Re: wmap and ratproxy problem

[Robin Wood <dninja () gmail com>]

And wmap_reports seems to have been removed in favour of the data
going into the db_notes table. There is quite a bit of documentation
that still refers to wmap_report, I'm especially thinking of the stuff
in Metasploit Unleashed which I know is being updated but could do
with at least a note on it to say to use the other function.

Robin

2010/1/1 Robin Wood <dninja () gmail com>:
> Another bug now that I've got this working:
>
> [*] Launching auxiliary/scanner/http/options WMAP_SERVER against 192.168.0.30:80
> [*] 192.168.0.30 allows OPTIONS, TRACE, GET, HEAD, COPY, PROPFIND,
> SEARCH, LOCK, UNLOCK methods
> [-] Auxiliary failed: NoMethodError undefined method
> `report_vuln_service' for #<Msf::DBManager:0x9f42cd8>
> [-] Call stack:
> [-]   /usr/src/metasploit/lib/msf/core/auxiliary/report.rb:74:in
> `report_vuln_service'
> [-]   (eval):66:in `run_host'
> [-]   /usr/src/metasploit/lib/msf/core/auxiliary/scanner.rb:92:in `block in run'
>
> If I get chance I'll see if I can track it down but a quick look shows
> that that function doesn't exist any more
>
> $ find . -type f -exec grep -H "report_vuln_service" '{}' \;
> ./lib/msf/core/auxiliary/report.rb:     def report_vuln_service(opts={})
> ./lib/msf/core/auxiliary/report.rb:
> framework.db.report_vuln_service(opts)
> ./modules/auxiliary/scanner/http/.svn/text-base/ms09_020_webdav_unicode_bypass.rb.svn-base:
>                                    report_vuln_service(
> ./modules/auxiliary/scanner/http/ms09_020_webdav_unicode_bypass.rb:
>                                 report_vuln_service(
> ./modules/auxiliary/scanner/http/options.rb:
>         report_vuln_service(
>
> Robin
>
>
> 2010/1/1 Robin Wood <dninja () gmail com>:
> > Hi
> > I've been playing with wmap and spotted that the database structure
> > has changed but the ratproxy patch hasn't been updated. The table
> > requests is now wmap_requests so ratproxy fails to write to the
> > database. I've attached a new  patch file which also corrects the
> > offset mistakes from the original patch.
> >
> > I also got this warning when building:
> >
> > ratproxy.c: In function ‘save_trace’:
> > ratproxy.c:633: warning: passing argument 5 of ‘sqlite3_prepare’ from
> > incompatible pointer type
> >
> > Can we replace parameter 5 with a NULL as it isn't used and the
> > sqlite3 spec says that that is acceptable. (
> > http://www.sqlite.org/c3ref/prepare.html ) I'm building on a 64 bit
> > machine so that could be why not everyone reports the error.
> >
> > Robin
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework