Metasploit mailing list archives
Re: wdbrpc_memory_dump.rb bug and question
From: Robin Wood <robin () digininja org>
Date: Wed, 25 Jan 2012 15:54:59 +0000
On 25 January 2012 04:51, Robin Wood <robin () digininja org> wrote:
On 25 January 2012 04:07, HD Moore <hdm () metasploit com> wrote:On 1/24/2012 10:46 AM, Robin Wood wrote:First the bug, I think this is because I set an offset but pointed it at a file that doesn't exist: [*] Attempting to dump system memory, starting at offset 0xaa84850 [*] 10.21.2.30 Connected to VxWorks5.5.1 - Motorola E500 : Unknown system version () [*] Dumping 0x10000000 bytes from base address 0x00000000 at offset 0x0aa84850... [-] Auxiliary failed: Errno::ENOENT No such file or directory - /Users/robin/.msf4/logs/vxworks_memory3.dump [-] Call stack: [-] /Users/robin/src/msf/modules/auxiliary/admin/vxworks/wdbrpc_memory_dump.rb:75:in `initialize' [-] /Users/robin/src/msf/modules/auxiliary/admin/vxworks/wdbrpc_memory_dump.rb:75:in `open' [-] /Users/robin/src/msf/modules/auxiliary/admin/vxworks/wdbrpc_memory_dump.rb:75:in `run' [*] Auxiliary module execution completed Now the question, this memory dump is from a Dell OpenManage switch, can anyone tell me where to look for the user credentials once I've dumped all the memory?This is a problem with your local filesystem - you may need to mkdir /Users/robin/.msf4/logs/ first before running the module, as it didn't succeed in opening the dump file. You can set the output path with the LPATH optionThe directory existed. I had started dumping with a 2 on the end and it had failed half way through so I thought rather than overwrite the existing file I would just add a 3 to the end and start it again. Robin
I've just reproduced this showing the directory exists but the file doesn't, this is only when the offset is set to non-zero, if I set it to 0 then it runs fine. I'll put a ticket in for it. Robin msf auxiliary(wdbrpc_memory_dump) > run [*] Attempting to dump system memory, starting at offset 0xecfb8f0 [*] 10.21.10.22 Connected to VxWorks5.5.1 - Motorola E500 : Unknown system version () [*] Dumping 0x10000000 bytes from base address 0x00000000 at offset 0x0ecfb8f0... [-] Auxiliary failed: Errno::ENOENT No such file or directory - /Users/robin/.msf4/logs/vxworks_memory_22.dump [-] Call stack: [-] /Users/robin/src/msf/modules/auxiliary/admin/vxworks/wdbrpc_memory_dump.rb:75:in `initialize' [-] /Users/robin/src/msf/modules/auxiliary/admin/vxworks/wdbrpc_memory_dump.rb:75:in `open' [-] /Users/robin/src/msf/modules/auxiliary/admin/vxworks/wdbrpc_memory_dump.rb:75:in `run' [*] Auxiliary module execution completed msf auxiliary(wdbrpc_memory_dump) > ls /Users/robin/.msf4/logs/vxworks_memory_22.dump [*] exec: ls /Users/robin/.msf4/logs/vxworks_memory_22.dump ls: /Users/robin/.msf4/logs/vxworks_memory_22.dump: No such file or directory msf auxiliary(wdbrpc_memory_dump) > ls /Users/robin/.msf4/logs/ [*] exec: ls /Users/robin/.msf4/logs/ framework.log sessions msf auxiliary(wdbrpc_memory_dump) > _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- wdbrpc_memory_dump.rb bug and question Robin Wood (Jan 24)
- Re: wdbrpc_memory_dump.rb bug and question HD Moore (Jan 24)
- Re: wdbrpc_memory_dump.rb bug and question Robin Wood (Jan 24)
- Re: wdbrpc_memory_dump.rb bug and question Robin Wood (Jan 25)
- Re: wdbrpc_memory_dump.rb bug and question Joshua J. Drake (Jan 25)
- Re: wdbrpc_memory_dump.rb bug and question Robin Wood (Jan 25)
- Re: wdbrpc_memory_dump.rb bug and question Robin Wood (Jan 24)
- Re: wdbrpc_memory_dump.rb bug and question HD Moore (Jan 24)