setting up armitage on ubuntu with a postgres db

update: as someone commented below, armitage is now distributed with metasploit. there is no need to follow these directions any more, they are depreciated.

i wanted a pretty gui to show off some metasploit functionality recently which led me to armitage.

i use (and love) backtrack 4, as does most of the world, but i also have a ubuntu based distro (mint 10, which is based on ubuntu 10.10) that i like to use. i found a lot of tutorials on how to install armitage on backtrack, but hardly anything on installing armitage on a non-backtrack machine, and practically nothing for installing armitage on ubuntu with a postgres backend. i decided i wanted to install armitage on the mint machine using postgres (per the armitage recommendation here) and not finding any good instructions, i thought i would give it a go and document. here we go:

first, you need to have some of the basics installed. i will leave it to others to describe how to install these if you need help (others == google).

  1. java 1.6 (has to be the official oracle java version)
  2. metasploit 3.5+

next, lets install postgres:

sudo apt-get install postgresql-8.4

now that postgres is installed, we need to create a db and a user for armitage to use. i su’ed to the postgres user to do this:

 

su -
su - postgres
psql
CREATE USER postgres_user WITH SUPERUSER password 'postgres_password';
CREATE DATABASE msf3db;
q

next, go to your metasploit directory (/opt/metasploit3/bin in my case) and start up the rpc service (as root):

sudo ./msfrpcd -f -U msf_user -P msf_password -t Basic

lastly, go to where you extracted armitage and run the shell script (you can run it as a normal user, you don’t have to be root). you will run ./armitage.sh and once you have the correct parameters entered, click “connect”.

the parameters are:

  • host: 127.0.0.1
  • port: 55553
  • ssl: should be checked
  • user: msf_user
  • pass: msf_password
  • db driver: postgresql
  • db connect string: postgres_user:”postgres_password”@127.0.0.1/msf3db

thats it! here is what you should be looking at once you get done:

note #1: it seems armitage doesn’t like underscores in the db name
note #2: if you need help in postgres, type ? (a lot of commands in postgres start with a “”)


11 Comments

  1. Why is there no mention of starting the POSTGRES server? I get errors everytime I try to CONNECT following these instructions. Does the POSTGRES server not have to be running. I get a java.net socket error when I try to connect.

  2. joshua.smith

    hi CB,

    there is no mention of starting postgres because the ‘sudo apt-get install postgresql-8.4′ should start the service for you.

    about the java.net socket error, a couple of things you could look at (and i am assuming you are on something ubuntu based and are using msf 3.5+)
    - is the required java installed? (sudo apt-get install sun-java6-plugin)
    - can you connect to the db from the command line? (like the first screenshot where i issued the ‘psql’ command and added a user and db)
    - have you done a restart of the machine?

    that would be where i would start. good luck!

  3. hei, dude… what the password (su -) ??? i tired to try.. result always some ” authentication failure”

    • joshua.smith

      hi jongos,

      the password you need to ‘su -’ is your user password that you log onto ubuntu/mint/etc with. its the same password you use to sudo commands as well.

  4. Souseiki

    hey great guide managed to get through most of it except i cant seem to get my metasploit database into the terminal im running 10.4 every time i enter in the line of code it just says this is a directory am i missing something?

    • joshua.smith

      hi souseiki,

      i am not sure what you mean when you say “i cant seem to get my metasploit database into the terminal”, and what line of code says “this is a directory”. you will have to give some more detail before i could offer any guidance.

  5. what is msf_user and password???????

    • joshua.smith

      tous,

      msf_user and msf_password is what you defined when you started the msf rpc deamon with the following command:
      sudo ./msfrpcd -f -U msf_user -P msf_password -t Basic

  6. Since this blog post was written, Armitage was included in the Metasploit framework. You don’t need to follow these steps any more. The Metasploit full set up installer creates a database for you and Armitage will pick up these settings if you run it by typing armitage (the one in your $PATH installed by Metasploit) and not ./armitage.sh. One last tip–if you get stuck, click the Help button in the set up dialog to read an up to date troubleshooting guide.

  7. mendi1981

    hi,
    my problem is when i start armitage .. don’t see Use SSl checkbox and DB driver/DB connect string textBox..

    I’m using metasploit framework 4.2, but a try to download and use armitage from http://www.fastandeasyhacking.com/ but the problem continue..

    What can be the problem?

    Thank you

    • joshua.smith

      mendi1981,

      this article is no longer applicable. you should install metasploit 4.x as armitage is now bundled with metasploit by default.

Trackbacks/Pingbacks

  1. Tweets that mention setting up armitage on ubuntu with a postgres db | toastresearch.com -- Topsy.com - [...] This post was mentioned on Twitter by Rob Fuller. Rob Fuller said: RT @armitagehacker: Setting up Armitage on Ubuntu …
  2. Configuracion de Armitage sobre ubuntu 10.10 « Juan Oliva - [...] Fuente http://toastresearch.com/2010/12/24/setting-up-armitage-on-ubuntu-with-a-postgres-db/ [...]

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>