How to Set Up and Connect Metasploit with PostgreSQL on Kali Linux for Advanced Penetration Testing

Metasploit is a powerful penetration testing framework, but without a database, it cannot efficiently store and manage scanned hosts, services, and vulnerabilities. Integrating Metasploit with PostgreSQL allows ethical hackers to organize and retrieve scan results effectively. This guide provides a step-by-step approach to installing and configuring PostgreSQL on Kali Linux, creating a Metasploit database, connecting Metasploit to the database, troubleshooting common errors, and setting up automatic database connections. By following this guide, security professionals can optimize their penetration testing workflow and utilize Metasploit's full potential.

  Security   Mar 28, 2025   63  Add to Reading List
How to Set Up and Connect Metasploit with PostgreSQL on Kali Linux for Advanced Penetration Testing

Introduction

Metasploit is one of the most powerful penetration testing frameworks used by ethical hackers and security professionals. However, to enhance its functionality, integrating Metasploit with a PostgreSQL database is crucial.

By default, Metasploit can run without a database, but this limits its ability to store and retrieve scan results, exploit data, vulnerabilities, and service information efficiently.

Why Integrate Metasploit with PostgreSQL?

Setting up a database connection allows you to:

  • Store and organize scan results

  • Retrieve information quickly

  • Run advanced queries for better data analysis

  • Automate penetration testing workflows

In this guide, we’ll walk through step-by-step instructions to install, configure, and connect Metasploit to PostgreSQL on Kali Linux.

Step 1: Install and Start PostgreSQL

Install PostgreSQL

Ensure PostgreSQL is installed on your Kali Linux system: 

sudo apt update && sudo apt install postgresql postgresql-contrib -y

Start PostgreSQL Service

After installation, start the PostgreSQL service: 

sudo systemctl start postgresql

Verify PostgreSQL is Running

To confirm that the service is running, check its status: 

sudo systemctl status postgresql

Enable PostgreSQL at Boot

To make PostgreSQL start automatically on system boot: 

sudo systemctl enable postgresql

Step 2: Create a Metasploit Database and User

Metasploit requires a dedicated PostgreSQL database and user. Follow these steps:

Switch to PostgreSQL User

sudo -i -u postgres

Access PostgreSQL Command Line

psql

Create a New Database User

Replace msf_user with your preferred username and yourpassword with a strong password: 

CREATE USER msf_user WITH PASSWORD 'yourpassword';

Create a Metasploit Database

CREATE DATABASE msf_database OWNER msf_user;

Grant Privileges to the User

GRANT ALL PRIVILEGES ON DATABASE msf_database TO msf_user;

Exit PostgreSQL Shell

\q
exit

Step 3: Connect Metasploit to PostgreSQL

Now, start Metasploit: 

msfconsole

Inside msfconsole, connect to the database: 

db_connect msf_user:[email protected]:5432/msf_database

To confirm the connection, run: 

db_status

If the setup is successful, you should see: 

[*] Connected to msf_database. Connection type: postgresql.

Step 4: Fix "No Database Connection" Issue

If db_status shows "No Database Connection", try the following troubleshooting steps:

1. Ensure PostgreSQL is Running

sudo systemctl status postgresql

If it’s not running, start it: 

sudo systemctl start postgresql

2. Check if the Database Exists

List available databases: 

sudo -i -u postgres
psql -c "\l"

If msf_database is missing, recreate it using Step 2.

3. Restart Metasploit and Reconnect

exit
msfconsole
db_connect msf_user:[email protected]:5432/msf_database
db_status

Step 5: Configure Persistent Database Connection

Instead of manually connecting every time, configure Metasploit for automatic database connection.

1. Create the Metasploit Configuration Directory

sudo mkdir -p /usr/share/metasploit-framework/config

2. Create and Edit database.yml

sudo nano /usr/share/metasploit-framework/config/database.yml

3. Add the Following Configuration

development:
  adapter: "postgresql"
  database: "msf_database"
  username: "msf_user"
  password: "yourpassword"
  port: 5432
  host: "127.0.0.1"
  pool: 256
  timeout: 5

production:
  adapter: "postgresql"
  database: "msf_database"
  username: "msf_user"
  password: "yourpassword"
  port: 5432
  host: "127.0.0.1"
  pool: 256
  timeout: 5

Save the file (CTRL + X, then Y, and press Enter).

4. Set Correct File Permissions

sudo chmod 644 /usr/share/metasploit-framework/config/database.yml

5. Restart Metasploit and Verify

msfconsole
db_status

If the output shows connected, Metasploit is now set up to automatically use PostgreSQL.

Step 6: Using Metasploit with the Database

Once connected, you can use database-related Metasploit commands:

List Available Workspaces

workspace

Create a New Workspace

workspace -a penetration_test

List All Discovered Hosts

hosts

View Services Running on Hosts

services

Check Discovered Vulnerabilities

vulns

Store Nmap Scan Results in the Database

db_nmap -sV -p- 192.168.1.1

Conclusion

By following this guide, you have successfully:

 Installed and started PostgreSQL on Kali Linux
 Created a database and user for Metasploit
 Connected Metasploit to the database
 Fixed common database connection issues
 Configured Metasploit for automatic database connection
 Learned how to use database features in Metasploit

Now, you can efficiently manage scan results, exploits, vulnerabilities, and services in Metasploit using PostgreSQL. This setup enhances your penetration testing workflow, making it more structured and efficient.

Tags

Join Our Upcoming Class! Click Here to Join
Join Our Upcoming Class! Click Here to Join