Metasploit mailing list archives
solaris/telnet/fuser
From: lazydj98 at yahoo.com (Joshua Smith)
Date: Tue, 14 Oct 2008 15:40:22 -0700 (PDT)
I'm a retard, sorry 'bout that. I usually notice when they're not shellcode exploits. At least it wasn't a completely useless question like MC is used to getting from me ;) Thanks for your time -Josh btw, mc, new job is way better than the old ----- Original Message ---- From: H D Moore <hdm at metasploit.com> To: framework at spool.metasploit.com Sent: Tuesday, October 14, 2008 5:48:32 PM Subject: Re: [framework] solaris/telnet/fuser On Tuesday 14 October 2008, Joshua Smith wrote:
Question: root at laptop:~/framework-trunk# ./msfcli solaris/telnet/fuser RHOST=192.168.1.1 PAYLOAD=solaris/x86/shell_bind_tcp E [*] Started bind handler [*] Setting USER environment variable... [-] Exploit failed: undefined method `put' for nil:NilClass
Two issues here: 1. The sock object for the connection is being set to nil by something and throwing the error you see, but the module code looks fine, so this migt be related to (2). 2. That module doesn't really use payloads, it should only match payloads which have the flag 'cmd_interact', which resolves to exactly one payload that interacts with the current socket as a shell. There is a bug that results in this exploit accepting incompatible payloads and showing no compatible payloads when asked. Good bug reports, the short-term fix for what you are doing should be: $ msfcli exploit/solaris/telnet/fuser PAYLOAD=cmd/unix/interact \ RHOST=A.B.C.D E -HD _______________________________________________ http://spool.metasploit.com/mailman/listinfo/framework -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.metasploit.com/pipermail/framework/attachments/20081014/09ce5c38/attachment.htm>
Current thread:
- solaris/telnet/fuser Joshua Smith (Oct 14)
- solaris/telnet/fuser H D Moore (Oct 14)
- solaris/telnet/fuser MC (Oct 14)
- <Possible follow-ups>
- solaris/telnet/fuser Joshua Smith (Oct 14)