search

rapid7 / metasploit-framework

Metasploit Framework
https://www.metasploit.com/
Other
34k stars 13.94k forks source link

Remote dataservice throws encoding exceptions for http_version scanner #15248

Closed adfoster-r7 closed 1 year ago

adfoster-r7 commented 3 years ago

Steps to reproduce

Connect to the database:

use scanner/http/http_version
set rhosts www.google.com
set rport 80
run

Stack trace:

msf6 auxiliary(scanner/http/http_version) > run

[-] Auxiliary failed: RuntimeError Problem with HTTP request for type/path: POST /api/v1/notes message: "\xC2" from ASCII-8BIT to UTF-8
[-] Call stack:
[-]   /Users/user/Documents/code/metasploit-framework/lib/metasploit/framework/data_service/remote/http/response_data_helper.rb:63:in `json_to_mdm_object'
[-]   /Users/user/Documents/code/metasploit-framework/lib/metasploit/framework/data_service/remote/http/remote_note_data_service.rb:15:in `report_note'
[-]   /Users/user/Documents/code/metasploit-framework/lib/metasploit/framework/data_service/proxy/note_data_proxy.rb:40:in `block in report_note'
[-]   /Users/user/Documents/code/metasploit-framework/lib/metasploit/framework/data_service/proxy/core.rb:164:in `data_service_operation'
[-]   /Users/user/Documents/code/metasploit-framework/lib/metasploit/framework/data_service/proxy/note_data_proxy.rb:38:in `report_note'
[-]   /Users/user/Documents/code/metasploit-framework/lib/msf/core/auxiliary/report.rb:180:in `report_note'
[-]   /Users/user/Documents/code/metasploit-framework/lib/msf/core/exploit/remote/http_client.rb:869:in `http_fingerprint'
[-]   /Users/user/Documents/code/metasploit-framework/modules/auxiliary/scanner/http/http_version.rb:35:in `run_host'
[-]   /Users/user/Documents/code/metasploit-framework/lib/msf/core/auxiliary/scanner.rb:124:in `block (2 levels) in run'
[-]   /Users/user/Documents/code/metasploit-framework/lib/msf/core/thread_manager.rb:105:in `block in spawn'
[*] Auxiliary module execution completed

Note it works when not connected to the database:

msf6 auxiliary(scanner/http/http_version) > db_disconnect
Successfully disconnected from the data service: remote_data_service: (https://localhost:5443).
msf6 auxiliary(scanner/http/http_version) > run

[+] 216.58.212.228:80 gws
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
github-actions[bot] commented 1 year ago

Thanks for your contribution to Metasploit Framework! We've looked at this issue, and unfortunately we do not currently have the bandwidth to prioritize this issue.

We've labeled this as attic and closed it for now. If you believe this issue has been closed in error, or that it should be prioritized, please comment with additional information.