solaris/telnet/fuser

[lazydj98 at yahoo.com (Joshua Smith)]

I'm a retard, sorry 'bout that.  I usually notice when they're not shellcode exploits.
At least it wasn't a completely useless question like MC is used to getting from me ;)

Thanks for your time

 -Josh

btw, mc, new job is way better than the old



----- Original Message ----
From: H D Moore <hdm at metasploit.com>
To: framework at spool.metasploit.com
Sent: Tuesday, October 14, 2008 5:48:32 PM
Subject: Re: [framework] solaris/telnet/fuser

On Tuesday 14 October 2008, Joshua Smith wrote:
> Question:
> root at laptop:~/framework-trunk# ./msfcli solaris/telnet/fuser
> RHOST=192.168.1.1 PAYLOAD=solaris/x86/shell_bind_tcp E [*] Started bind
> handler
> [*] Setting USER environment variable...
> [-] Exploit failed: undefined method `put' for nil:NilClass

Two issues here:

1. The sock object for the connection is being set to nil by something and 
throwing the error you see, but the module code looks fine, so this migt 
be related to (2).

2. That module doesn't really use payloads, it should only match payloads 
which have the flag 'cmd_interact', which resolves to exactly one payload 
that interacts with the current socket as a shell. There is a bug that 
results in this exploit accepting incompatible payloads and showing no 
compatible payloads when asked. 

Good bug reports, the short-term fix for what you are doing should be:

$ msfcli exploit/solaris/telnet/fuser PAYLOAD=cmd/unix/interact \
RHOST=A.B.C.D  E 

-HD

_______________________________________________
http://spool.metasploit.com/mailman/listinfo/framework



      
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.metasploit.com/pipermail/framework/attachments/20081014/09ce5c38/attachment.htm>