dipsec / armitage

Automatically exported from code.google.com/p/armitage
0 stars 0 forks source link

Metasploit stops responding during team use #101

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
I'm posting this issue here to document it as a known issue.

What steps will reproduce the problem?

1. Start msfrpcd and armitage --server mode
2. Connect two or more clients
3. Do stuff... eventually the Metasploit side stops responding

Workaround:

Don't use armitage in team mode until this issue is addressed or roll back to 
svn r15050 with:

cd /path/to/metasploit/msf3
svn update -r 15050

What happened?

Metasploit 4.3 changed its dependencies drastically and its means of protecting 
shared resources has changed too. Within the past two weeks, I've noticed the 
Ruby interpreter under msfrpcd crashes regularly during team use of Armitage. I 
believe there is a race condition in the framework (most likely with console 
creation). 

Is there a fix?

The good news, I do have a fix. Future versions of Armitage will proxy all team 
traffic through the deconfliction server. From Metasploit's perspective, it 
will always seem like only one client is interacting with it. I've tested this 
solution with my local unit tests and it works. I'm now rewriting Armitage to 
use this solution. When it's ready, I'll cut an update and make it available.

Original issue reported on code.google.com by rsmu...@gmail.com on 1 May 2012 at 3:31

GoogleCodeExporter commented 9 years ago
I should add: single user use of Armitage is not affected by this bug.

Original comment by rsmu...@gmail.com on 1 May 2012 at 3:32

GoogleCodeExporter commented 9 years ago
The latest Armitage release works around this issue. The race condition I 
experienced has its own ticket on the Metasploit bug tracker now:

http://dev.metasploit.com/redmine/issues/6829

Original comment by rsmu...@gmail.com on 7 May 2012 at 7:59