Wrong Lport

[ozaik]

Wrong Lport and workspace

• What branch did you download? All the git
• Clone, or docker run? Clone
• What OS are you running? Last kali

Exploit module information

• What exploit was deployed? all
• Was a session generated for the target? No
• What version of metasploit are you running? Last update

Program information

• Python version number? same as code
• AutoSploit version number? v 3.1.2
• Any console output that is relevant to the issue: look my input and the output Lport
• Traceback (error) if any:

root@autosploit# run 127.0.0.1 4444 default
[?] sort modules by relevance to last query[y/N]: n
[?] view sorted modules[y/N]: n
[?] press enter to start exploitation phase: 
[+] starting exploitation phase
[+] Launching exploits against 100 hosts:
[+] launching exploit 'auxiliary/fuzzers/dns/dns_fuzzer' against host '174.67.38.109'
[+] Executing command 'sudo  msfconsole -r /root/AutoSploit/autosploit_out/2019-05-08_14h42m38s/174.67.38.109/auxiliary-fuzzers-dns-dns_fuzzer -q'
(msf)>> [*] Processing /root/AutoSploit/autosploit_out/2019-05-08_14h42m38s/174.67.38.109/auxiliary-fuzzers-dns-dns_fuzzer for ERB directives.
(msf)>> resource (/root/AutoSploit/autosploit_out/2019-05-08_14h42m38s/174.67.38.109/auxiliary-fuzzers-dns-dns_fuzzer)> workspace -a 127.0.0.1
(msf)>> [*] Workspace '127.0.0.1' already existed, switching to it.
(msf)>> [*] Workspace: 127.0.0.1
(msf)>> resource (/root/AutoSploit/autosploit_out/2019-05-08_14h42m38s/174.67.38.109/auxiliary-fuzzers-dns-dns_fuzzer)> use auxiliary/fuzzers/dns/dns_fuzzer
(msf)>> resource (/root/AutoSploit/autosploit_out/2019-05-08_14h42m38s/174.67.38.109/auxiliary-fuzzers-dns-dns_fuzzer)> setg lhost 4444
(msf)>> lhost => 4444
(msf)>> resource (/root/AutoSploit/autosploit_out/2019-05-08_14h42m38s/174.67.38.109/auxiliary-fuzzers-dns-dns_fuzzer)> setg lport default
(msf)>> lport => default
(msf)>> resource (/root/AutoSploit/autosploit_out/2019-05-08_14h42m38s/174.67.38.109/auxiliary-fuzzers-dns-dns_fuzzer)> setg verbose true
(msf)>> verbose => true
(msf)>> resource (/root/AutoSploit/autosploit_out/2019-05-08_14h42m38s/174.67.38.109/auxiliary-fuzzers-dns-dns_fuzzer)> setg threads 20
(msf)>> threads => 20

Sorry for my english

[Ekultek]

Sorry for my english

You're good :)

What exploit was deployed? all

Which mods list? I'm assuming default fuzzers?

Wrong Lport and workspace

It has to do with the module itself, if you look at the output and the module itself: The output:

(msf)>> [*] Processing /root/AutoSploit/autosploit_out/2019-05-08_14h42m38s/174.67.38.109/auxiliary-fuzzers-dns-dns_fuzzer for ERB directives.
(msf)>> resource (/root/AutoSploit/autosploit_out/2019-05-08_14h42m38s/174.67.38.109/auxiliary-fuzzers-dns-dns_fuzzer)> workspace -a 127.0.0.1
(msf)>> [*] Workspace '127.0.0.1' already existed, switching to it.
(msf)>> [*] Workspace: 127.0.0.1
(msf)>> resource (/root/AutoSploit/autosploit_out/2019-05-08_14h42m38s/174.67.38.109/auxiliary-fuzzers-dns-dns_fuzzer)> use auxiliary/fuzzers/dns/dns_fuzzer
(msf)>> resource (/root/AutoSploit/autosploit_out/2019-05-08_14h42m38s/174.67.38.109/auxiliary-fuzzers-dns-dns_fuzzer)> setg lhost 4444
(msf)>> lhost => 4444
(msf)>> resource (/root/AutoSploit/autosploit_out/2019-05-08_14h42m38s/174.67.38.109/auxiliary-fuzzers-dns-dns_fuzzer)> setg lport default
(msf)>> lport => default
(msf)>> resource (/root/AutoSploit/autosploit_out/2019-05-08_14h42m38s/174.67.38.109/auxiliary-fuzzers-dns-dns_fuzzer)> setg verbose true
(msf)>> verbose => true
(msf)>> resource (/root/AutoSploit/autosploit_out/2019-05-08_14h42m38s/174.67.38.109/auxiliary-fuzzers-dns-dns_fuzzer)> setg threads 20
(msf)>> threads => 20

The actual module:

msf5 auxiliary(fuzzers/dns/dns_fuzzer) > show options

Module options (auxiliary/fuzzers/dns/dns_fuzzer):

   Name         Current Setting  Required  Description
   ----         ---------------  --------  -----------
   CLASS                         no        Comma separated list of classes to fuzz. Leave empty to fuzz all fields.
   CYCLIC       true             no        Use Cyclic pattern instead of A's (fuzzing payload).
   DNSSEC       false            no        Add DNSsec to each question (UDP payload size, EDNS0, ...)
   DOMAIN                        no        Force DNS zone domain name.
   ENDSIZE      500              no        Max Fuzzing string size. (L2 Frame size)
   ERRORHDR     0                no        Introduces byte error in the DNS header.
   IMPORTENUM                    no        Import dns_enum database output and automatically use existing RR.
   ITERATIONS   5                yes       Number of iterations to run by test case
   METHOD       UDP              no        Underlayer protocole to use (Accepted: UDP, TCP, AUTO)
   OPCODE                        no        Comma separated list of opcodes to fuzz. Leave empty to fuzz all fields.
   RAWPADDING   false            no        Generate totally random data from STARTSIZE to ENDSIZE
   RHOSTS                        yes       The target address range or CIDR identifier
   RPORT        53               yes       The target port (TCP)
   RR                            no        Comma separated list of requests to fuzz. Leave empty to fuzz all fields.
   STARTSIZE    0                no        Fuzzing string startsize.
   STEPSIZE     100              no        Increment fuzzing string each attempt.
   THREADS      1                yes       The number of concurrent threads
   TRAILINGNUL  true             no        NUL byte terminate DNS names

msf5 auxiliary(fuzzers/dns/dns_fuzzer) > 

Unfortunately there's not really a way to fix these kind of issues without adding more commands to the RC scripts. If you can think of a way to actually fix this issue without us just removing the module from the list let me know!

[Ekultek]

I went ahead and removed it here: https://github.com/NullArray/AutoSploit/commit/4b4495fdcf0d9a7b246387b395341b000ffcad7b you should see it in the next release

[ozaik]

Thanks for your answer and your work.

This is done on the 2 modules.

[Ekultek]

which two?

[Ekultek]

ping @ozaik?

[THEpWn3R-o]

Hello, for anyone wondering or veiwing this i fixed this issue with a temp solution, run the exploit command like this "exploit [the ip] [the ip again] [port] [honeycheck], this makes everything work the way it should.