Auxiliary failed: Msf::OptionValidateError The following options failed to validate: RHOSTS

[Warok21]

Hi

Steps to reproduce

After installing Kali 2017.1, I wanted to try Armitage. So I added a host, right-click on it and scan. Everything went good, until i get the following error :

Auxiliary failed: Msf::OptionValidateError The following options failed to validate: RHOSTS

Can anyone help me? Thank

[busterb]

Metasploit is telling Armitage that it needs something set that isn't. Probably best to fix Armitage?

I've also half got a mind to make RHOST an alias for RHOSTS and getting rid of this dichotomy once and for all.

[Warok21]

I've also half got a mind to make RHOST an alias for RHOSTS and getting rid of this dichotomy once and for all.

do you mean the command set RHOSTS "x.x.x.x:"? Because I already did it and it didn't work

[h00die]

Maybe it needs rhost, maybe it shouldn't have a colon. Hard to tell with almost no details. Also hard to tell if it's an armitage issue or msf or user. I would suggest asking in IRC for help.

[sempervictus]

@busterb: the rhost/s bit is quite annoying, would be great to consolidate. Its a bit touchy IIRC as some consumers reference the DS option directly for their ops, expecting a specific type of value. If we were to represent all addrs as CIDR internally though, it could turn all rhost into /32. Still an audit nightmare, and likely a breaking change for some out of tree stuff, but I'm all for the top level simplification even at the cost of plumbing as it would ease things like the PSH WMI exec local exploit which is cobbled together to accept rhosts since the idea is to affect pandemic infection of a domain/enclave using session context (in order to demonstrate the pitfalls of distributed rights in a domain).

[ghost]

Still have the problem within armitage to scan a host for multiple MSF scan. The solution to enter the RHOSTS is not the solution because you can do it with every found auxilairy module (can be 30 or more).

Actions:

• update MSF. (apt-get update/upgrade/dist-upgrade)
• Last kwown version of Kali (even weekly builds (week 40)
• all known fixes on the internet (yes, i use google)

pls show me how to fix this because of upcoming pen testing.

ps. i am CEH..

[sempervictus]

This comes up way too often, maybe we need a disclaimer in red letters which says "Armitage is developed solely for the commercial benefit of its author with no attempt to collaborate with the Metasploit community or give back to it, therefore our ability and desire to support it are basically nil." At least that is my take on it, and I'm not an R7 staffer or in any way representative of the company's views, just been here long before that thing was an option for newbs the world over... Also, based on your inquiry, what you have coming up is a point and click affair which the client may believe to be a pen test, but is obviously being executed by someone who doesn't have the technical ability to read and write Ruby or Java. That sort of thing makes the rest of our lives harder when we run real engagements and they can't understand the cost difference between meticulous review and skiddie bs, not to mention how we found the plethora of things missed by script kiddies (and on a couple of occasions reputable folks who were just off their game during their engagement). There's discussion about adjusting the rhosts opt already, but it won't help you become a better security engineer a bit... Metasploit Pro, by the way, is tested against point releases meticulously. Given that you're not modifying your framework it's a good option for GUI driven work with toys we don't get in framework (evasion techniques and pivot being the major ones IMO, but task automation is likely more your cup of tea). Please, for the love of the work, go read and understand the systems you're using. If you're expected to do this for your clients, not doing it for yourself is indicative of shortcuts being taken which cannot be afforded in infosec. Once you do, you'll be able to fix things yourself and contribute back to the community who's efforts assist your income.

[ghost]

I do know how the system works. I did worked before, therefor I and so many people want to fix this. Manually entering the sollution works with 1 host and 1 scan. Fix will be to edit the configuration of the RHOSTS command so the scan of multiple host and scan will be fixed. The programmer of armitage should do that. There i hope to wake some people so they can fix it. And make people use the program because now it doesnt work.

That said i hope that some other people who fixed it already post there fix for the people who want to use armitage. Saying that "There's discussion about adjusting the rhosts opt already" only works on one host and one scan so that isn't a solution for the problem.

[busterb]

I'd suggest taking a look at the Amitage code and adjust what needs adjusting. It's open source; I just think you're going to need to fork and fix it to resolve this problem.

[DeconFrost]

Rhost is the targets IP address