Metasploit mailing list archives
Bug Report from a metasploit lover SNERT in China
From: libo.swust at gmail.com (li bo)
Date: Sun, 25 Nov 2007 21:52:44 +0800
Just saw your message on [framework] email list. Hope it can be noticed by others. However, it doesn't matter. We did our contribution to this group, that is the key point. Bo On 25/11/2007, eros <erroix at qq.com> wrote:
I have found a little bug of metasploit.That appear in \lib\rex\text.rb line 584. Attend below codes : ///////////////////////////////////////////////////////////////////////////////////////////////////////////////// def self.pattern_create(length, sets = [ UpperAlpha, LowerAlpha, Numerals ]) buf = '' idx = 0 offsets = [] sets.length.times { offsets << 0 } until buf.length >= length begin buf += converge_sets(sets, 0, offsets, length) rescue RuntimeError break end end buf[0..length] # here will creat a pattern with length+1 characters end /////////////////////////////////////////////////////////////////////////////////////////////////////////////////// and when we use pattern_create() method on msfconsole,this bug will return us a unexpect result.For example: #puts pattern_create(56) =>"Aa0Aa1Aa2Aa3Aa4Aa5Aa6Aa7Aa8A9Ab0Ab1Ab2Ab3Ab4Ab5Ab6Ab7Ab8" #puts pattern_create(56).length =>57 and so on...You may have a deep test. So it will recover normal after change buf[0..length] to buf[0...length]. Hope this will make your attention! (Southwest University of Science and Technology Net Emergency Response Team) SNERT in short
-- No pains,no gains.
Current thread:
- Bug Report from a metasploit lover SNERT in China eros (Nov 25)
- Bug Report from a metasploit lover SNERT in China li bo (Nov 25)