db_autopwn problem and suggestions

[Genesys SecTI <seguranca () meupctravou com br>]

Hi everyone,

First mail to the list, and im Brazilian, sorry for poor English.


I have some problems using the db_autopwn and db_driver modules. There is the list:

1 - I have imported some hosts by db_import_nmap_xml (about 2k hosts) and tried to db_autopwn them, but it tokes a 
VERY, VERY long time, about 1 1/2 hour to start running. I have a dual core 2x 1.73 GHz and 2GB DDR2, running 
metasploit 3.3 svn updated today on BackTrack 4.0 pre-release. In other PC, running Windows 7, P4 3.0GHz and 2 GB DDR2, 
running same version, waited about 2 hours and it not started.

      =[ metasploit v3.4-dev [core:3.4 api:1.0]
+ -- --=[ 447 exploits - 216 auxiliary
+ -- --=[ 192 payloads - 22 encoders - 8 nops
       =[ svn r7560 updated today (2009.11.17)
msf > db_create
[*] Creating a new database instance...
[*] Successfully connected to the database
[*] File: /root/.msf3/sqlite3.db
msf > db_import_nmap_xml /root/17150.xml (it takes about 30 sec)
msf > db_autopwn -p -e -m ms08_067 (In Win, freezes here. In BackTrack, take about 1 1/2 hour to start.

Tried with 100 hosts, using db_nmap 1.2.3.4 -p 445, it finish well, but again in db_autopwn need to wait about 8 
minutes to start. 
It is normal? There is some way to reduce this time? I tried postgresql and sqlite3, the result is same.

 

2 - The db_driver mysql is not working to me. Have a message to use gem install mysql, who installed the gem, but the 
option db_driver mysql doesnt appears. Mysql is working fine. Using BackTrack. Could be a distro problem?


3 - There is not a issue, almost a suggestion. The option -r in db_autopwn, to connect by reverse shell assumes the 
local ip from the network, but sometimes is interesting to use another. e.g. want to use in other pc with multi/handler 
payload, or use my internet IP (65.66.67.68) instead of the local ip (10.0.0.1). Tried to use the LHOST variable but it 
makes not difference. 

4 - In db_autopwn, doesnt have support to smb2_negotiate_func_index exploit? Tried in the -m option with a lot of 
variations in the name, and is not working. 


Thanks for helping, and congratulations, I use the metasploit since 2.6 and really, really is the BEST framework.

Genesys 

                                          
_________________________________________________________________
Windows Live: Keep your friends up to date with what you do online.
http://www.microsoft.com/middleeast/windows/windowslive/see-it-in-action/social-network-basics.aspx?ocid=PID23461::T:WLMTAGL:ON:WL:en-xm:SI_SB_1:092010

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework