Metasploit Payload NOP Sled Length Command doesn't seem to work on msf5 console

[YazzyYaz]

Steps to reproduce

How'd you do it?

1. Connect to msfconsole

   ./msfconsole

2. Use a random payload. Here, I'm following the instructions from Offensive Security, but it seems some of the commands don't work on msf5. As you can see, it doesn't do anythoing on the NOP sled length -s command, even though it's documented.

   
   msf > use payload/windows/shell_bind_tcp
   .
   .
   msf5 payload(windows/shell_bind_tcp) > generate -s 14
   Usage: generate [options]

Generates a payload.

OPTIONS:

-E        Force encoding
-O <opt>  Deprecated: alias for the '-o' option
-P <opt>  Total desired payload size, auto-produce approproate NOPsled length
-S <opt>  The new section name to use when generating (large) Windows binaries
-b <opt>  The list of characters to avoid example: '\x00\xff'
-e <opt>  The encoder to use
-f <opt>  Output format: bash,c,csharp,dw,dword,hex,java,js_be,js_le,num,perl,pl,powershell,ps1,py,python,raw,rb,ruby,sh,vbapplication,vbscript,asp,aspx,aspx-exe,axis2,dll,elf,elf-so,exe,exe-only,exe-service,exe-small,hta-psh,jar,jsp,loop-vbs,macho,msi,msi-nouac,osx-app,psh,psh-cmd,psh-net,psh-reflection,vba,vba-exe,vba-psh,vbs,war
-h        Show this message
-i <opt>  The number of times to encode the payload
-k        Preserve the template behavior and inject the payload as a new thread
-n <opt>  Prepend a nopsled of [length] size on to the payload
-o <opt>  The output file name (otherwise stdout)
-p <opt>  The platform of the payload
-s <opt>  NOP sled length.
-x <opt>  Specify a custom executable file to use as a template

This section should also tell us any relevant information about the
environment; for example, if an exploit that used to work is failing,
tell us the victim operating system and service versions.

## Expected behavior

What should happen?

It should acknowledge the `-s 14` command and return back something like in the example by Offensive Security.

```sh
# windows/shell_bind_tcp - 355 bytes
# http://www.metasploit.com
# NOP gen: x86/opty2
# VERBOSE=false, LPORT=4444, RHOST=, EXITFUNC=process, 
# InitialAutoRunScript=, AutoRunScript=
buf = 
"\xb9\xd5\x15\x9f\x90\x04\xf8\x96\x24\x34\x1c\x98\x14\x4a" +
"\xfc\xe8\x89\x00\x00\x00\x60\x89\xe5\x31\xd2\x64\x8b\x52" +
"\x30\x8b\x52\x0c\x8b\x52\x14\x8b\x72\x28\x0f\xb7\x4a\x26" +
"\x31\xff\x31\xc0\xac\x3c\x61\x7c\x02\x2c\x20\xc1\xcf\x0d" +
...snip...

Current behavior

What happens instead?

You might also want to check the last ~1k lines of /opt/metasploit/apps/pro/engine/config/logs/framework.log or ~/.msf4/logs/framework.log for relevant stack traces

It just doesn't acknowledge the command as I pasted in the above example under "How'd You Do It"

System stuff

Metasploit version

Get this with the version command in msfconsole (or git log -1 --pretty=oneline for a source install).

Framework: 5.0.41-dev-dbe856297acd2517fd601dbac34e46889d174870 Console : 5.0.41-dev-dbe856297acd2517fd601dbac34e46889d174870

I installed Metasploit with:

• [ ] Kali package via apt
• [ ] Omnibus installer (nightly)
• [*] Commercial/Community installer (from http://www.rapid7.com/products/metasploit/download.jsp)
• [ ] Source install (please specify ruby version)

OS

What OS are you running Metasploit on?

Latest macOS Mojave version 10.14

[wvu]

~Ruh roh. Looks like -s was missed in #8999. Wonder what else escaped.~ It's -n now! See the help! ~We should remove -s, since it's misleading and isn't even used.~ ~What's the overlap with -P?~ Yes!

[YazzyYaz]

@wvu-r7 thank you for pointing me to -n. I missed it completely.

[wvu]

@YazzyYaz: It's okay. The -s was misleading. It's removed now, since it was a no-op. :)