Information Security Asked on December 25, 2020
Just trying to get a postgreSQL exploit (32847.txt – Low Cost Function ) from exploitdb to run in msfconsole. After pulling my hair out trying to figure out why it isn’t loading, here I am. I’m using Kali Linux, Debian 64 bit in Virtual Box, Windows Host.
So far here’s what I’ve done:
Downloaded appropriate exploit from exploitdb, placed .txt into a folder that I made, …/.msf4/modules/exploits/PostgreSQL. I run ls in command line, it’s there. Np.
Rerun terminal, updated db via -updatedb
Started msfconsole, and it did not load the exploit into msfdb (I can’t access it via “use exploit ….”. I’ve tried to update the db, I’ve tried to both copy/paste the exploit directly via GUI into the exploits folder as well as through command line.
My error is “Failed to load module: exploit/PostgreSQL/32847.txt”
Am I placing the exploit in the wrong folder or?
Please help!
There are a couple problems with what you are trying to do to use this exploit.
First, while Metasploit is an exploitation framework that any exploit could be ported to, it requires modules to conform to a few specifications. As far as I know, all modules must be written in Ruby, and need to contain configuration parameters and standard functions so that the framework can operate on it. The "exploit" linked above was certainly not designed for Metasploit, which brings us to the second problem.
If you look at that "exploit" file, not only is it not a valid Metasploit module, but it is not even a script or code at all (hence the .txt extension). The file's purpose is to tell you how to test the vulnerability manually and is not meant to be run in any way.
So, if you really want to use that exploit with Metasploit, you would need to write your own module for it.
Answered by multithr3at3d on December 25, 2020
Get help from others!
Recent Questions
Recent Answers
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP