To start they had the command “./msfconsole”, which did not work for me. It started with “msfconsole”. The initial run created the initial database. The “db_status” command also worked.
I did not seem to need to do the “service postgresql start” command. I did a search and received a message: Module database cache not built yet, using slow search. To build the cache do “db_rebuild_cache”. This worked, link. Now my searches work.
67 WordPress vulnerabilities
6 Drupal vulnerabilities
downloaded from http://www.fastandeasyhacking.com. Installed into /home
Now looking for database.yml file, located in /home/.msf4 directory. Need to set MSF_DATABASE_CONFIG variable.
-set the environment variable export MSF_DATABASE_CONFIG=~/.msf4/database.yml
$ export MSF_DATABASE_CONFIG=~/.msf4/database.yml
-armitage is looking for a password in the database.yml file. edit it and the password field is blank. Add a password and save.
./armitage, and it will start up.-permanently set environment variable https://askubuntu.com/questions/58814/how-do-i-add-environment-variables https://help.ubuntu.com/community/EnvironmentVariables
-check environment variable printenv
-set in .bashrc https://www.digitalocean.com/community/tutorials/how-to-read-and-set-environmental-and-shell-variables-on-a-linux-vps
Also installed nmap with “sudo apt-get install nmap”. Excellent videos from thenewboston
nmap site-name or IP-address
States: open, filtered (firewall protected), unfiltered (cannot determine), closed (responds but no services running)
Indepth scan: OS, versions, traceroute
return service and version
nmap -p number-of-port/service-name ip
Only display open ports
save to a file
nmap -oN file-name
Win XP Exploits
search for your exploit
set RHOST ipaddress
set payload paste-whatever
check for patch kb958644
On Win XP, from dos, list system files: dir /a:hd
-send to file “dir > file-name”