeration process and a service report that adds the discovered services to the MSF service table.

How do I get it and run it ?

As a Metasploit pen tester, you should have access to update the repository every now and then, and therefor a simple msfupdate should do the trick.

In order to use the module, you need to first obtain a meterpreter session (I am not going to dive into that, that is part of the pen testing scope of work and knowledge), you then need to issue the following command : run post/windows/gather/enum_db.

Final Words

This is of course an Open Source contribution to the project, and therefor is available to everyone who wishes to use it. use for good not for evil.

,

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>