search

rapid7 / metasploit-framework

Metasploit Framework
https://www.metasploit.com/
Other
34.16k stars 13.98k forks source link

strange error when using multi thread in “cve_2019_0708_bluekeep” #12069

Closed qwx closed 3 years ago

qwx commented 5 years ago

When using multi threads (more than 30 or 16 in windows), the result of scan is error, some hosts which NOT vulnerable are regarded as vulnerable and show on the list. When using 1 thread, the result is right. There are about 200+ vulnerable hosts in the network.

Example

10.6.0.1 is not vulnerable when set rhosts 10.6.0.1 or set rhosts 10.6.0.0/16 and thread 1 10.6.0.1 is vulnerable when set rhosts 10.6.0.0/16 and threads 30 when run next time, hosts are changed. (though some real vulnerable hosts are always on the list)

How'd you do it? 1.set rhosts 10.6.0.0/16 2.set ConnectTimeout 3 3.set threads 30

  1. run

Expected behavior

only vulnerable hosts are show on the list. What should happen?

Current behavior

NOT vulnerable hosts are regarded as vulnerable and show on the list.

~/.msf4/logs/framework.log [07/08/2019 12:16:01] [e(0)] core: EOFError /opt/metasploit-framework/embedded/lib/ruby/gems/2.5.0/gems/rex-core-0.1.13/lib/rex/io/stream.rb:203:in get_once' /opt/metasploit-framework/embedded/framework/modules/auxiliary/scanner/rdp/cve_2019_0708_bluekeep.rb:395:inrdp_recv' /opt/metasploit-framework/embedded/framework/modules/auxiliary/scanner/rdp/cve_2019_0708_bluekeep.rb:403:in rdp_send_recv' /opt/metasploit-framework/embedded/framework/modules/auxiliary/scanner/rdp/cve_2019_0708_bluekeep.rb:290:incheck_rdp_vuln' /opt/metasploit-framework/embedded/framework/modules/auxiliary/scanner/rdp/cve_2019_0708_bluekeep.rb:93:in check_host' /opt/metasploit-framework/embedded/framework/modules/auxiliary/scanner/rdp/cve_2019_0708_bluekeep.rb:65:inrun_host' /opt/metasploit-framework/embedded/framework/lib/msf/core/auxiliary/scanner.rb:111:in block (2 levels) in run' /opt/metasploit-framework/embedded/framework/lib/msf/core/thread_manager.rb:106:inblock in spawn'

System stuff

Metasploit version

Framework: 5.0.36-dev- Console : 5.0.36-dev-

I installed Metasploit with:

install using rpm package metasploit-framework-5.0.36+20190707102508~1rapid7-1.el6.x86_64.rpm

OS

What OS are you running Metasploit on? Centos7

sorry for my English

If need more log, i can upload in the issue! Thanks

qwx commented 5 years ago

I don't know what will happen if I use another module. I only test with cve_2019_0708_bluekeep

github-actions[bot] commented 4 years ago

Hi!

This issue has been left open with no activity for a while now.

We get a lot of issues, so we currently close issues after 60 days of inactivity. It’s been at least 30 days since the last update here. If we missed this issue or if you want to keep it open, please reply here. You can also add the label "not stale" to keep this issue open!

As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request.

github-actions[bot] commented 3 years ago

Hi again!

It’s been 60 days since anything happened on this issue, so we are going to close it. Please keep in mind that I’m only a robot, so if I’ve closed this issue in error please feel free to reopen this issue or create a new one if you need anything else.

As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request.