Metasploit mailing list archives
Re: EOFerror on IIS 5.0 - SSL Remote Buffer Overflow Exploit
From: "HD Moore" <x () hdm io>
Date: Sun, 14 Dec 2014 13:49:33 -0600
This looks like expected behavior if the target has already been exploited or it has been patched. The EOF exception is just the server closing the socket before the exploit completes. -HD From: framework [mailto:framework-bounces () spool metasploit com] On Behalf Of Yang Yu Sent: Sunday, December 14, 2014 12:43 AM To: framework Subject: Re: [framework] EOFerror on IIS 5.0 - SSL Remote Buffer Overflow Exploit Hello, After changing LogLevel to 3, I got the stack trace: /opt/metasploit/apps/pro/msf3/msfconsole:48:in `<main>' [12/14/2014 17:51:46] [d(1)] core: Module x86/shikata_ga_nai is compatible with windows/ssl/ms04_011_pct [12/14/2014 17:51:46] [i(0)] core: windows/meterpreter/reverse_tcp: iteration 1: Successfully encoded with encoder x86/shikata_ga_nai (size is 320) [12/14/2014 17:51:47] [e(0)] core: Exploit failed (windows/ssl/ms04_011_pct): EOFError EOFError [12/14/2014 17:51:47] [d(3)] core: Call stack: /usr/share/metasploit-framework/lib/rex/io/stream.rb:203:in `get_once' /usr/share/metasploit-framework/modules/exploits/windows/ssl/ms04_011_pct.rb:151:in `exploit' /usr/share/metasploit-framework/lib/msf/core/exploit_driver.rb:205:in `job_run_proc' /usr/share/metasploit-framework/lib/msf/core/exploit_driver.rb:166:in `run' /usr/share/metasploit-framework/lib/msf/base/simple/exploit.rb:136:in `exploit_simple' /usr/share/metasploit-framework/lib/msf/base/simple/exploit.rb:161:in `exploit_simple' /usr/share/metasploit-framework/lib/msf/ui/console/command_dispatcher/exploit.rb:111:in `cmd_exploit' /usr/share/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:427:in `run_command' /usr/share/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:389:in `block in run_single' /usr/share/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:383:in `each' /usr/share/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:383:in `run_single' /usr/share/metasploit-framework/lib/rex/ui/text/shell.rb:200:in `run' /usr/share/metasploit-framework/lib/metasploit/framework/command/console.rb:30:in `start' /usr/share/metasploit-framework/lib/metasploit/framework/command/base.rb:82:in `start' /opt/metasploit/apps/pro/msf3/msfconsole:48:in `<main>' Any ideas what's wrong? Thanks. On Sat, Dec 13, 2014 at 10:28 PM, Tod Beardsley <todb () packetfu com <mailto:todb () packetfu com> > wrote: If you first `setg LogLevel 3` your framework.log will have the complete stack trace.
_______________________________________________ https://dev.metasploit.com/mailman/listinfo/framework
Current thread:
- EOFerror on IIS 5.0 - SSL Remote Buffer Overflow Exploit Yang Yu (Dec 13)
- Message not available
- Re: EOFerror on IIS 5.0 - SSL Remote Buffer Overflow Exploit Yang Yu (Dec 13)
- Re: EOFerror on IIS 5.0 - SSL Remote Buffer Overflow Exploit HD Moore (Dec 14)
- Re: EOFerror on IIS 5.0 - SSL Remote Buffer Overflow Exploit Yang Yu (Dec 13)
- Message not available