Awhile back I installed a version of Metasploit Pro while juggling a couple other tasks and unfortunately I noted the password in an encrypted text document and forgot the location which in itself was a fail. Regardless of the mistake I made luckily Metasploit Express and Metasploit Pro make it easy enough to change the msf user web console password without any pain. Use the directions below to modify the msf users login information on your Metasploit Pro or Metasploit Express installation.
Modify Metasploit Pro Web Console Password:
- Launch Metasploit Diagnostic Shell: First locate the full path to the Metasploit Diagnostic shell by SSH’ing to the server running Metasploit Pro or Metasploit Express and issuing the “locate diagnostic_shell” from the CLI as shown in the below example image.
root@bt:~# locate diagnostic_shell /opt/metasploit-4.1.4/diagnostic_shell root@bt:~#
When the results are returned which will likely only be a single result launch the diagnostic shell as root to display a new shell prompt as shown in the below example output.
root@bt:~# /opt/metasploit-4.1.4/diagnostic_shell bash-4.1#
- Initiate Meta Pro Password Reset: Now again locate the Metasploit reset password script which is named resetpw and can be located using the below example command from the Metasploit diagnostic shell.
bash-4.1# locate resetpw /opt/metasploit-4.1.4/resetpw /opt/metasploit-4.1.4/apps/pro/ui/script/resetpw bash-4.1#
Notice above that two resetpw scripts were returned which likely will launch the exact same application however Metasploit notes to run the one in the scripts directory so launch the resetpw script using syntax similar to the below depending on the Metasploit Pro installation PATH. Once the script is launched follow the on screen instructions which will require you to first confirm you want to reset the msf users password by typing yes followed by hitting enter to end the resetpw script.
bash-4.1# /opt/metasploit-4.1.4/apps/pro/ui/script/resetpw [*] Please wait while the environment is loaded. ************************************ * * * Metasploit Password Reset * * * ************************************ [*] Warning! This tool will reset the password for the 'msf' user account. [*] To continue, please type "yes" Continue? (yes/no) > yes [*] The password for msf has been reset to a random value New Password: 12345Aa! [*] Please change this password on the next login. [*] Hit enter to exit bash-4.1#
Notice the output from the resetpw script includes the new randomly generated password and you are strongly encouraged to change that password immediately to something with double the characters.
- Restart Metasploit: It didn’t say this in the instructions from Metasploit but I needed to restart Metasploit to be able to login with the new password that was just reset for the msf user. You can restart Metasploit on Ubuntu or Backtrack Linux using the below syntax.
bash-4.1# /etc/init.d/metasploit restart prosvc is stopped nginx is stopped metasploit is stopped /opt/metasploit-4.1.4/postgresql/scripts/ctl.sh : postgresql stopped LOG: database system was shut down at 2012-05-02 15:05:07 EDT LOG: database system is ready to accept connections LOG: autovacuum launcher started /opt/metasploit-4.1.4/postgresql/scripts/ctl.sh : postgresql started at port 7337 prosvc is running >> Deleting stale PID file log/thin.pid metasploit is running bash-4.1#
Give it a couple minutes to get all the way started before attempting to login.
You should now be able to login to the Metasploit Pro web console. Please make sure to change the new password right after you login so you don’t forget to do so.