Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fs.file.expand_path does not expand paths and environment variables on Linux Meterpreter #14357

Closed
gwillcox-r7 opened this issue Nov 5, 2020 · 6 comments · Fixed by #15862
Closed

fs.file.expand_path does not expand paths and environment variables on Linux Meterpreter #14357

gwillcox-r7 opened this issue Nov 5, 2020 · 6 comments · Fixed by #15862
Assignees
@smashery
Labels
bug confirmed Issues confirmed by a committer meterpreter

Comments

@gwillcox-r7
Copy link
Contributor

gwillcox-r7 commented Nov 5, 2020
edited

The expand_path call, as defined at

metasploit-framework/lib/msf/core/post/file.rb

Line 123 in 54b893a

def expand_path(path)
and which is accessible via client.fs.file.expand_path, does not appropriately expand paths on Linux, particularly for the ~ character., but also for environment variables such as $HOME

Steps to reproduce

How'd you do it?

  1. Obtain a Linux Meterpreter shell on a Linux target
  2. Type irb to get an interactive IRB shell when the meterpreter> prompt appears. It should state that you in the client object.
  3. Type fs.file.expand_path("~").

See below for a demonstration:

msf6 exploit(multi/handler) > set PAYLOAD linux/x64/meterpreter/bind_tcp
PAYLOAD => linux/x64/meterpreter/bind_tcp
msf6 exploit(multi/handler) > show options

Module options (exploit/multi/handler):

   Name  Current Setting  Required  Description
   ----  ---------------  --------  -----------


Payload options (linux/x64/meterpreter/bind_tcp):

   Name   Current Setting  Required  Description
   ----   ---------------  --------  -----------
   LPORT  4444             yes       The listen port
   RHOST  172.27.22.65     no        The target address


Exploit target:
   Id  Name
   --  ----
   0   Wildcard Target


msf6 exploit(multi/handler) > set RHOST 127.0.0.1
RHOST => 127.0.0.1
msf6 exploit(multi/handler) > exploit
[*] Started bind TCP handler against 127.0.0.1:4444
[*] Meterpreter session 2 opened (0.0.0.0:0 -> 127.0.0.1:4444) at 2020-11-05 13:33:23 -0600
meterpreter > cd ~
[-] 1001: Operation failed: 2
meterpreter > pwd
/home/gwillcox/git/metasploit-framework
meterpreter > irb
[*] You are in the "client" (session) object
irb: warn: can't alias kill from irb_kill.
>> fs.file.expand_path("~")
=> "~"
>> exit
meterpreter > shell
Process 20489 created.
Channel 1 created.
echo ~
/home/gwillcox
exit
meterpreter > irb
[*] Starting IRB shell...
[*] You are in the "client" (session) object

>> File.expand_path("~")
=> "/home/gwillcox"

Were you following a specific guide/tutorial or reading documentation?

This was discovered whilst trying to test out #13954

Expected behavior

The ~ character should expand into the path for the user's home directory on the system we are targeting and the user we are running as.

Current behavior

The path is not expanded and the ~ character stays as is.

Metasploit version

v6.0.15-dev-17fb85c670 with Ruby 2.7.2

Additional Information

Module/Datastore

The following global/module datastore, and database setup was configured before the issue occurred:

Collapse 
[framework/database]
default_db=local-https-data-service

[framework/database/local-https-data-service]
url=[Filtered]
cert=[Filtered]
skip_verify=[Filtered]
api_token=[Filtered]

[framework/ui/console]
ActiveModule=exploit/multi/handler

[multi/handler]
PAYLOAD=linux/x64/meterpreter/bind_tcp
WORKSPACE=
VERBOSE=false
WfsDelay=0
EnableContextEncoding=false
ContextInformationFile=
DisablePayloadHandler=false
ExitOnSession=true
ListenerTimeout=0
LPORT=4444
RHOST=127.0.0.1
PingbackRetries=0
PingbackSleep=30
PayloadUUIDSeed=
PayloadUUIDRaw=
PayloadUUIDName=
PayloadUUIDTracking=false
EnableStageEncoding=false
StageEncoder=
StageEncoderSaveRegisters=
StageEncodingFallback=true
PrependMigrate=false
PrependMigrateProc=
EXITFUNC=process
AutoLoadStdapi=true
AutoVerifySession=true
AutoVerifySessionTimeout=30
InitialAutoRunScript=
AutoRunScript=
AutoSystemInfo=true
EnableUnicodeEncoding=false
HandlerSSLCert=
SessionRetryTotal=3600
SessionRetryWait=10
SessionExpirationTimeout=604800
SessionCommunicationTimeout=300
PayloadProcessCommandLine=
AutoUnhookProcess=false
PrependFork=false
PrependSetresuid=false
PrependSetreuid=false
PrependSetuid=false
PrependSetresgid=false
PrependSetregid=false
PrependSetgid=false
PrependChrootBreak=false
AppendExit=false
MeterpreterDebugLevel=0
RemoteMeterpreterDebugFile=
loglevel=3

History

The following commands were ran during the session and before this issue occurred:

Collapse 
2190   client.fs.file.expand_path
2191   irb
2192   use multi/handler
2193   set payload windows/x64/meterpreter/bind_tcp
2194   show options
2195   set RHOST 172.27.22.65
2196   exploit
2197   client
2198   irb
2199   pwd
2200   irb
2201   pwd
2202   cmd_cd
2203   cd "%TEMP%"
2204   dir
2205   pwd
2206   exit
2207   set PAYLOAD linux/x64/meterpreter/bind_tcp
2208   show options
2209   set RHOST 127.0.0.1
2210   exploit
2211   cd ~
2212   pwd
2213   irb
2214   shell
2215   irb
2216   version
2217   clear
2218   background
2219   set loglevel 3
2220   sessions -i 2
2221   cd ~
2222   debug
2223   background
2224   debug

Framework Errors

The following framework errors occurred before the issue occurred:

Collapse 
[11/05/2020 13:32:32] [e(0)] core: Dependency for windows/encrypted_shell_reverse_tcp is not supported
[11/05/2020 13:32:32] [e(0)] core: Dependency for windows/x64/encrypted_reverse_tcp is not supported
[11/05/2020 13:32:32] [e(0)] core: Dependency for windows/encrypted_reverse_tcp is not supported
[11/05/2020 13:32:32] [e(0)] core: Errno::EISDIR : Is a directory @ rb_sysopen - test
./msfvenom:482:in `initialize'
./msfvenom:482:in `open'
./msfvenom:482:in `<main>'
[11/05/2020 13:33:07] [e(0)] core: Dependency for windows/x64/encrypted_shell_reverse_tcp is not supported
[11/05/2020 13:33:07] [e(0)] core: Dependency for windows/encrypted_shell_reverse_tcp is not supported
[11/05/2020 13:33:07] [e(0)] core: Dependency for windows/x64/encrypted_reverse_tcp is not supported
[11/05/2020 13:33:07] [e(0)] core: Dependency for windows/encrypted_reverse_tcp is not supported
[11/05/2020 13:33:27] [e(0)] meterpreter: 1001: Operation failed: 2
[11/05/2020 13:51:21] [e(0)] meterpreter: 1001: Operation failed: 2

Web Service Errors

The following web service errors occurred before the issue occurred:

Collapse 
[-] Error handling request: undefined method `[]=' for nil:NilClass.
    Call Stack:
	 /home/gwillcox/git/metasploit-framework/lib/msf/core/web_services/servlet/login_servlet.rb:42:in `block in create_login'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1675:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1675:in `block in compile!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1013:in `block (3 levels) in route!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1032:in `route_eval'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1013:in `block (2 levels) in route!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1061:in `block in process_route'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1059:in `catch'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1059:in `process_route'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1011:in `block in route!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1008:in `each'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1008:in `route!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1129:in `block in dispatch!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `block in invoke'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `catch'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `invoke'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1124:in `dispatch!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:939:in `block in call!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `block in invoke'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `catch'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `invoke'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:939:in `call!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:929:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/warden-1.2.9/lib/warden/manager.rb:36:in `block in call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/warden-1.2.9/lib/warden/manager.rb:34:in `catch'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/warden-1.2.9/lib/warden/manager.rb:34:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/xss_header.rb:18:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/base.rb:50:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/base.rb:50:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/path_traversal.rb:16:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/json_csrf.rb:26:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/base.rb:50:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/base.rb:50:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/frame_options.rb:31:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-2.2.3/lib/rack/session/abstract/id.rb:266:in `context'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-2.2.3/lib/rack/session/abstract/id.rb:260:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-2.2.3/lib/rack/null_logger.rb:11:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-2.2.3/lib/rack/head.rb:12:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:216:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1991:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1542:in `block in call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1769:in `synchronize'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1542:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:86:in `block in pre_process'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:84:in `catch'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:84:in `pre_process'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:53:in `process'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:39:in `receive_data'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/eventmachine-1.2.7/lib/eventmachine.rb:195:in `run_machine'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/eventmachine-1.2.7/lib/eventmachine.rb:195:in `run'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/backends/base.rb:73:in `start'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/server.rb:162:in `start'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/controllers/controller.rb:87:in `start'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/runner.rb:203:in `run_command'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/runner.rb:159:in `run!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/bin/thin:6:in `<top (required)>'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/bin/thin:23:in `load'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/bin/thin:23:in `<main>'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/bin/ruby_executable_hooks:24:in `eval'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/bin/ruby_executable_hooks:24:in `<main>'
[-] Error handling request: undefined method `[]=' for nil:NilClass.
    Call Stack:
	 /home/gwillcox/git/metasploit-framework/lib/msf/core/web_services/servlet/login_servlet.rb:42:in `block in create_login'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1675:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1675:in `block in compile!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1013:in `block (3 levels) in route!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1032:in `route_eval'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1013:in `block (2 levels) in route!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1061:in `block in process_route'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1059:in `catch'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1059:in `process_route'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1011:in `block in route!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1008:in `each'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1008:in `route!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1129:in `block in dispatch!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `block in invoke'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `catch'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `invoke'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1124:in `dispatch!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:939:in `block in call!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `block in invoke'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `catch'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `invoke'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:939:in `call!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:929:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/warden-1.2.9/lib/warden/manager.rb:36:in `block in call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/warden-1.2.9/lib/warden/manager.rb:34:in `catch'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/warden-1.2.9/lib/warden/manager.rb:34:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/xss_header.rb:18:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/base.rb:50:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/base.rb:50:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/path_traversal.rb:16:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/json_csrf.rb:26:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/base.rb:50:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/base.rb:50:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/frame_options.rb:31:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-2.2.3/lib/rack/session/abstract/id.rb:266:in `context'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-2.2.3/lib/rack/session/abstract/id.rb:260:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-2.2.3/lib/rack/null_logger.rb:11:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-2.2.3/lib/rack/head.rb:12:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:216:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1991:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1542:in `block in call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1769:in `synchronize'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1542:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:86:in `block in pre_process'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:84:in `catch'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:84:in `pre_process'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:53:in `process'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:39:in `receive_data'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/eventmachine-1.2.7/lib/eventmachine.rb:195:in `run_machine'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/eventmachine-1.2.7/lib/eventmachine.rb:195:in `run'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/backends/base.rb:73:in `start'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/server.rb:162:in `start'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/controllers/controller.rb:87:in `start'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/runner.rb:203:in `run_command'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/runner.rb:159:in `run!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/bin/thin:6:in `<top (required)>'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/bin/thin:23:in `load'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/bin/thin:23:in `<main>'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/bin/ruby_executable_hooks:24:in `eval'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/bin/ruby_executable_hooks:24:in `<main>'
[-] Error handling request: undefined method `[]=' for nil:NilClass.
    Call Stack:
	 /home/gwillcox/git/metasploit-framework/lib/msf/core/web_services/servlet/login_servlet.rb:42:in `block in create_login'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1675:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1675:in `block in compile!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1013:in `block (3 levels) in route!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1032:in `route_eval'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1013:in `block (2 levels) in route!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1061:in `block in process_route'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1059:in `catch'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1059:in `process_route'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1011:in `block in route!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1008:in `each'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1008:in `route!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1129:in `block in dispatch!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `block in invoke'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `catch'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `invoke'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1124:in `dispatch!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:939:in `block in call!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `block in invoke'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `catch'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `invoke'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:939:in `call!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:929:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/warden-1.2.9/lib/warden/manager.rb:36:in `block in call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/warden-1.2.9/lib/warden/manager.rb:34:in `catch'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/warden-1.2.9/lib/warden/manager.rb:34:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/xss_header.rb:18:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/base.rb:50:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/base.rb:50:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/path_traversal.rb:16:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/json_csrf.rb:26:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/base.rb:50:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/base.rb:50:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/frame_options.rb:31:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-2.2.3/lib/rack/session/abstract/id.rb:266:in `context'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-2.2.3/lib/rack/session/abstract/id.rb:260:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-2.2.3/lib/rack/null_logger.rb:11:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-2.2.3/lib/rack/head.rb:12:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:216:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1991:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1542:in `block in call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1769:in `synchronize'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1542:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:86:in `block in pre_process'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:84:in `catch'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:84:in `pre_process'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:53:in `process'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:39:in `receive_data'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/eventmachine-1.2.7/lib/eventmachine.rb:195:in `run_machine'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/eventmachine-1.2.7/lib/eventmachine.rb:195:in `run'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/backends/base.rb:73:in `start'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/server.rb:162:in `start'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/controllers/controller.rb:87:in `start'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/runner.rb:203:in `run_command'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/runner.rb:159:in `run!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/bin/thin:6:in `<top (required)>'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/bin/thin:23:in `load'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/bin/thin:23:in `<main>'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/bin/ruby_executable_hooks:24:in `eval'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/bin/ruby_executable_hooks:24:in `<main>'
[-] Error handling request: undefined method `[]=' for nil:NilClass.
    Call Stack:
	 /home/gwillcox/git/metasploit-framework/lib/msf/core/web_services/servlet/login_servlet.rb:42:in `block in create_login'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1675:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1675:in `block in compile!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1013:in `block (3 levels) in route!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1032:in `route_eval'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1013:in `block (2 levels) in route!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1061:in `block in process_route'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1059:in `catch'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1059:in `process_route'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1011:in `block in route!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1008:in `each'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1008:in `route!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1129:in `block in dispatch!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `block in invoke'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `catch'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `invoke'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1124:in `dispatch!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:939:in `block in call!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `block in invoke'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `catch'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `invoke'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:939:in `call!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:929:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/warden-1.2.9/lib/warden/manager.rb:36:in `block in call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/warden-1.2.9/lib/warden/manager.rb:34:in `catch'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/warden-1.2.9/lib/warden/manager.rb:34:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/xss_header.rb:18:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/base.rb:50:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/base.rb:50:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/path_traversal.rb:16:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/json_csrf.rb:26:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/base.rb:50:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/base.rb:50:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/frame_options.rb:31:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-2.2.3/lib/rack/session/abstract/id.rb:266:in `context'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-2.2.3/lib/rack/session/abstract/id.rb:260:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-2.2.3/lib/rack/null_logger.rb:11:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-2.2.3/lib/rack/head.rb:12:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:216:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1991:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1542:in `block in call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1769:in `synchronize'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1542:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:86:in `block in pre_process'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:84:in `catch'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:84:in `pre_process'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:53:in `process'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:39:in `receive_data'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/eventmachine-1.2.7/lib/eventmachine.rb:195:in `run_machine'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/eventmachine-1.2.7/lib/eventmachine.rb:195:in `run'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/backends/base.rb:73:in `start'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/server.rb:162:in `start'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/controllers/controller.rb:87:in `start'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/runner.rb:203:in `run_command'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/runner.rb:159:in `run!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/bin/thin:6:in `<top (required)>'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/bin/thin:23:in `load'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/bin/thin:23:in `<main>'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/bin/ruby_executable_hooks:24:in `eval'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/bin/ruby_executable_hooks:24:in `<main>'
[-] Error handling request: undefined method `[]=' for nil:NilClass.
    Call Stack:
	 /home/gwillcox/git/metasploit-framework/lib/msf/core/web_services/servlet/login_servlet.rb:42:in `block in create_login'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1675:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1675:in `block in compile!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1013:in `block (3 levels) in route!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1032:in `route_eval'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1013:in `block (2 levels) in route!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1061:in `block in process_route'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1059:in `catch'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1059:in `process_route'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1011:in `block in route!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1008:in `each'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1008:in `route!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1129:in `block in dispatch!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `block in invoke'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `catch'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `invoke'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1124:in `dispatch!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:939:in `block in call!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `block in invoke'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `catch'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `invoke'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:939:in `call!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:929:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/warden-1.2.9/lib/warden/manager.rb:36:in `block in call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/warden-1.2.9/lib/warden/manager.rb:34:in `catch'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/warden-1.2.9/lib/warden/manager.rb:34:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/xss_header.rb:18:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/base.rb:50:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/base.rb:50:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/path_traversal.rb:16:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/json_csrf.rb:26:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/base.rb:50:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/base.rb:50:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/frame_options.rb:31:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-2.2.3/lib/rack/session/abstract/id.rb:266:in `context'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-2.2.3/lib/rack/session/abstract/id.rb:260:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-2.2.3/lib/rack/null_logger.rb:11:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-2.2.3/lib/rack/head.rb:12:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:216:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1991:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1542:in `block in call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1769:in `synchronize'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1542:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:86:in `block in pre_process'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:84:in `catch'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:84:in `pre_process'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:53:in `process'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:39:in `receive_data'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/eventmachine-1.2.7/lib/eventmachine.rb:195:in `run_machine'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/eventmachine-1.2.7/lib/eventmachine.rb:195:in `run'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/backends/base.rb:73:in `start'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/server.rb:162:in `start'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/controllers/controller.rb:87:in `start'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/runner.rb:203:in `run_command'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/runner.rb:159:in `run!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/bin/thin:6:in `<top (required)>'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/bin/thin:23:in `load'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/bin/thin:23:in `<main>'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/bin/ruby_executable_hooks:24:in `eval'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/bin/ruby_executable_hooks:24:in `<main>'
[-] Error handling request: undefined method `[]=' for nil:NilClass.
    Call Stack:
	 /home/gwillcox/git/metasploit-framework/lib/msf/core/web_services/servlet/login_servlet.rb:42:in `block in create_login'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1675:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1675:in `block in compile!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1013:in `block (3 levels) in route!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1032:in `route_eval'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1013:in `block (2 levels) in route!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1061:in `block in process_route'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1059:in `catch'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1059:in `process_route'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1011:in `block in route!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1008:in `each'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1008:in `route!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1129:in `block in dispatch!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `block in invoke'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `catch'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `invoke'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1124:in `dispatch!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:939:in `block in call!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `block in invoke'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `catch'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `invoke'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:939:in `call!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:929:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/warden-1.2.9/lib/warden/manager.rb:36:in `block in call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/warden-1.2.9/lib/warden/manager.rb:34:in `catch'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/warden-1.2.9/lib/warden/manager.rb:34:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/xss_header.rb:18:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/base.rb:50:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/base.rb:50:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/path_traversal.rb:16:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/json_csrf.rb:26:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/base.rb:50:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/base.rb:50:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/frame_options.rb:31:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-2.2.3/lib/rack/session/abstract/id.rb:266:in `context'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-2.2.3/lib/rack/session/abstract/id.rb:260:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-2.2.3/lib/rack/null_logger.rb:11:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-2.2.3/lib/rack/head.rb:12:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:216:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1991:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1542:in `block in call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1769:in `synchronize'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1542:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:86:in `block in pre_process'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:84:in `catch'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:84:in `pre_process'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:53:in `process'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:39:in `receive_data'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/eventmachine-1.2.7/lib/eventmachine.rb:195:in `run_machine'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/eventmachine-1.2.7/lib/eventmachine.rb:195:in `run'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/backends/base.rb:73:in `start'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/server.rb:162:in `start'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/controllers/controller.rb:87:in `start'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/runner.rb:203:in `run_command'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/runner.rb:159:in `run!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/bin/thin:6:in `<top (required)>'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/bin/thin:23:in `load'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/bin/thin:23:in `<main>'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/bin/ruby_executable_hooks:24:in `eval'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/bin/ruby_executable_hooks:24:in `<main>'
[-] Error handling request: undefined method `[]=' for nil:NilClass.
    Call Stack:
	 /home/gwillcox/git/metasploit-framework/lib/msf/core/web_services/servlet/login_servlet.rb:42:in `block in create_login'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1675:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1675:in `block in compile!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1013:in `block (3 levels) in route!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1032:in `route_eval'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1013:in `block (2 levels) in route!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1061:in `block in process_route'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1059:in `catch'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1059:in `process_route'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1011:in `block in route!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1008:in `each'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1008:in `route!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1129:in `block in dispatch!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `block in invoke'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `catch'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `invoke'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1124:in `dispatch!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:939:in `block in call!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `block in invoke'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `catch'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `invoke'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:939:in `call!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:929:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/warden-1.2.9/lib/warden/manager.rb:36:in `block in call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/warden-1.2.9/lib/warden/manager.rb:34:in `catch'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/warden-1.2.9/lib/warden/manager.rb:34:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/xss_header.rb:18:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/base.rb:50:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/base.rb:50:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/path_traversal.rb:16:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/json_csrf.rb:26:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/base.rb:50:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/base.rb:50:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/frame_options.rb:31:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-2.2.3/lib/rack/session/abstract/id.rb:266:in `context'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-2.2.3/lib/rack/session/abstract/id.rb:260:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-2.2.3/lib/rack/null_logger.rb:11:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-2.2.3/lib/rack/head.rb:12:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:216:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1991:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1542:in `block in call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1769:in `synchronize'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1542:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:86:in `block in pre_process'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:84:in `catch'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:84:in `pre_process'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:53:in `process'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:39:in `receive_data'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/eventmachine-1.2.7/lib/eventmachine.rb:195:in `run_machine'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/eventmachine-1.2.7/lib/eventmachine.rb:195:in `run'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/backends/base.rb:73:in `start'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/server.rb:162:in `start'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/controllers/controller.rb:87:in `start'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/runner.rb:203:in `run_command'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/runner.rb:159:in `run!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/bin/thin:6:in `<top (required)>'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/bin/thin:23:in `load'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/bin/thin:23:in `<main>'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/bin/ruby_executable_hooks:24:in `eval'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/bin/ruby_executable_hooks:24:in `<main>'
[-] Error handling request: undefined method `[]=' for nil:NilClass.
    Call Stack:
	 /home/gwillcox/git/metasploit-framework/lib/msf/core/web_services/servlet/login_servlet.rb:42:in `block in create_login'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1675:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1675:in `block in compile!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1013:in `block (3 levels) in route!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1032:in `route_eval'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1013:in `block (2 levels) in route!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1061:in `block in process_route'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1059:in `catch'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1059:in `process_route'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1011:in `block in route!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1008:in `each'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1008:in `route!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1129:in `block in dispatch!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `block in invoke'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `catch'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `invoke'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1124:in `dispatch!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:939:in `block in call!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `block in invoke'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `catch'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `invoke'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:939:in `call!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:929:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/warden-1.2.9/lib/warden/manager.rb:36:in `block in call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/warden-1.2.9/lib/warden/manager.rb:34:in `catch'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/warden-1.2.9/lib/warden/manager.rb:34:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/xss_header.rb:18:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/base.rb:50:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/base.rb:50:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/path_traversal.rb:16:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/json_csrf.rb:26:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/base.rb:50:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/base.rb:50:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/frame_options.rb:31:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-2.2.3/lib/rack/session/abstract/id.rb:266:in `context'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-2.2.3/lib/rack/session/abstract/id.rb:260:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-2.2.3/lib/rack/null_logger.rb:11:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/rack-2.2.3/lib/rack/head.rb:12:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:216:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1991:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1542:in `block in call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1769:in `synchronize'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1542:in `call'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:86:in `block in pre_process'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:84:in `catch'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:84:in `pre_process'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:53:in `process'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:39:in `receive_data'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/eventmachine-1.2.7/lib/eventmachine.rb:195:in `run_machine'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/eventmachine-1.2.7/lib/eventmachine.rb:195:in `run'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/backends/base.rb:73:in `start'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/server.rb:162:in `start'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/controllers/controller.rb:87:in `start'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/runner.rb:203:in `run_command'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/lib/thin/runner.rb:159:in `run!'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/gems/thin-1.7.2/bin/thin:6:in `<top (required)>'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/bin/thin:23:in `load'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/bin/thin:23:in `<main>'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/bin/ruby_executable_hooks:24:in `eval'
	 /home/gwillcox/.rvm/gems/ruby-2.6.6@metasploit-framework/bin/ruby_executable_hooks:24:in `<main>'
[-] Error handling request: PG::InvalidTextRepresentation: ERROR:  invalid input syntax for type inet: "186"
[-] Error handling request: PG::InvalidTextRepresentation: ERROR:  invalid input syntax for type inet: "186"

Framework Logs

The following framework logs were recorded before the issue occurred:

Collapse 
/home/gwillcox/git/metasploit-framework/lib/rex/post/meterpreter/extensions/stdapi/fs/dir.rb:183:in `chdir'
/home/gwillcox/git/metasploit-framework/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb:279:in `cmd_cd'
/home/gwillcox/git/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:525:in `run_command'
/home/gwillcox/git/metasploit-framework/lib/rex/post/meterpreter/ui/console.rb:105:in `run_command'
/home/gwillcox/git/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:476:in `block in run_single'
/home/gwillcox/git/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:470:in `each'
/home/gwillcox/git/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:470:in `run_single'
/home/gwillcox/git/metasploit-framework/lib/rex/post/meterpreter/ui/console.rb:68:in `block in interact'
/home/gwillcox/git/metasploit-framework/lib/rex/ui/text/shell.rb:153:in `run'
/home/gwillcox/git/metasploit-framework/lib/rex/post/meterpreter/ui/console.rb:66:in `interact'
/home/gwillcox/git/metasploit-framework/lib/msf/base/sessions/meterpreter.rb:583:in `_interact'
/home/gwillcox/git/metasploit-framework/lib/rex/ui/interactive.rb:51:in `interact'
/home/gwillcox/git/metasploit-framework/lib/msf/ui/console/command_dispatcher/core.rb:1572:in `cmd_sessions'
/home/gwillcox/git/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:525:in `run_command'
/home/gwillcox/git/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:476:in `block in run_single'
/home/gwillcox/git/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:470:in `each'
/home/gwillcox/git/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:470:in `run_single'
/home/gwillcox/git/metasploit-framework/lib/msf/ui/console/command_dispatcher/exploit.rb:222:in `cmd_exploit'
/home/gwillcox/git/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:525:in `run_command'
/home/gwillcox/git/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:476:in `block in run_single'
/home/gwillcox/git/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:470:in `each'
/home/gwillcox/git/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:470:in `run_single'
/home/gwillcox/git/metasploit-framework/lib/rex/ui/text/shell.rb:158:in `run'
/home/gwillcox/git/metasploit-framework/lib/metasploit/framework/command/console.rb:48:in `start'
/home/gwillcox/git/metasploit-framework/lib/metasploit/framework/command/base.rb:82:in `start'
./msfconsole:23:in `<main>'
[11/05/2020 13:41:10] [w(0)] core: monitor_rsock: the remote socket is nil, exiting loop
[11/05/2020 13:51:21] [e(0)] meterpreter: 1001: Operation failed: 2
[11/05/2020 13:51:21] [d(0)] meterpreter: Call stack:
/home/gwillcox/git/metasploit-framework/lib/rex/post/meterpreter/extensions/stdapi/fs/dir.rb:183:in `chdir'
/home/gwillcox/git/metasploit-framework/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb:279:in `cmd_cd'
/home/gwillcox/git/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:525:in `run_command'
/home/gwillcox/git/metasploit-framework/lib/rex/post/meterpreter/ui/console.rb:105:in `run_command'
/home/gwillcox/git/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:476:in `block in run_single'
/home/gwillcox/git/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:470:in `each'
/home/gwillcox/git/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:470:in `run_single'
/home/gwillcox/git/metasploit-framework/lib/rex/post/meterpreter/ui/console.rb:68:in `block in interact'
/home/gwillcox/git/metasploit-framework/lib/rex/ui/text/shell.rb:153:in `run'
/home/gwillcox/git/metasploit-framework/lib/rex/post/meterpreter/ui/console.rb:66:in `interact'
/home/gwillcox/git/metasploit-framework/lib/msf/base/sessions/meterpreter.rb:583:in `_interact'
/home/gwillcox/git/metasploit-framework/lib/rex/ui/interactive.rb:51:in `interact'
/home/gwillcox/git/metasploit-framework/lib/msf/ui/console/command_dispatcher/core.rb:1572:in `cmd_sessions'
/home/gwillcox/git/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:525:in `run_command'
/home/gwillcox/git/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:476:in `block in run_single'
/home/gwillcox/git/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:470:in `each'
/home/gwillcox/git/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:470:in `run_single'
/home/gwillcox/git/metasploit-framework/lib/rex/ui/text/shell.rb:158:in `run'
/home/gwillcox/git/metasploit-framework/lib/metasploit/framework/command/console.rb:48:in `start'
/home/gwillcox/git/metasploit-framework/lib/metasploit/framework/command/base.rb:82:in `start'
./msfconsole:23:in `<main>'

Web Service Logs

The following web service logs were recorded before the issue occurred:

Collapse 
#<Thread:0x0000559f04276840@/home/gwillcox/git/metasploit-framework/lib/msf/core/web_services/job_processor.rb:18 run> terminated with exception (report_on_exception is true):
/home/gwillcox/git/metasploit-framework/lib/msf/core/web_services/job_processor.rb:24:in `rescue in block (2 levels) in start_processor_thread': undefined method `print_error' for #<JobProcessor:0x0000559f04276930> (NoMethodError)
	from /home/gwillcox/git/metasploit-framework/lib/msf/core/web_services/job_processor.rb:21:in `block (2 levels) in start_processor_thread'
	from /home/gwillcox/git/metasploit-framework/lib/msf/core/web_services/job_processor.rb:19:in `loop'
	from /home/gwillcox/git/metasploit-framework/lib/msf/core/web_services/job_processor.rb:19:in `block in start_processor_thread'
/usr/share/rvm/rubies/ruby-2.6.6/lib/ruby/2.6.0/base64.rb:101:in `urlsafe_decode64': undefined method `tr' for #<Hash:0x0000559f03ea1580> (NoMethodError)
Did you mean?  try
	from /home/gwillcox/git/metasploit-framework/lib/metasploit/framework/data_service/remote/http/response_data_helper.rb:76:in `process_file'
	from /home/gwillcox/git/metasploit-framework/lib/msf/core/web_services/servlet/loot_servlet.rb:46:in `block (2 levels) in report_loot'
	from /home/gwillcox/git/metasploit-framework/lib/msf/core/web_services/job_processor.rb:22:in `block (2 levels) in start_processor_thread'
	from /home/gwillcox/git/metasploit-framework/lib/msf/core/web_services/job_processor.rb:19:in `loop'
	from /home/gwillcox/git/metasploit-framework/lib/msf/core/web_services/job_processor.rb:19:in `block in start_processor_thread'
Writing PID to /home/gwillcox/.msf4/msf-ws.pid
Thin web server (v1.7.2 codename Bachmanity)
Maximum connections set to 1024
Listening on localhost:5443, CTRL+C to stop
Writing PID to /home/gwillcox/.msf4/msf-ws.pid
Thin web server (v1.7.2 codename Bachmanity)
Maximum connections set to 1024
Listening on localhost:5443, CTRL+C to stop
Writing PID to /home/gwillcox/.msf4/msf-ws.pid
Thin web server (v1.7.2 codename Bachmanity)
Maximum connections set to 1024
Listening on localhost:5443, CTRL+C to stop
Exiting!
Writing PID to /home/gwillcox/.msf4/msf-ws.pid
Thin web server (v1.7.2 codename Bachmanity)
Maximum connections set to 1024
Listening on localhost:5443, CTRL+C to stop
Exiting!
Writing PID to /home/gwillcox/.msf4/msf-ws.pid
Thin web server (v1.7.2 codename Bachmanity)
Maximum connections set to 1024
Listening on localhost:5443, CTRL+C to stop
Exiting!
Writing PID to /home/gwillcox/.msf4/msf-ws.pid
Thin web server (v1.7.2 codename Bachmanity)
Maximum connections set to 1024
Listening on localhost:5443, CTRL+C to stop
Writing PID to /home/gwillcox/.msf4/msf-ws.pid
Thin web server (v1.7.2 codename Bachmanity)
Maximum connections set to 1024
Listening on localhost:5443, CTRL+C to stop
2020-11-03 12:40:16 - PG::ConnectionBad - could not connect to server: Connection refused
	Is the server running on host "127.0.0.1" and accepting
	TCP/IP connections on port 5433?
:
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/pg-1.2.3/lib/pg.rb:58:in `initialize'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/pg-1.2.3/lib/pg.rb:58:in `new'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/pg-1.2.3/lib/pg.rb:58:in `connect'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/activerecord-5.2.4.4/lib/active_record/connection_adapters/postgresql_adapter.rb:692:in `connect'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/activerecord-5.2.4.4/lib/active_record/connection_adapters/postgresql_adapter.rb:223:in `initialize'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/activerecord-5.2.4.4/lib/active_record/connection_adapters/postgresql_adapter.rb:48:in `new'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/activerecord-5.2.4.4/lib/active_record/connection_adapters/postgresql_adapter.rb:48:in `postgresql_connection'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/activerecord-5.2.4.4/lib/active_record/connection_adapters/abstract/connection_pool.rb:830:in `new_connection'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/activerecord-5.2.4.4/lib/active_record/connection_adapters/abstract/connection_pool.rb:874:in `checkout_new_connection'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/activerecord-5.2.4.4/lib/active_record/connection_adapters/abstract/connection_pool.rb:853:in `try_to_checkout_new_connection'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/activerecord-5.2.4.4/lib/active_record/connection_adapters/abstract/connection_pool.rb:814:in `acquire_connection'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/activerecord-5.2.4.4/lib/active_record/connection_adapters/abstract/connection_pool.rb:538:in `checkout'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/activerecord-5.2.4.4/lib/active_record/connection_adapters/abstract/connection_pool.rb:382:in `connection'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/activerecord-5.2.4.4/lib/active_record/connection_adapters/abstract/connection_pool.rb:413:in `with_connection'
	/home/gwillcox/git/metasploit-framework/lib/msf/core/db_manager/user.rb:10:in `users'
	/home/gwillcox/git/metasploit-framework/lib/msf/core/web_services/metasploit_api_app.rb:68:in `block in <class:MetasploitApiApp>'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1675:in `call'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1675:in `block in compile!'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1061:in `block in process_route'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1059:in `catch'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1059:in `process_route'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1000:in `block in filter!'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:999:in `each'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:999:in `filter!'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1126:in `block in dispatch!'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `block in invoke'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `catch'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `invoke'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1124:in `dispatch!'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:939:in `block in call!'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `block in invoke'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `catch'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1101:in `invoke'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:939:in `call!'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:929:in `call'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/warden-1.2.9/lib/warden/manager.rb:36:in `block in call'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/warden-1.2.9/lib/warden/manager.rb:34:in `catch'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/warden-1.2.9/lib/warden/manager.rb:34:in `call'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/xss_header.rb:18:in `call'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/base.rb:50:in `call'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/base.rb:50:in `call'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/path_traversal.rb:16:in `call'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/json_csrf.rb:26:in `call'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/base.rb:50:in `call'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/base.rb:50:in `call'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/rack-protection-2.1.0/lib/rack/protection/frame_options.rb:31:in `call'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/rack-2.2.3/lib/rack/session/abstract/id.rb:266:in `context'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/rack-2.2.3/lib/rack/session/abstract/id.rb:260:in `call'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/rack-2.2.3/lib/rack/null_logger.rb:11:in `call'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/rack-2.2.3/lib/rack/head.rb:12:in `call'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:216:in `call'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1991:in `call'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1542:in `block in call'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1769:in `synchronize'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/sinatra-2.1.0/lib/sinatra/base.rb:1542:in `call'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:86:in `block in pre_process'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:84:in `catch'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:84:in `pre_process'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:53:in `process'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/thin-1.7.2/lib/thin/connection.rb:39:in `receive_data'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/eventmachine-1.2.7/lib/eventmachine.rb:195:in `run_machine'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/eventmachine-1.2.7/lib/eventmachine.rb:195:in `run'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/thin-1.7.2/lib/thin/backends/base.rb:73:in `start'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/thin-1.7.2/lib/thin/server.rb:162:in `start'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/thin-1.7.2/lib/thin/controllers/controller.rb:87:in `start'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/thin-1.7.2/lib/thin/runner.rb:203:in `run_command'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/thin-1.7.2/lib/thin/runner.rb:159:in `run!'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/thin-1.7.2/bin/thin:6:in `<top (required)>'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/bin/thin:23:in `load'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/bin/thin:23:in `<main>'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/bin/ruby_executable_hooks:24:in `eval'
	/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/bin/ruby_executable_hooks:24:in `<main>'
Exiting!
Writing PID to /home/gwillcox/.msf4/msf-ws.pid
Thin web server (v1.7.2 codename Bachmanity)
Maximum connections set to 1024
Listening on localhost:5443, CTRL+C to stop
Writing PID to /home/gwillcox/.msf4/msf-ws.pid
Thin web server (v1.7.2 codename Bachmanity)
Maximum connections set to 1024
Listening on localhost:5443, CTRL+C to stop
Writing PID to /home/gwillcox/.msf4/msf-ws.pid
Thin web server (v1.7.2 codename Bachmanity)
Maximum connections set to 1024
Listening on localhost:5443, CTRL+C to stop
Exiting!
/home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/eventmachine-1.2.7/lib/em/connection.rb:430:in `block in start_tls': Could not find /home/gwillcox/.msf4/msf-ws-key.pem for start_tls (EventMachine::FileNotFoundException)
	from /home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/eventmachine-1.2.7/lib/em/connection.rb:428:in `each'
	from /home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/eventmachine-1.2.7/lib/em/connection.rb:428:in `start_tls'
	from /home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/thin-1.7.2/lib/thin/backends/base.rb:152:in `initialize_connection'
	from /home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/eventmachine-1.2.7/lib/eventmachine.rb:1527:in `event_callback'
	from /home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/eventmachine-1.2.7/lib/eventmachine.rb:195:in `run_machine'
	from /home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/eventmachine-1.2.7/lib/eventmachine.rb:195:in `run'
	from /home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/thin-1.7.2/lib/thin/backends/base.rb:73:in `start'
	from /home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/thin-1.7.2/lib/thin/server.rb:162:in `start'
	from /home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/thin-1.7.2/lib/thin/controllers/controller.rb:87:in `start'
	from /home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/thin-1.7.2/lib/thin/runner.rb:203:in `run_command'
	from /home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/thin-1.7.2/lib/thin/runner.rb:159:in `run!'
	from /home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/thin-1.7.2/bin/thin:6:in `<top (required)>'
	from /home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/bin/thin:23:in `load'
	from /home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/bin/thin:23:in `<main>'
	from /home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/bin/ruby_executable_hooks:24:in `eval'
	from /home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/bin/ruby_executable_hooks:24:in `<main>'

Version/Install

The versions and install method of your Metasploit setup:

Collapse 
Framework: 6.0.15-dev-17fb85c670
Ruby: ruby 2.7.2p137 (2020-10-01 revision 5445e04352) [x86_64-linux]
Install Root: /home/gwillcox/git/metasploit-framework
Session Type: postgresql selected, no connection
Install Method: Git Clone
@gwillcox-r7 gwillcox-r7 changed the title fs.file.expand_path does not expand paths on Linux Meterpreter fs.file.expand_path does not expand paths and environment variables on Linux Meterpreter Nov 5, 2020
@gwillcox-r7 gwillcox-r7 mentioned this issue Nov 5, 2020
Merged
3 tasks
@gwillcox-r7 gwillcox-r7 added the confirmed Issues confirmed by a committer label Nov 5, 2020
@smcintyre-r7
Copy link
Contributor

smcintyre-r7 commented Nov 9, 2020
edited

Yeah, some non-Windows meterpreter implementations do not actually expand the path.

You can see here:

  • Python just forwards to os.getenv
  • Mettle doesn't appear to do anything
  • Java looks like it does it's own parsing to at least handle environment variables within the string, but the special case of ~ is omitted
  • PHP has a similar implementation to Python where there are special cases but the rest just get resolved as environment variables

Updating each of those would be idea vs shelling out which would involve creating a new process and thus increase the forensics footprint but would not be a trivial task given all the places updates would need to be made.

@gwillcox-r7
Copy link
Contributor Author

For the record seems like this issue may also be related: #14144

@smcintyre-r7
Copy link
Contributor

Also see rapid7/metasploit-payloads#269 for a little bit of historical context on this.

@smcintyre-r7
Copy link
Contributor

For the record seems like this issue may also be related: #14144

No that looks different because in that case Meterpreter is not a part of the equation. That's alot easier to address locally using Ruby's standard ::File.expand_path rather than Meterpreter's fs.file.expand_path("~") as you note in your example.

They're related in the sense that Metasploit does not consistently expand path arguments either locally or via meterpreter.

@timwr
Copy link
Contributor

timwr commented Nov 10, 2020

We should consider locking down whatever behaviour we want with tests (maybe in https://github.com/rapid7/metasploit-framework/blob/master/test/modules/post/test/get_env.rb) and then ensure they pass on all meterpreters.

@timwr
Copy link
Contributor

timwr commented Nov 25, 2020

I had a look at implementing this on mettle but the API (wordexp: https://man7.org/linux/man-pages/man3/wordexp.3.html) actually ends up just invoking sh to do the expansion: http://git.musl-libc.org/cgit/musl/tree/src/misc/wordexp.c#n111

Therefore it might actually be better to do the expansion on the framework side (for non-windows environments), using some kind of pattern matching and get_env to expand the variables. We already do it this way in java: https://github.com/rapid7/metasploit-payloads/pull/345/files

@smashery smashery self-assigned this Nov 9, 2021
@smashery smashery mentioned this issue Nov 11, 2021
Merged
9 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@smashery smashery

Labels
bug confirmed Issues confirmed by a committer meterpreter
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Expand environment variables on Linux smashery/metasploit-framework
4 participants
@timwr @smashery @smcintyre-r7 @gwillcox-r7