strange problem with metasploit

ashu2188 · 07-06-2011, 07:46 AM

I am facing this error...

Failed to connect to the database: could not connect to server: Connection refused
Is the server running on host "127.0.0.1" and accepting
TCP/IP connections on port 7175?
{"adapter"=>"postgresql", "database"=>"msf3", "username"=>"msf3", "password"=>"7f878914", "host"=>"127.0.0.1", "port"=>7175, "pool"=>75, "timeout"=>5}

I saw that 2 lines of host and port and the other 2 in the long message which has the same host and port...is there something wrong with running it with this port? and if i need to change it, where should i change this?

Noway2 · 07-06-2011, 08:07 AM

Metasploit is a tool that may be used for legitimate purposes such as performing penetration testing on your own server. It can also be used for illicit purposes. Regardless of your intentions, we in the forum have no way of verifying them and even if your usage is for legitimate purposes, helping you with this tool would provide data that can be used by the wrong sorts. This is why rule 13 exists:

Quote:

Posts containing information about cracking, piracy, warez, fraud or any topic that could be damaging to either LinuxQuestions.org or any third party will be immediately removed.

This thread has been reported to the moderators with the recommendation that it be closed.

My recommendation would be to ask this type of question in a more appropriate venue than LQ.

ashu2188 · 07-06-2011, 08:20 AM

Quote:

Originally Posted by Noway2

Metasploit is a tool that may be used for legitimate purposes such as performing penetration testing on your own server. It can also be used for illicit purposes. Regardless of your intentions, we in the forum have no way of verifying them and even if your usage is for legitimate purposes, helping you with this tool would provide data that can be used by the wrong sorts. This is why rule 13 exists:

This thread has been reported to the moderators with the recommendation that it be closed.

My recommendation would be to ask this type of question in a more appropriate venue than LQ.

I am a student of Cyber Security and I am learning the VAPT. We were taught metasploit framework today and I am given a task to debug this thing which comes in 2 of our Network Pc while running metasploit.

And if you feel like I should post this to somewhere else, I would like you to suggest me the links where I can post thing.

Noway2 · 07-06-2011, 08:58 AM

Quote:

I am a student of Cyber Security and I am learning the VAPT. We were taught metasploit framework today and I am given a task to debug this thing which comes in 2 of our Network Pc while running metasploit.

Please try to understand that by posting any sort of how to information regarding tools like metasploit may be used for ill purposes and this could damage the reputation of LQ.

Quote:

if you feel like I should post this to somewhere else, I would like you to suggest me the links where I can post thing

The metasploit web site lists the official support avenues, including the mailing list and IRC channel. The organization that you are a student of, should also have some recommendations for official channels to obtain support.

ashu2188 · 07-06-2011, 09:15 AM

ok..no problems...I am deleting this post as i have no ill intentions.I just wanted to solve my problem.

But I would really request the admin to make a forum for this where we can put up such questions.
So in future anybody faces such question, he/she should not waste his time to do trial and error and he can find the correct solution instantly.

ashu2188 · 07-06-2011, 09:19 AM

Quote:

Originally Posted by Noway2

Please try to understand that by posting any sort of how to information regarding tools like metasploit may be used for ill purposes and this could damage the reputation of LQ.

The metasploit web site lists the official support avenues, including the mailing list and IRC channel. The organization that you are a student of, should also have some recommendations for official channels to obtain support.

I have modified it now as i couldn't find how i can delete it as m a new to this site..Hope its fine with you.

szboardstretcher · 07-06-2011, 09:21 AM

Are you sure postgres is running?

ashu2188 · 07-06-2011, 09:25 AM

Quote:

Originally Posted by szboardstretcher

Hello all,

Im interested in understanding the issue mentioned in this thread. The rule of LQ seems to say that there are no posts allowed about "Cracking, Piracy, Warez, etc..." not the tools themselves (within reason I'm sure.)

For example, if I were having trouble compiling "nmap" or "scapy" would that really count as "Cracking?" I ask because it seems like the poster is just having a problem with a program running, more specifically, a program that is having a time connecting to a postgres database.

And if we are to not answer a question about getting Metasploit running, would we also not have to ignore requests for help for Scapy, Nmap, Hping, Nikto, Nessus, Skipfish, Hydra, Arping, Arp-scan, Ngrep, Kismet, Bash, C++, etc..? As those are programs regularly used for PenTesting and Various stages of Cracking?

Well ...thank you for understanding my problem.. Can you please provide me the solution about this error?

szboardstretcher · 07-06-2011, 09:47 AM

I'd like to, but I'm sort of waiting for a response from the moderators to see whether this is allowed in this particular case, as I do not want to break any rules. Thanks for understanding.

Tinkster · 07-06-2011, 11:55 PM

Closed for now (to remove temptation) while we're discussing the issue at
hand among mods. The OP should definitely discuss the problem with his
tutor, or search the metasploit site regarding the problem.

Tinkster · 07-07-2011, 04:40 PM

And re-opened.

Sorry for any inconvenience.

Noway2 · 07-07-2011, 05:35 PM

Quote:

And re-opened. Sorry for any inconvenience.

Tinkster, would it be possible to get some insight into what is and is not acceptable? If you would prefer, please feel free to contact me off list to discuss.

unSpawn · 07-07-2011, 06:20 PM

Jeremy stated he is not aware that he ever put an outright ban on the discussion of tools like Metasploit. So if I read that correctly that means any pentesting tool questions apparently are OK...

Tinkster · 07-07-2011, 07:13 PM

Quote:

Originally Posted by Noway2

Tinkster, would it be possible to get some insight into what is and is not acceptable? If you would prefer, please feel free to contact me off list to discuss.

The way I read Jeremy's statement:

Things are up to interpretation, and the use-case is more important
than the actual tool in question; if we have good reason to believe
that the use won't be malicious we can give support with the tools
use. But then again ... I may not have gotten that quite right.

:}

Cheers,
Tink

Noway2 · 07-07-2011, 08:49 PM

Unspawn, Tinkster, thank you both for the explanation and clarification.

ashu2188, please accept my apologies for any inconvenience caused. I am glad that your question received blessing. I am sorry that it became a catalyst regarding the potentially grey area topic of pen testing. Are you still facing the same difficulty or have you made progress?

The error message, "Connection refused" typically means that there is nothing listening on that port or there is a firewall in between. I would recommend running the command 'netstat -pane | grep 1715' and see if any process is listening on that port. If not, check the output of ps and grep for postgres to see if SQL is running. If all that looks good, make sure you don't have a firewall in place that is keeping the port closed. Another possibility is that you have two applications trying to run on the same port. If there is already an application using this port, the other one may not even start.