Closed ozaik closed 4 years ago
Sorry for my english
You're good :)
What exploit was deployed? all
Which mods list? I'm assuming default fuzzers?
Wrong Lport and workspace
It has to do with the module itself, if you look at the output and the module itself: The output:
(msf)>> [*] Processing /root/AutoSploit/autosploit_out/2019-05-08_14h42m38s/174.67.38.109/auxiliary-fuzzers-dns-dns_fuzzer for ERB directives.
(msf)>> resource (/root/AutoSploit/autosploit_out/2019-05-08_14h42m38s/174.67.38.109/auxiliary-fuzzers-dns-dns_fuzzer)> workspace -a 127.0.0.1
(msf)>> [*] Workspace '127.0.0.1' already existed, switching to it.
(msf)>> [*] Workspace: 127.0.0.1
(msf)>> resource (/root/AutoSploit/autosploit_out/2019-05-08_14h42m38s/174.67.38.109/auxiliary-fuzzers-dns-dns_fuzzer)> use auxiliary/fuzzers/dns/dns_fuzzer
(msf)>> resource (/root/AutoSploit/autosploit_out/2019-05-08_14h42m38s/174.67.38.109/auxiliary-fuzzers-dns-dns_fuzzer)> setg lhost 4444
(msf)>> lhost => 4444
(msf)>> resource (/root/AutoSploit/autosploit_out/2019-05-08_14h42m38s/174.67.38.109/auxiliary-fuzzers-dns-dns_fuzzer)> setg lport default
(msf)>> lport => default
(msf)>> resource (/root/AutoSploit/autosploit_out/2019-05-08_14h42m38s/174.67.38.109/auxiliary-fuzzers-dns-dns_fuzzer)> setg verbose true
(msf)>> verbose => true
(msf)>> resource (/root/AutoSploit/autosploit_out/2019-05-08_14h42m38s/174.67.38.109/auxiliary-fuzzers-dns-dns_fuzzer)> setg threads 20
(msf)>> threads => 20
The actual module:
msf5 auxiliary(fuzzers/dns/dns_fuzzer) > show options
Module options (auxiliary/fuzzers/dns/dns_fuzzer):
Name Current Setting Required Description
---- --------------- -------- -----------
CLASS no Comma separated list of classes to fuzz. Leave empty to fuzz all fields.
CYCLIC true no Use Cyclic pattern instead of A's (fuzzing payload).
DNSSEC false no Add DNSsec to each question (UDP payload size, EDNS0, ...)
DOMAIN no Force DNS zone domain name.
ENDSIZE 500 no Max Fuzzing string size. (L2 Frame size)
ERRORHDR 0 no Introduces byte error in the DNS header.
IMPORTENUM no Import dns_enum database output and automatically use existing RR.
ITERATIONS 5 yes Number of iterations to run by test case
METHOD UDP no Underlayer protocole to use (Accepted: UDP, TCP, AUTO)
OPCODE no Comma separated list of opcodes to fuzz. Leave empty to fuzz all fields.
RAWPADDING false no Generate totally random data from STARTSIZE to ENDSIZE
RHOSTS yes The target address range or CIDR identifier
RPORT 53 yes The target port (TCP)
RR no Comma separated list of requests to fuzz. Leave empty to fuzz all fields.
STARTSIZE 0 no Fuzzing string startsize.
STEPSIZE 100 no Increment fuzzing string each attempt.
THREADS 1 yes The number of concurrent threads
TRAILINGNUL true no NUL byte terminate DNS names
msf5 auxiliary(fuzzers/dns/dns_fuzzer) >
Unfortunately there's not really a way to fix these kind of issues without adding more commands to the RC scripts. If you can think of a way to actually fix this issue without us just removing the module from the list let me know!
I went ahead and removed it here: https://github.com/NullArray/AutoSploit/commit/4b4495fdcf0d9a7b246387b395341b000ffcad7b you should see it in the next release
Thanks for your answer and your work.
This is done on the 2 modules.
which two?
ping @ozaik?
Hello, for anyone wondering or veiwing this i fixed this issue with a temp solution, run the exploit command like this "exploit [the ip] [the ip again] [port] [honeycheck], this makes everything work the way it should.
Wrong Lport and workspace
Exploit module information
Program information
Sorry for my english