Nameservers from resolv.conf must be IP addresses

[zeroSteiner]

Fixes an infinite recursion error where Metasploit would attempt to resolve a nameserver specified as a hostname in /etc/resolv.conf while initializing.

Values for the namserver key in the resolv.conf file must be IP addresses per the man page while the Resolver class in theory allows them to be added by hostname however an existing one must be defined by which it will be resolved.

This notably prevents IPv6 addresses with a scope ID from being allowed in Ruby versions < 3.1. See this GitHub issue for the discussion. https://github.com/ruby/ipaddr/issues/52. In Ruby 3.0 and earlier, an IPv6 address with a scope is not considered to be a valid IP address, so when it fails the IPAddr initialization, it's treated as a hostname and now ignored. We could strip the scope ID, but it's possible that it's required to contact the specified nameserver. I'm also not 100% certain the scope ID is honored even when it's included in the IP address and passed through the socket stack. It's probably used when the underlying socket is the native Ruby socket for a connection originating from the local host. 🤷🏻 It wouldn't make any sense to use a scope from the host's perspective if the DNS server is being contacted over a pivot for example.

Fixes #19135

Verification

List the steps needed to make sure this thing works

• [ ] Edit your /etc/resolv.conf file and add a invalid nameserver, something like nameserver 127.0.0.1 bad.lan 127.0.0.2
• [ ] Start msfconsole without any configuration file, use fresh defaults
• [ ] Do not see a stack trace
• [ ] Run the dns command, see that the two nameservers defined by IP address are present and configured

[kishwordulal1234]

┌──(root㉿Un1kn0n3H4rt)-[/home/unknone/Desktop/snipersource /Sn1per-9.2] └─# msfconsole -E
/opt/metasploit-framework/embedded/framework/lib/metasploit/framework/parsed_options/base.rb:43:in initialize': missing argument: -E (OptionParser::MissingArgument) from /opt/metasploit-framework/embedded/framework/lib/metasploit/framework/command/base.rb:69:innew' from /opt/metasploit-framework/embedded/framework/lib/metasploit/framework/command/base.rb:69:in parsed_options' from /opt/metasploit-framework/embedded/framework/lib/metasploit/framework/command/base.rb:47:inrequire_environment!' from /opt/metasploit-framework/embedded/framework/lib/metasploit/framework/command/base.rb:81:in start' from /opt/metasploit-framework/bin/../embedded/framework/msfconsole:23:in

'

[kishwordulal1234]

┌──(root㉿Un1kn0n3H4rt)-[/home/unknone/Desktop/snipersource /Sn1per-9.2] └─# msfconsole
Metasploit tip: Use the resource command to run commands from a file /opt/metasploit-framework/embedded/lib/ruby/3.0.0/monitor.rb:238:in mon_initialize': stack level too deep (SystemStackError) from /opt/metasploit-framework/embedded/lib/ruby/3.0.0/logger/log_device.rb:17:ininitialize' from /opt/metasploit-framework/embedded/lib/ruby/3.0.0/logger.rb:390:in new' from /opt/metasploit-framework/embedded/lib/ruby/3.0.0/logger.rb:390:ininitialize' from /opt/metasploit-framework/embedded/framework/lib/net/dns/resolver.rb:214:in new' from /opt/metasploit-framework/embedded/framework/lib/net/dns/resolver.rb:214:ininitialize' from /opt/metasploit-framework/embedded/framework/lib/net/dns/resolver.rb:1132:in new' from /opt/metasploit-framework/embedded/framework/lib/net/dns/resolver.rb:1132:inblock in nameservers_from_name' from /opt/metasploit-framework/embedded/framework/lib/net/dns/resolver.rb:1131:in each' ... 11137 levels... from /opt/metasploit-framework/embedded/framework/lib/metasploit/framework/command/console.rb:66:indriver' from /opt/metasploit-framework/embedded/framework/lib/metasploit/framework/command/console.rb:54:in start' from /opt/metasploit-framework/embedded/framework/lib/metasploit/framework/command/base.rb:82:instart' from /opt/metasploit-framework/bin/../embedded/framework/msfconsole:23:in `

'

[kishwordulal1234]

┌──(root㉿Un1kn0n3H4rt)-[/home/unknone/Desktop/snipersource /Sn1per-9.2] └─# cat /etc/resolv.conf

Generated by NetworkManager

nameserver 192.168.101.1 nameserver 8.8.8.8 nameserver 4.4.4.4

NOTE: the libc resolver may not support more than 3 nameservers.

The nameservers listed below may not be recognized.

nameserver fe80::1%wlan1 nameserver fe80::1%wlan0

[kishwordulal1234]

┌──(root㉿Un1kn0n3H4rt)-[/home/unknone/Desktop/snipersource /Sn1per-9.2] └─# msfdb reinit Metasploit running on Kali Linux as root, using system database Creating database user 'msf' Enter password for new role: Enter it again: Creating databases 'msf' and 'msf_test' Creating configuration file in /usr/share/metasploit-framework/config/database.yml Creating initial database schema Could not locate Gemfile or .bundle/ directory

[zeroSteiner]

Are you trying to ask for something? I'm not sure what you're intentions are by repeatedly posting the output of various things. The relevance of the last one, in particular, is escaping me. If you have some concerns or need help, then I'd be happy to oblige if I knew what you were looking for.

https://github.com/rapid7/metasploit-framework/pull/19137#issuecomment-2078751790 seems to be the same issue, however it's not clear to me if you've pulled the changes I've submitted here and are still receiving it or if you're still running Metasploit from the master branch.

[adfoster-r7]

Release Notes

Fixes an infinite recursion error where Metasploit would attempt to resolve a nameserver specified as a hostname in /etc/resolv.conf while initializing