Metasploit mailing list archives

bug in auxiliary/scanner/http/jboss_vulnscan

From: Robin Wood <robin () digininja org>
Date: Thu, 2 Jun 2011 12:43:06 +0100

Another bug, this time in  auxiliary/scanner/http/jboss_vulnscan. I've
set the RHOSTS but this line:

info = http_fingerprint({ :response => res })

returns nil so print_status dies:

msf auxiliary(jboss_vulnscan) > show options

Module options (auxiliary/scanner/http/jboss_vulnscan):

   Name     Current Setting  Required  Description
   ----     ---------------  --------  -----------
   Proxies                   no        Use a proxy chain
   RHOSTS   1.1.1.1          yes       The target address range or
CIDR identifier
   RPORT    444              yes       The target port
   THREADS  1                yes       The number of concurrent threads
   VERB     HEAD             yes       Verb for auth bypass testing
   VHOST                     no        HTTP server virtual host

msf auxiliary(jboss_vulnscan) > exploit
Debug: res = nil

[*] Error: 1.1.1.1: TypeError can't convert nil into String
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed

I've tried to dig through to work out why but haven't got time to
fully understand the send_request_cgi function at the moment so can't
offer a solution.

Robin
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework

Current thread:

bug in auxiliary/scanner/http/jboss_vulnscan Robin Wood (Jun 02)
- bug in msf > use auxiliary/scanner/portscan/syn Peter Fellini (Jun 02)
  - Re: bug in msf > use auxiliary/scanner/portscan/syn Tod Beardsley (Jun 02)
- Re: bug in auxiliary/scanner/http/jboss_vulnscan Rob Fuller (Jun 02)
  - Re: bug in auxiliary/scanner/http/jboss_vulnscan Robin Wood (Jun 02)