Metasploit Database Configuration | Setting Up database.yml for Persistent PostgreSQL Connection in Kali Linux

Introduction

Metasploit is one of the most powerful penetration testing frameworks, widely used by ethical hackers and security researchers to exploit vulnerabilities and conduct penetration tests. To store and manage scanned hosts, services, and exploit results efficiently, Metasploit integrates with PostgreSQL as its database.

By default, Metasploit does not always connect automatically to the database, which means you may have to manually enter the db_connect command each time you start msfconsole. However, configuring the database.yml file allows Metasploit to establish a persistent database connection automatically.

In this guide, we will go through the step-by-step process of configuring the Metasploit database by setting up the database.yml file in Kali Linux.

Why Manual db_connect is Needed Every Time?

By default, when you start Metasploit using msfconsole, it does not automatically connect to the PostgreSQL database unless it has been explicitly configured.

If you run the following command in Metasploit:

db_status

You might see:

[*] postgresql selected, no connection

This means Metasploit recognizes PostgreSQL but is not connected. You can manually connect by running:

db_connect user:[email protected]:5432/msf_database

However, this manual connection needs to be done every time msfconsole is restarted unless we configure database.yml.

Step 1: Install and Start PostgreSQL

Before setting up a persistent database connection, ensure that PostgreSQL is installed and running.

1. Install PostgreSQL (If Not Installed)

Run the following command to install PostgreSQL:

sudo apt update && sudo apt install postgresql postgresql-contrib -y

2. Start PostgreSQL Service

Once installed, start the PostgreSQL service using:

sudo systemctl start postgresql

To enable it on startup:

sudo systemctl enable postgresql

3. Verify PostgreSQL Status

Check if PostgreSQL is running with:

sudo systemctl status postgresql

If it is active, you should see output like:

● postgresql.service - PostgreSQL RDBMS
   Loaded: loaded (/lib/systemd/system/postgresql.service; enabled; vendor preset: enabled)
   Active: active (running)

Step 2: Create a Database and User for Metasploit

Now, we need to create a database and user that Metasploit will use.

1. Switch to PostgreSQL User

sudo -i -u postgres

2. Open PostgreSQL Console

psql

3. Create a New Database

CREATE DATABASE msf_database;

4. Create a User and Set a Password

CREATE USER msf_user WITH PASSWORD 'yourpassword';

(Replace 'yourpassword' with a strong password.)

5. Grant Privileges to the User

GRANT ALL PRIVILEGES ON DATABASE msf_database TO msf_user;

6. Exit PostgreSQL Console

\q

7. Return to Normal User Mode

exit

Now, PostgreSQL is properly set up, and we can move on to configuring Metasploit.

Step 3: Creating and Editing the database.yml File

To ensure that Metasploit connects to the database automatically, we need to create and configure the database.yml file.

1. Navigate to the Metasploit Configuration Directory

Run:

sudo mkdir -p /usr/share/metasploit-framework/config

2. Create the database.yml File

sudo nano /usr/share/metasploit-framework/config/database.yml

3. Add the Following Configuration

Copy and paste the following lines into the database.yml file:

production:
  adapter: postgresql
  database: msf_database
  username: msf_user
  password: yourpassword
  host: 127.0.0.1
  port: 5432
  pool: 256
  timeout: 5

Replace yourpassword with the actual password you set for msf_user.

4. Save and Exit

• Press CTRL + X

• Press Y to confirm changes

• Press Enter to save the file

Step 4: Setting Appropriate File Permissions

To ensure Metasploit can read database.yml, we need to set the correct file permissions.

1. Set the Correct File Permissions

sudo chmod 644 /usr/share/metasploit-framework/config/database.yml

This command makes the file readable while preventing unauthorized modifications.

2. Verify File Permissions

To check the file permissions, use:

ls -l /usr/share/metasploit-framework/config/database.yml

The output should show:

-rw-r--r-- 1 root root 123 Jan 1 12:34 /usr/share/metasploit-framework/config/database.yml

Step 5: Verifying Automatic Database Connection on msfconsole Startup

Now that everything is configured, we can check if Metasploit connects to the database automatically.

1. Restart PostgreSQL and Metasploit

First, restart PostgreSQL:

sudo systemctl restart postgresql

Then, start Metasploit:

msfconsole

2. Check Database Connection

Inside msfconsole, run:

db_status

If everything is set up correctly, you should see:

[*] Connected to msf_database. Connection type: postgresql.

Now, every time you start Metasploit, it will automatically connect to the database without requiring manual db_connect commands.

Conclusion

By following this guide, you have successfully configured Metasploit for persistent database connection in Kali Linux. Now, you don’t have to manually enter db_connect every time you start msfconsole.

Key Takeaways:

 Installed and started PostgreSQL
 Created a Metasploit database and user
 Configured the database.yml file for automatic connection
 Set proper file permissions for security
 Verified that Metasploit connects automatically

Now, your Metasploit framework is fully integrated with PostgreSQL, making it faster and more efficient for penetration testing.

FAQs:

What is Metasploit used for?

Metasploit is a penetration testing framework that allows security professionals to exploit vulnerabilities, perform security assessments, and test system defenses.

Why does Metasploit need a database?

A database helps Metasploit store, retrieve, and manage scanned hosts, services, vulnerabilities, and exploit results efficiently.

What is the role of PostgreSQL in Metasploit?

PostgreSQL acts as Metasploit's database backend, storing information about scanned systems, exploited targets, and network services.

Why do I have to run db_connect every time?

If Metasploit is not configured with database.yml, it does not establish a persistent database connection and requires manual connection each session.

How do I install PostgreSQL on Kali Linux?

Run the following command:

How do I start PostgreSQL on Kali Linux?

Use the command:

How do I enable PostgreSQL to start on boot?

Run:

How do I check if PostgreSQL is running?

Use:

How do I create a database for Metasploit?

Switch to PostgreSQL and run:

How do I create a user for Metasploit?

Run:

What privileges does the Metasploit user need?

The user needs full privileges on the database, granted with:

Where is the Metasploit configuration directory located?

It is located at:

How do I create the database.yml file?

Run:

What should be in the database.yml file?

The file should include:

What file permissions should database.yml have?

Set it to read-only for security:

How do I check if Metasploit is connected to the database?

Run:

What message confirms a successful connection?

You should see:

What if db_status says "no connection"?

Ensure PostgreSQL is running with:

How do I manually connect Metasploit to the database?

Use:

How can I restart PostgreSQL?

Run:

What is the purpose of chmod 644 on database.yml?

It ensures that only the owner (root) can modify the file, while others can read it but not change it.

Can I use Metasploit without a database?

Yes, but you won’t be able to store scan results, exploits, or vulnerabilities efficiently.

What is the impact of not configuring database.yml?

Without database.yml, you must manually connect to the database every time you start Metasploit.

How can I list all databases in PostgreSQL?

Run:

How do I switch to the PostgreSQL shell?

Run:

How do I remove an existing database configuration?

Delete the database.yml file:

How do I reset my Metasploit database?

Drop and recreate it in PostgreSQL:

How can I log out of the PostgreSQL shell?

Type:

Why is PostgreSQL the preferred database for Metasploit?

PostgreSQL is highly efficient, scalable, and well-integrated with Metasploit for handling large penetration testing data sets.

How do I uninstall PostgreSQL from Kali Linux?

Run: