Metasploit mailing list archives
Re: ERROR: invalid input when using new Credential API
From: Pedro Ribeiro <pedrib () gmail com>
Date: Wed, 8 Oct 2014 01:13:08 +0100
If I try to attack a domain and set RHOST to a hostname, I get the same error: [-] Auxiliary failed: ActiveRecord::StatementInvalid PG::InvalidTextRepresentation: ERROR: invalid input syntax for type inet: "domain.com" (domain.com was actually a valid and reachable domain) I understand that the credential API is new, but this is very clearly a bug. Regards, Pedro On 3 October 2014 01:36, HD Moore <x () hdm io> wrote:
The database is keyed off IP addresses, so you are correct in that any reported credential with an address field needs to have an associated IP (or the hostname must resolve). -HD-----Original Message----- From: framework [mailto:framework-bounces () spool metasploit com] On Behalf Of Pedro Ribeiro Sent: Thursday, October 2, 2014 5:19 PM To: Metasploit List Subject: [framework] ERROR: invalid input when using new Credential API Hi, I'm building an aux module that gets the SQL database credentials from a target. These credentials are provided in the form hostname-username- password. I'm using the new Credential API and doing the following: service_data = { address: loot[database_server_name].split('\\')[0], # port is 0 because we can't get it from the packet_reply port: 0, service_name: loot[database_type], protocol: 'tcp', workspace_id: myworkspace_id } (full code in [1]) However, when I run the module I get the stack trace on [2]. It seems I cannot set the address to a hostname, only numeric IP values? Or am I doing something wrong? Thanks for the help. Regards, Pedro [1]: service_data = { address: loot[database_server_name].split('\\')[0], # port is 0 because we can't get it from the packet_reply port: 0, service_name: loot[database_type], protocol: 'tcp', workspace_id: myworkspace_id } credential_data = { origin_type: :service, module_fullname: self.fullname, private_type: :password, private_data: loot[database_pw], username: loot[schema_owner] , # We store the SID for Oracle or the instance name for SQL Server. # There's no realm_key for SQL Server so store it as Oracle anyway. realm_key: Metasploit::Model::Realm::Key::ORACLE_SYSTEM_IDENTIFIER, realm_value: loot[database_server_name].split('\\')[1] } credential_data.merge!(service_data) credential_core = create_credential(credential_data) login_data = { core: credential_core, status: Metasploit::Model::Login::Status::UNTRIED } login_data.merge!(service_data) create_credential_login(login_data) [2]: [-] Auxiliary failed: ActiveRecord::StatementInvalid PG::InvalidTextRepresentation: ERROR: invalid input syntax for type inet: "SVR-KIT-TI" LINE 1: ..."hosts".* FROM "hosts" WHERE "hosts"."address" = 'SVR-KIT-T... ^ : SELECT "hosts".* FROM "hosts" WHERE "hosts"."address" = 'SVR-KIT-TI' AND "hosts"."workspace_id" = 1 LIMIT 1 [-] Call stack: [-] /opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord- 3.2.17/lib/active_record/connection_adapters/postgresql_adapter.rb:1163:in `async_exec' [-] /opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord- 3.2.17/lib/active_record/connection_adapters/postgresql_adapter.rb:1163:in `exec_no_cache' [-] /opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord- 3.2.17/lib/active_record/connection_adapters/postgresql_adapter.rb:660:in `block in exec_query' [-] /opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord- 3.2.17/lib/active_record/connection_adapters/abstract_adapter.rb:280:in `block in log' [-] /opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activesupport- 3.2.17/lib/active_support/notifications/instrumenter.rb:20:in `instrument' [-] /opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord- 3.2.17/lib/active_record/connection_adapters/abstract_adapter.rb:275:in `log' [-] /opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord- 3.2.17/lib/active_record/connection_adapters/postgresql_adapter.rb:659:in `exec_query' [-] /opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord- 3.2.17/lib/active_record/connection_adapters/postgresql_adapter.rb:1262:in `select' [-] /opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord- 3.2.17/lib/active_record/connection_adapters/abstract/database_statements.r b:18:in `select_all' [-] /opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord- 3.2.17/lib/active_record/connection_adapters/abstract/query_cache.rb:63:in `select_all' [-] /opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord- 3.2.17/lib/active_record/querying.rb:38:in `block in find_by_sql' [-] /opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord- 3.2.17/lib/active_record/explain.rb:26:in `logging_query_plan' [-] /opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord- 3.2.17/lib/active_record/querying.rb:37:in `find_by_sql' [-] /opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord- 3.2.17/lib/active_record/relation.rb:171:in `exec_queries' [-] /opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord- 3.2.17/lib/active_record/relation.rb:160:in `block in to_a' [-] /opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord- 3.2.17/lib/active_record/explain.rb:26:in `logging_query_plan' [-] /opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord- 3.2.17/lib/active_record/relation.rb:159:in `to_a' [-] /opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord- 3.2.17/lib/active_record/relation/finder_methods.rb:381:in `find_first' [-] /opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord- 3.2.17/lib/active_record/relation/finder_methods.rb:122:in `first' [-] /opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord- 3.2.17/lib/active_record/relation.rb:119:in `first_or_create' [-] /opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/metasploit- credential-0.10.1/lib/metasploit/credential/creation.rb:430:in `create_credential_service' [-] /opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/metasploit- credential-0.10.1/lib/metasploit/credential/creation.rb:309:in `create_credential_origin_service' [-] /opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/metasploit- credential-0.10.1/lib/metasploit/credential/creation.rb:239:in `create_credential_origin' [-] /opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/metasploit- credential-0.10.1/lib/metasploit/credential/creation.rb:104:in `create_credential' _______________________________________________ https://dev.metasploit.com/mailman/listinfo/framework_______________________________________________ https://dev.metasploit.com/mailman/listinfo/framework
_______________________________________________ https://dev.metasploit.com/mailman/listinfo/framework
Current thread:
- ERROR: invalid input when using new Credential API Pedro Ribeiro (Oct 02)
- Re: ERROR: invalid input when using new Credential API HD Moore (Oct 02)
- Message not available
- Re: ERROR: invalid input when using new Credential API Pedro Ribeiro (Oct 03)
- Message not available
- Re: ERROR: invalid input when using new Credential API Pedro Ribeiro (Oct 07)
- Re: ERROR: invalid input when using new Credential API HD Moore (Oct 02)