Permalink
Browse files

fix MSF scan result parsing (fixes issue #192 )

  • Loading branch information...
mdeous committed Jul 1, 2016
1 parent b2d5b4f commit b31b314f31dbe105fc20ba38f3bc18b9869d9141
Showing with 1 addition and 1 deletion.
  1. +1 −1 scripts/meterpreter.sl
View
@@ -378,7 +378,7 @@ sub launch_msf_scans {
local('$text $host $port $hosts $modules $module $options');
foreach $text (split("\n", $3)) {
if ($text ismatch '... (.*?):(\d+) - TCP OPEN') {
if ($text ismatch '... (.*?): +- \1:(\d+) - TCP OPEN') {
($host, $port) = matched();
push(%discover[$port], $host);
}

6 comments on commit b31b314

@MongooseSec

This comment has been minimized.

Show comment
Hide comment
@MongooseSec

MongooseSec Jul 15, 2016

The script now no longer scans with any module other than the initial auxiliary/scanner/portscan/tcp, because the new regex never returns a match.

The script now no longer scans with any module other than the initial auxiliary/scanner/portscan/tcp, because the new regex never returns a match.

@mdeous

This comment has been minimized.

Show comment
Hide comment
@mdeous

mdeous Sep 12, 2016

Owner

@UpdateYourCode for me it is fixed, like you can see here it works: rsmudge#192 (comment)
If it doesn't please provide more details than "doesn't work".

Owner

mdeous replied Sep 12, 2016

@UpdateYourCode for me it is fixed, like you can see here it works: rsmudge#192 (comment)
If it doesn't please provide more details than "doesn't work".

@UpdatedCode4Lief

This comment has been minimized.

Show comment
Hide comment
@UpdatedCode4Lief

UpdatedCode4Lief Sep 12, 2016

Sorry. It is still having the same issues with http_version picking up the wrong RHOSTS values on Kali 2016.2 x64

It shows an old Aug 2015 version of Armitage 1.4.11, which is probably why its broken.

Apologize for the assumption that it had not been fixed.

If it is in fact the latest version maybe there is a new issue instead.

"msf > use auxiliary/scanner/portscan/tcp
msf auxiliary(tcp) > set RHOSTS 192.168.x.xx
RHOSTS => 192.168.x.xx
msf auxiliary(tcp) > set THREADS 24
THREADS => 24
msf auxiliary(tcp) > set PORTS 50000, 21, 1720, 80, 443, 143, 623, 3306, 110, 5432, 25, 22, 23, 1521, 50013, 161, 2222, 17185, 135, 8080, 4848, 1433, 5560, 512, 513, 514, 445, 5900, 5901, 5902, 5903, 5904, 5905, 5906, 5907, 5908, 5909, 5038, 111, 139, 49, 515, 7787, 2947, 7144, 9080, 8812, 2525, 2207, 3050, 5405, 1723, 1099, 5555, 921, 10001, 123, 3690, 548, 617, 6112, 6667, 3632, 783, 10050, 38292, 12174, 2967, 5168, 3628, 7777, 6101, 10000, 6504, 41523, 41524, 2000, 1900, 10202, 6503, 6070, 6502, 6050, 2103, 41025, 44334, 2100, 5554, 12203, 26000, 4000, 1000, 8014, 5250, 34443, 8028, 8008, 7510, 9495, 1581, 8000, 18881, 57772, 9090, 9999, 81, 3000, 8300, 8800, 8090, 389, 10203, 5093, 1533, 13500, 705, 4659, 20031, 16102, 6080, 6660, 11000, 19810, 3057, 6905, 1100, 10616, 10628, 5051, 1582, 65535, 105, 22222, 30000, 113, 1755, 407, 1434, 2049, 689, 3128, 20222, 20034, 7580, 7579, 38080, 12401, 910, 912, 11234, 46823, 5061, 5060, 2380, 69, 5800, 62514, 42, 5631, 902, 5985, 5986, 6000, 6001, 6002, 6003, 6004, 6005, 6006, 6007, 47001, 523, 3500, 6379, 8834
PORTS => 50000, 21, 1720, 80, 443, 143, 623, 3306, 110, 5432, 25, 22, 23, 1521, 50013, 161, 2222, 17185, 135, 8080, 4848, 1433, 5560, 512, 513, 514, 445, 5900, 5901, 5902, 5903, 5904, 5905, 5906, 5907, 5908, 5909, 5038, 111, 139, 49, 515, 7787, 2947, 7144, 9080, 8812, 2525, 2207, 3050, 5405, 1723, 1099, 5555, 921, 10001, 123, 3690, 548, 617, 6112, 6667, 3632, 783, 10050, 38292, 12174, 2967, 5168, 3628, 7777, 6101, 10000, 6504, 41523, 41524, 2000, 1900, 10202, 6503, 6070, 6502, 6050, 2103, 41025, 44334, 2100, 5554, 12203, 26000, 4000, 1000, 8014, 5250, 34443, 8028, 8008, 7510, 9495, 1581, 8000, 18881, 57772, 9090, 9999, 81, 3000, 8300, 8800, 8090, 389, 10203, 5093, 1533, 13500, 705, 4659, 20031, 16102, 6080, 6660, 11000, 19810, 3057, 6905, 1100, 10616, 10628, 5051, 1582, 65535, 105, 22222, 30000, 113, 1755, 407, 1434, 2049, 689, 3128, 20222, 20034, 7580, 7579, 38080, 12401, 910, 912, 11234, 46823, 5061, 5060, 2380, 69, 5800, 62514, 42, 5631, 902, 5985, 5986, 6000, 6001, 6002, 6003, 6004, 6005, 6006, 6007, 47001, 523, 3500, 6379, 8834
msf auxiliary(tcp) > run -j
[] Auxiliary module running as background job
*Redacted
[
] Scanned 1 of 1 hosts (100% complete)

[*] Starting host discovery scans

[*] 3 scans to go...
msf auxiliary(tcp) > use scanner/http/http_version
msf auxiliary(http_version) > set RHOSTS 192.168.x.xx: - 192.168.x.xx
RHOSTS => 192.168.x.xx: - 192.168.x.xx
msf auxiliary(http_version) > set THREADS 24
THREADS => 24
msf auxiliary(http_version) > set RPORT 80
RPORT => 80
msf auxiliary(http_version) > run -j
[-] Auxiliary failed: Msf::OptionValidateError The following options failed to validate: RHOSTS.

UpdatedCode4Lief replied Sep 12, 2016

Sorry. It is still having the same issues with http_version picking up the wrong RHOSTS values on Kali 2016.2 x64

It shows an old Aug 2015 version of Armitage 1.4.11, which is probably why its broken.

Apologize for the assumption that it had not been fixed.

If it is in fact the latest version maybe there is a new issue instead.

"msf > use auxiliary/scanner/portscan/tcp
msf auxiliary(tcp) > set RHOSTS 192.168.x.xx
RHOSTS => 192.168.x.xx
msf auxiliary(tcp) > set THREADS 24
THREADS => 24
msf auxiliary(tcp) > set PORTS 50000, 21, 1720, 80, 443, 143, 623, 3306, 110, 5432, 25, 22, 23, 1521, 50013, 161, 2222, 17185, 135, 8080, 4848, 1433, 5560, 512, 513, 514, 445, 5900, 5901, 5902, 5903, 5904, 5905, 5906, 5907, 5908, 5909, 5038, 111, 139, 49, 515, 7787, 2947, 7144, 9080, 8812, 2525, 2207, 3050, 5405, 1723, 1099, 5555, 921, 10001, 123, 3690, 548, 617, 6112, 6667, 3632, 783, 10050, 38292, 12174, 2967, 5168, 3628, 7777, 6101, 10000, 6504, 41523, 41524, 2000, 1900, 10202, 6503, 6070, 6502, 6050, 2103, 41025, 44334, 2100, 5554, 12203, 26000, 4000, 1000, 8014, 5250, 34443, 8028, 8008, 7510, 9495, 1581, 8000, 18881, 57772, 9090, 9999, 81, 3000, 8300, 8800, 8090, 389, 10203, 5093, 1533, 13500, 705, 4659, 20031, 16102, 6080, 6660, 11000, 19810, 3057, 6905, 1100, 10616, 10628, 5051, 1582, 65535, 105, 22222, 30000, 113, 1755, 407, 1434, 2049, 689, 3128, 20222, 20034, 7580, 7579, 38080, 12401, 910, 912, 11234, 46823, 5061, 5060, 2380, 69, 5800, 62514, 42, 5631, 902, 5985, 5986, 6000, 6001, 6002, 6003, 6004, 6005, 6006, 6007, 47001, 523, 3500, 6379, 8834
PORTS => 50000, 21, 1720, 80, 443, 143, 623, 3306, 110, 5432, 25, 22, 23, 1521, 50013, 161, 2222, 17185, 135, 8080, 4848, 1433, 5560, 512, 513, 514, 445, 5900, 5901, 5902, 5903, 5904, 5905, 5906, 5907, 5908, 5909, 5038, 111, 139, 49, 515, 7787, 2947, 7144, 9080, 8812, 2525, 2207, 3050, 5405, 1723, 1099, 5555, 921, 10001, 123, 3690, 548, 617, 6112, 6667, 3632, 783, 10050, 38292, 12174, 2967, 5168, 3628, 7777, 6101, 10000, 6504, 41523, 41524, 2000, 1900, 10202, 6503, 6070, 6502, 6050, 2103, 41025, 44334, 2100, 5554, 12203, 26000, 4000, 1000, 8014, 5250, 34443, 8028, 8008, 7510, 9495, 1581, 8000, 18881, 57772, 9090, 9999, 81, 3000, 8300, 8800, 8090, 389, 10203, 5093, 1533, 13500, 705, 4659, 20031, 16102, 6080, 6660, 11000, 19810, 3057, 6905, 1100, 10616, 10628, 5051, 1582, 65535, 105, 22222, 30000, 113, 1755, 407, 1434, 2049, 689, 3128, 20222, 20034, 7580, 7579, 38080, 12401, 910, 912, 11234, 46823, 5061, 5060, 2380, 69, 5800, 62514, 42, 5631, 902, 5985, 5986, 6000, 6001, 6002, 6003, 6004, 6005, 6006, 6007, 47001, 523, 3500, 6379, 8834
msf auxiliary(tcp) > run -j
[] Auxiliary module running as background job
*Redacted
[
] Scanned 1 of 1 hosts (100% complete)

[*] Starting host discovery scans

[*] 3 scans to go...
msf auxiliary(tcp) > use scanner/http/http_version
msf auxiliary(http_version) > set RHOSTS 192.168.x.xx: - 192.168.x.xx
RHOSTS => 192.168.x.xx: - 192.168.x.xx
msf auxiliary(http_version) > set THREADS 24
THREADS => 24
msf auxiliary(http_version) > set RPORT 80
RPORT => 80
msf auxiliary(http_version) > run -j
[-] Auxiliary failed: Msf::OptionValidateError The following options failed to validate: RHOSTS.

@darkangelvenom

This comment has been minimized.

Show comment
Hide comment
@darkangelvenom

darkangelvenom Jul 6, 2017

I have the same problem as @UpdatedCode4Lief Does anyone know the fix for this because its getting to be a real pain.

I have the same problem as @UpdatedCode4Lief Does anyone know the fix for this because its getting to be a real pain.

@darkangelvenom

This comment has been minimized.

Show comment
Hide comment
@darkangelvenom

darkangelvenom Jul 6, 2017

Never mind, followed @mattoufoutu and works fineish. It sets the RHOST as a bunch of x's, a colon, and more x's. Help?

Never mind, followed @mattoufoutu and works fineish. It sets the RHOST as a bunch of x's, a colon, and more x's. Help?

@muhviehstah

This comment has been minimized.

Show comment
Hide comment
@muhviehstah

muhviehstah Feb 6, 2018

i believe its the nmap version

i believe its the nmap version

Please sign in to comment.