Meterpreter Sniffer

[btricha at gmail.com (Bryan Richardson)]

Hello all,

If I use msfconsole to connect to a Meterpreter listener running on a
Windows XP machine and create a session, I can drop down into irb and do the
following with no problems:

> client.run_cmd 'use sniffer'
> client.run_cmd 'sniffer_start 1 200000'
> client.run_cmd 'sniffer_dump 1 /tmp/sniff.pcap'
> client.run_cmd 'sniffer_stop 1'

However, if I create a session using the 'exploit_simple' fuction after
creating a multi/handler exploit object with Msf::Simple::Framework, I have
problems.  I can do "session.run_cmd 'use sniffer'" and I get a 'true'
returned.  But as soon as I try to start the sniffer I get a false returned.

Any ideas why this is happening?  I know the sniffer stuff is still in the
dev trunk, so I was just curious if anyone else has seen this or might now
what the problem is.

--
Thanks!
Bryan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.metasploit.com/pipermail/framework/attachments/20090817/5c2bfcd7/attachment.html>