Backing Up and Restoring Metasploit Data
Hardware failures and data loss can happen to anyone. That's why it's critical for you to regularly back up your Metasploit data. Because let's face it, your projects contain very important and sensitive data, and losing that data could have a massively negative impact.
To protect yourself from data loss, you should routinely back up Metasploit so that you can:
- Repair your copy of Metasploit — Backing up your data can help you repair Metasploit so that you don't lose your configuration settings or any project data.
- Migrate data between different Metasploit servers — Being able to transfer data between multiple instances of Metasploit can be helpful if you experience any hardware changes or failures.
Backing Up Data
A backup contains everything you need to restore Metasploit to a specific state, such as your application settings and your projects. The only thing that does not migrate is the software version. Your Metasploit instance will stay on its current version.
When you back up Metasploit, everything in the database is compressed into a ZIP file and stored in /path/to/metasploit/apps/pro/backups
. The files are not overwritten when you restore Metasploit to a specific backup, so they will be available until you manually delete them or you uninstall Metasploit.
To back up your Metasploit data:
- Go to Administration > Global Settings.
- Select the Backups tab.
- Click the New Backup button.
The Create a Backup page appears. - Enter a name and a description for the backup file on the Create a Backup page.
You should provide a clear and concise description so that you can easily identify the contents of each file. This will be helpful when you go to restore a backup and you have multiple files to choose from. - Click the Create Backup button.
When the Backups page appears, you'll see that the backup file has been created. The Status column displays the progress for the backup. When the backup completes, you'll see an alert in Notification Center. You'll need to refresh the page to see the updated status.
Restoring a Backup
A restore reverts your Metasploit server back to the state captured in a backup file. The backup files are platform independent so you can restore data from one operating system to another without any issues.
When you restore a backup file, everything in that is currently in your Metasploit instance will be overwritten with the data in the backup file, including your user accounts, loot, reports, and logs. Any data that does not exist in the backup file will be lost.
In order to restore a backup, all the Metasploit processes must be stopped so that the database can be modified. After the database has been restored, the Metasploit services will be restarted and you'll be able to use Metasploit as usual. Don't worry. You don't have to manually shut down your processes. We'll do it for you.
Before you restore a backup, you should check if there are any tasks currently running on the server. During a restore, these tasks will be stopped, so any data that has been collected will be lost. You should alert other users that you plan to restore the system to a previous version of Metasploit, so they can backup the data that they need.
To restore a backup:
- Go to Administration > Global Settings.
- Select the Backups tab.
- When the Backups page appears, find the backup you want to restore.
- Click the Restore button.
- A confirmation window appears and notifies you that you will overwrite everything in your database. Click the Restore button when you are ready.
At this point, all Metasploit services will be stopped, and you'll be directed to a progress page. When the restore is complete, the Metasploit services will be restarted and you'll see a link back to Metasploit.
Restoring to Older Versions of Metasploit
We only support forward compatibility, which means you can restore a backup to the same version or a newer version of Metasploit. For example, if your backup file was created on Metasploit 4.11.6, you cannot restore that file on an older version, like Metasploit 4.11.5. However, you can restore it to a newer version, like Metasploit 4.11.7.
To check the version of your backup, go to the Backups area and look in the Metasploit Version column.
Logging in after a Backup
When you restore a backup file, everything in your Metasploit instance will be overwritten, including your user accounts. If you have restored the backup file to a different instance of Metasploit, you may not be able to use your old credentials to log in. If you have restored a backup file and can no longer log in to Metasploit, you can run the
Finding the Backup Files
The backup files are located in /path/to/metasploit/apps/pro/backups
.
If you plan to uninstall Metasploit, you should copy the files in this directory to different location on your machine. Or if you want to share the backup files with another instance of Metasploit, you can copy them from this location.