Open OJ opened 6 years ago
While I'm at it, it's worth mentioning that Local URI is listed for TCP connections, which is a bit wrong because there is no such thing!
It's as if it's just falling back to the value of the previous session in the list. I'll try to get this fixed as well.
I had the smae problem with HTTP/(s) sessions @OJ https://github.com/rapid7/metasploit-framework/issues/10414
@OJ Were you able to make any progress on this issue? I'm interested in giving it a go.
I've been a bit swamped with my existing workload, so I'm afraid I've not had a look at this yet. Sorry!
Hi!
This issue has been left open with no activity for a while now.
We get a lot of issues, so we currently close issues after 60 days of inactivity. It’s been at least 30 days since the last update here. If we missed this issue or if you want to keep it open, please reply here. You can also add the label "not stale" to keep this issue open!
As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request.
It seems that active TCP transport sessions that reconnect to the listener (either after a restart of MSF or a transport change) don't appear to be marked as "encrypted". I've seen this a few times on a recent gig. I'm not sure if this means that the session isn't actually encrypted, or if the UI is just failing to mark it as so.
I don't think this is an issue for HTTP/S sessions, but I haven't validated that yet.
Either way, this needs to be looked at.
Steps to reproduce
windows/x64/meterpreter_reverse_tcp
.sessions -x
to see that the session is marked as encrypted.sessions -x
, and see that the session is not marked as encrypted.Expected behavior
This scenario should result in the session transport being encrypted.
Current behavior
The UI indicates that the session isn't encrypted (need to determine if the UI is lying or not).
System stuff
Metasploit version
888dc43a7e1b64d7d5098d06b038cc18f6a6949f (HEAD -> master, origin/master, origin/HEAD) Land #10348, Add REST API for module queries
I installed Metasploit with:
OS
Fedora 28.
Notes
I'm going to give this issue to myself, as I'm the pleb that wrote the thing in the first place.