 |
Well noted. We won't package version 5.x until it's stable. We track the tagged releases in github. Will you make releases of "unstable" version 5.x before it's stable? |
 |
We are planning to release some pre-5.0 releases sometimes in spring/summer 2018. Thanks! |
|
|
Hi, we are aiming for January 10th for making a 5.x branch and the release of the first 5.0 stable release. Just a heads-up for your packagers (and I believe you are also upstream for Parrotsec as well). |
|
|
Of note, the 'msfdb' command is now integrated into the source tree as well, since it includes some functionality for exposing some of Metasploit's new REST web services for the database layer. However, this release is still 100% compatible with a local database, and still works with no database at all, so it should still work with Kali's variant of the msfdb command for now. We plan on making future changes to the data model in a new unstable branch however, after 5.0 is released. |
|
|
We tagged 5.0.0 today in master. We are not ready to open a 5.x branch yet, and will continue maintaining the 4.x branch for the next few months as well. If you want to start looking at packaging the new features with MSF5, feel free to start testing on the 5.x.y tag series. Thanks! |
 |
Thanks @busterb. We are looking into packaging Metasploit 5.0.0. We have some trouble with your new "msfdb" script... it assumes pg_ctl is available in the PATH, it's not the case in Debian/Kali currently because the Debian packaging provides some higher level tool called "pg_ctlcluster" which makes it easy for admins to run multiple PostgreSQL servers side-by-side. pg_ctl is only available in a versioned directory (/usr/lib/postgresql/11/bin/) pg_ctlcluster will automaticaly use ports 5433 and higher for new "clusters" that it creates. This means that I expect your msfdb to run into troubles on machines where those port numbers are already used for alternate databases (this happens in particular when you upgrade from one version of PostgreSQL to the next, this higher level tool is able to migrate a database by running two different versions of PostgreSQL side by side). Hence I would suggest to rather use port 5431 as an alternate port number (we will patch this in our packaging). We will probably somehow expand the PATH so that msfdb is able to find pg_ctl but it would be better if we could somehow teach "msfdb init" to:
The term "cluster" refers to a postgresql data directory and its associated configuration, it's specific to a given version of PostgreSQL |
|
|
As a general goal, we made sure that the the 5.x series continue to also work with the Kali Linux-specific version of the msfdb tool, so if you prefer for now, you can continue to ship the version that is in the 4.x package and the database will continue to function as it did before. I'll share this with the team as well to make sure we can address the items above as well. Thanks for the update! |
|
|
I uploaded the version 5.0.1-0kali1 in kali-experimental. autopackage tests run successfully now. |
|
|
We are now tracking the 5.0.* versions. |
|
|
@busterb While our msfdb still works for the database, it's not able to start the webservice so we would like to switch sooner rather than later to your msfdb. Shall I open a ticket on your side to discuss how to improve msfdb so that it works better in a Debian environment where pg_ctl is not in the PATH and where we have other helper scripts (pg_createcluster, pg_ctlcluster, etc.)? |
|
|
Thanks, a public ticket would be helpful. |
|
|
Filed here: https://github.com/rapid7/metasploit-framework/issues/11369 |
 |
Apologies for adding a duplicate issue on Kali git repository about MSFDB service not running on Kali Linux. Issue number: 0005262: Metasploit-Framework Database API not working |
|
|
Closing this issue as we switch to the 5.x branch The discussion about msfdb issues will continue here: And we keep the bug 5262 opened in Kali bug tracker. |
- Anonymous
