Like0x
commented
5 years ago I have the same problem as you
Closed pythi0s closed 5 years ago
Like0x
commented
5 years ago I have the same problem as you
roumy
commented
5 years ago same problem also whereas it was working previously It looks like new metasploit version create a regression on pymetasploit I reach to mitigate the solution by downgrading my metasploit version to 4.14.1 download metasploit but it is not great, still investigating on problem , any helps welcome
ivonutar
commented
5 years ago I think the problem might be in metasploit core package in https://github.com/rapid7/metasploit-framework/blob/master/lib/msf/core/rpc/v10/rpc_session.rb :
def rpc_shell_read( sid, ptr=nil) s = _valid_session(sid,"shell") begin res = s.shell_read(data) { "write_count" => res.to_s} rescue ::Exception => e error(500, "Session Disconnected: #{e.class} #{e}") end end
"data" variable in line "res = s.shell_read(data)" is not defined.
ivonutar
commented
5 years ago Ok, I got the problem ... seems like rpc_shell_read function, which is used by pymetasploit, is a copy of rpc_shell_write function ... difference is the obvious data parameter, which is not supposed to be used in shell_read function, and return dictionary containing "write_count" instead of "data" and "seq" keys. I will be writing a pull request with this findings.
I am new to Metasploit and Python. In Pymetasploit, I am using "multi/http/oracle_weblogic_wsat_deserialization_rce" module for exploitation with payload "cmd/unix/reverse_python". Everything went well until I executed "print shell.read()" command (I am following the README.md) when I encountered following error:
I am not able to solve this issue so any advice is appreciated.