Metasploit mailing list archives

Previous By Date Next
Previous By Thread Next

FC4 glibc/perl errors....

From: ramatkal at hotmail.com (RaMatkal x2)
Date: Thu, 28 Jul 2005 08:16:01 +0000
I've recently upgraded to FC4 and am having some probs with metasploit......

Here is some version info:

[root at S framework-2.4]# uname -a
Linux Sol-FC4 2.6.11-1.1369_FC4 #1 Thu Jun 2 22:55:56 EDT 2005 i686 i686 
i386 GNU/Linux
[root at S framework-2.4]# rpm -q glibc
glibc-2.3.5-10
[root at S framework-2.4]# rpm -q perl
perl-5.8.6-15

Below is the output when trying to exploit a win32 vuln to DCOM exploit with 
vnc payload. The same output was also seen when trying different payloads 
and when exploiting differenent OS's...

msf msrpc_dcom_ms03_026(win32_bind_vncinject) > exploit
[*] Starting Bind Handler.
[*] Splitting RPC request into 7 packets
[*] Got connection from 10.0.0.4:45284 <-> 10.0.0.6:4444
[*] Sending Stage (2834 bytes)
[*] Sleeping before sending dll.
[*] Uploading dll to memory (348170), Please wait...
[*] Upload completed
[*] VNC proxy listening on port 5900...
*** glibc detected *** /usr/bin/perl: double free or corruption (!prev): 
0x091c6528 ***
======= Backtrace: =========
/lib/libc.so.6[0x8b6424]
/lib/libc.so.6(__libc_free+0x77)[0x8b695f]
/lib/libc.so.6(fclose+0x148)[0x8a7f30]
/usr/lib/perl5/5.8.6/i386-linux-thread-multi/CORE/libperl.so(PerlIOStdio_close+0x87)[0xac33f7]
/usr/lib/perl5/5.8.6/i386-linux-thread-multi/CORE/libperl.so(PerlIO__close+0x39)[0xac1fa1]
/usr/lib/perl5/5.8.6/i386-linux-thread-multi/CORE/libperl.so(Perl_PerlIO_close+0x26)[0xac1ff5]
/usr/lib/perl5/5.8.6/i386-linux-thread-multi/CORE/libperl.so(PerlIO_cleantable+0x47)[0xac2066]
/usr/lib/perl5/5.8.6/i386-linux-thread-multi/CORE/libperl.so(PerlIO_cleanup+0x4d)[0xac2d75]
/usr/lib/perl5/5.8.6/i386-linux-thread-multi/CORE/libperl.so(perl_destruct+0xe71)[0x9e7f75]
/usr/bin/perl(main+0xda)[0x804939e]
/lib/libc.so.6(__libc_start_main+0xc6)[0x867de6]
/usr/bin/perl[0x8049241]
======= Memory map: ========
00111000-00113000 r-xp 00000000 08:05 2875422    
/usr/lib/perl5/5.8.6/i386-linux-thread-multi/auto/Cwd/Cwd.so
00113000-00114000 rwxp 00002000 08:05 2875422    
/usr/lib/perl5/5.8.6/i386-linux-thread-multi/auto/Cwd/Cwd.so
00114000-0013b000 r-xp 00000000 08:05 2814052    /usr/lib/libreadline.so.5.0
0013b000-0013f000 rwxp 00027000 08:05 2814052    /usr/lib/libreadline.so.5.0
0013f000-00140000 rwxp 0013f000 00:00 0
00140000-00143000 r-xp 00000000 08:05 459069     /lib/libtermcap.so.2.0.8
00143000-00144000 rwxp 00002000 08:05 459069     /lib/libtermcap.so.2.0.8
00144000-00193000 r-xp 00000000 08:05 751445     
/usr/lib/perl5/site_perl/5.8.6/i386-linux-thread-multi/auto/Net/SSLeay/SSLeay.so
00193000-00194000 rwxp 0004f000 08:05 751445     
/usr/lib/perl5/site_perl/5.8.6/i386-linux-thread-multi/auto/Net/SSLeay/SSLeay.so
00194000-001c9000 r-xp 00000000 08:05 459498     /lib/libssl.so.0.9.7f
001c9000-001cc000 rwxp 00035000 08:05 459498     /lib/libssl.so.0.9.7f
001cc000-0023b000 r-xp 00000000 08:05 2822129    /usr/lib/libkrb5.so.3.2
0023b000-0023e000 rwxp 0006e000 08:05 2822129    /usr/lib/libkrb5.so.3.2
0023e000-00250000 r-xp 00000000 08:05 2815058    /usr/lib/libz.so.1.2.2.2
00250000-00251000 rwxp 00011000 08:05 2815058    /usr/lib/libz.so.1.2.2.2
00275000-0036d000 r-xp 00000000 08:05 459497     /lib/libcrypto.so.0.9.7f
0036d000-0037f000 rwxp 000f8000 08:05 459497     /lib/libcrypto.so.0.9.7f
0037f000-00382000 rwxp 0037f000 00:00 0
00383000-003a1000 r-xp 00000000 08:05 2904989    
/usr/lib/perl5/5.8.6/i386-linux-thread-multi/auto/POSIX/POSIX.so
003a1000-003a2000 rwxp 0001d000 08:05 2904989    
/usr/lib/perl5/5.8.6/i386-linux-thread-multi/auto/POSIX/POSIX.so
00421000-00425000 r-xp 00000000 08:05 2904976    
/usr/lib/perl5/5.8.6/i386-linux-thread-multi/auto/IO/IO.so
00425000-00426000 rwxp 00003000 08:05 2904976    
/usr/lib/perl5/5.8.6/i386-linux-thread-multi/auto/IO/IO.so
0046d000-00490000 r-xp 00000000 08:05 2822128    /usr/lib/libk5crypto.so.3.0
00490000-00491000 rwxp 00023000 08:05 2822128    /usr/lib/libk5crypto.so.3.0
00609000-00612000 r-xp 00000000 08:05 457013     /lib/libnss_files-2.3.5.so
00612000-00613000 r-xp 00008000 08:05 457013     /lib/libnss_files-2.3.5.so
00613000-00614000 rwxp 00009000 08:05 457013     /lib/libnss_files-2.3.5.so
00723000-00735000 r-xp 00000000 08:05 459056     /lib/libnsl-2.3.5.so
00735000-00736000 r-xp 00011000 08:05 459056     /lib/libnsl-2.3.5.so
00736000-00737000 rwxp 00012000 08:05 459056     /lib/libnsl-2.3.5.so
00737000-00739000 rwxp 00737000 00:00 0
00835000-0084f000 r-xp 00000000 08:05 457094     /lib/ld-2.3.5.so
0084f000-00850000 r-xp 00019000 08:05 457094     /lib/ld-2.3.5.so
00850000-00851000 rwxp 0001a000 08:05 457094     /lib/ld-2.3.5.so
00853000-00977000 r-xp 00000000 08:05 459050     /lib/libc-2.3.5.so
00977000-00979000 r-xp 00124000 08:05 459050     /lib/libc-2.3.5.so
00979000-0097b000 rwxp 00126000 08:05 459050     /lib/libc-2.3.5.so
0097b000-0097d000 rwxp 0097b000 00:00 0
0097f000-009a1000 r-xp 00000000 08:05 459053     /lib/libm-2.3.5.so
009a1000-009a2000 r-xp 00021000 08:05 459053     /lib/libm-2.3.5.so
009a2000-009a3000 rwxp 00022000 08:05 459053     /lib/libm-2.3.5.so
009a5000-009a7000 r-xp 00000000 08:05 457084     /lib/libdl-2.3.5.so
009a7000-009a8000 r-xp 00001000 08:05 457084     /lib/libdl-2.3.5.so
009a8000-009a9000 rwxp 00002000 08:05 457084     /lib/libdl-2.3.5.so
009b3000-009b5000 r-xp 00000000 08:05 457073     /lib/libutil-2.3.5.so
009b5000-009b6000 r-xp 00001000 08:05 457073     /lib/libutil-2.3.5.so
009b6000-009b7000 rwxp 00002000 08:05 457073     /lib/libutil-2.3.5.so
009c0000-00aff000 r-xp 00000000 08:05 2875651    
/usr/lib/perl5/5.8.6/i386-linux-thread-multi/CORE/libperl.so
00aff000-00b0a000 rwxp 0013e000 08:05 2875651    
/usr/lib/perl5/5.8.6/i386-linux-thread-multi/CORE/libperl.so
00b0a000-00b0c000 rwxp 00b0a000 00:00 0
00b76000-00b84000 r-xp 00000000 08:05 459051     /lib/libpthread-2.3.5.so
00b84000-00b85000 r-xp 0000d000 08:05 459051     /lib/libpthread-2.3.5.so
00b85000-00b86000 rwxp 0000e000 08:05 459051     /lib/libpthread-2.3.5.so
00b86000-00b88000 rwxp 00b86000 00:00 0
00c6a000-00c97000 r-xp 00000000 08:05 430393     
/usr/lib/perl5/site_perl/5.8.6/i386-linux-thread-multi/auto/Term/ReadLine/Gnu/Gnu.so
00c97000-00c98000 rwxp 0002d000 08:05 430393     
/usr/lib/perl5/site_perl/5.8.6/i386-linux-thread-multi/auto/Term/ReadLine/Gnu/Gnu.so
00ce0000-00ce1000 r-xp 00ce0000 00:00 0
00daf000-00db1000 r-xp 00000000 08:05 2814563    
/usr/lib/libkrb5support.so.0.0
00db1000-00db2000 rwxp 00001000 08:05 2814563    
/usr/lib/libkrb5support.so.0.0
00dbc000-00dcb000 r-xp 00000000 08:05 459058     /lib/libresolv-2.3.5.so
00dcb000-00dcc000 r-xp 0000e000 08:05 459058     /lib/libresolv-2.3.5.so
00dcc000-00dcd000 rwxp 0000f000 08:05 459058     /lib/libresolv-2.3.5.so
00dcd000-00dcf000 rwxp 00dcd000 00:00 0
00dd1000-00dd3000 r-xp 00000000 08:05 459059     /lib/libcom_err.so.2.1
00dd3000-00dd4000 rwxp 00001000 08:05 459059     /lib/libcom_err.so.2.1
00dd6000-00ded000 r-xp 00000000 08:05 2822130    
/usr/lib/libgssapi_krb5.so.2.2
00ded000-00dee000 rwxp 00017000 08:05 2822130    
/usr/lib/libgssapi_krb5.so.2.2
00df4000-00dfd000 r-xp 00000000 08:05 459054     
/lib/libgcc_s-4.0.0-20050520.so.1
00dfd000-00dfe000 rwxp 00009000 08:05 459054     
/lib/libgcc_s-4.0.0-20050520.so.1
00e58000-00e5d000 r-xp 00000000 08:05 2905151    
/usr/lib/perl5/5.8.6/i386-linux-thread-multi/auto/Socket/Socket.so
00e5d000-00e5e000 rwxp 00004000 08:05 2905151    
/usr/lib/perl5/5.8.6/i386-linux-thread-multi/auto/Socket/Socket.so
00ea8000-00eaa000 r-xp 00000000 08:05 2905178    
/usr/lib/perl5/5.8.6/i386-linux-thread-multi/auto/Sys/Hostname/Hostname.so
00eaa000-00eab000 rwxp 00001000 08:05 2905178    
/usr/lib/perl5/5.8.6/i386-linux-thread-multi/auto/Sys/Hostname/Hostname.so
00ff0000-00ff4000 r-xp 00000000 08:05 457010     /lib/libnss_dns-2.3.5.so
00ff4000-00ff5000 r-xp 00003000 08:05 457010     /lib/libnss_dns-2.3.5.so
00ff5000-00ff6000 rwxp 00004000 08:05 457010     /lib/libnss_dns-2.3.5.so
02d08000-02d0d000 r-xp 00000000 08:05 459066     /lib/libcrypt-2.3.5.so
02d0d000-02d0e000 r-xp 00004000 08:05 459066     /lib/libcrypt-2.3.5.so
02d0e000-02d0f000 rwxp 00005000 08:05 459066     /lib/libcrypt-2.3.5.so
02d0f000-02d36000 rwxp 02d0f000 00:00 0
08048000-0804b000 r-xp 00000000 08:05 2816614    /usr/bin/perl
0804b000-0804d000 rw-p 00002000 08:05 2816614    /usr/bin/perl
080c0000-092b1000 rw-p 080c0000 00:00 0          [heap]
b7b00000-b7b21000 rw-p b7b00000 00:00 0
b7b21000-b7c00000 ---p b7b21000 00:00 0
b7cda000-b7d30000 rw-p b7cda000 00:00 0
b7d30000-b7d36000 r--s 00000000 08:05 2872544    
/usr/lib/gconv/gconv-modules.cache
b7d38000-b7d7a000 rw-p b7d38000 00:00 0
b7d7a000-b7f7a000 r--p 00000000 08:05 2810123    
/usr/lib/locale/locale-archive
b7f7a000-b7f7d000 rw-p b7f7a000 00:00 0
b7f8d000-b7f8e000 rw-p b7f8d000 00:00 0
bff79000-bff8e000 rw-p bff79000 00:00 0          [stack]

Anyone got any ideas?

Thanks
RaMatkal

_________________________________________________________________
Is your PC infected? Get a FREE online computer virus scan from McAfee? 
Security. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
Previous By Date Next
Previous By Thread Next

Current thread: