-
Notifications
You must be signed in to change notification settings - Fork 13.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
metasploit error after kali update #14673
Comments
@surfer663 Looks like there's a problem with the request; What search terms were you using? |
was searching for webcam i only had this problem soon after i updated kali |
Looks like this is cloud flare stopping the request from completing
Visiting the URL directly in the browser triggers the cloudflare checks to run |
msf6 auxiliary(gather/shodan_search) > set HTTPTrace true #################### Request:#################### #################### Response:#################### 400 Bad Requestcloudflare [-] Auxiliary failed: JSON::ParserError 809: unexpected token at ' <title>400 Bad Request</title>400 Bad Requestcloudflare ' [-] Call stack: [-] /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/json-2.5.1/lib/json/common.rb:216:in `parse' [-] /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/json-2.5.1/lib/json/common.rb:216:in `parse' [-] /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/activesupport-5.2.4.4/lib/active_support/json/decoding.rb:23:in `decode' [-] /usr/share/metasploit-framework/modules/auxiliary/gather/shodan_search.rb:72:in `shodan_query' [-] /usr/share/metasploit-framework/modules/auxiliary/gather/shodan_search.rb:118:in `run' [*] Auxiliary module execution completed msf6 auxiliary(gather/shodan_search) > |
was there something in 1 of the kali updates that caused this |
@surfer663 This looks shodan has introduced cloudfront to their API - which is causing issues now Note, I removed your API Key from those logs - please rotate it, as it's still accessible |
i reset my apikey thanks.... is there nothing that can be done or is shodan going to sort this issue |
@surfer663 Confirming with Shodan might make sense, I think it's out of our control - there's no mention of it in their API documentation from what I can tell |
which info would you recommend i send to shodan |
I believe the problem is that the browser user agent is triggering a check by Cloudflare. If you use the default user-agent for the library then it should work fine. |
@achillean Thanks for the pointer; Looks like the vhost was being dropped after a recent pull request #14609 We'll have to revert / put up a fix for that, sorry for the inconvenience @surfer663 👍 |
hi achillean - is there a problem within metasploit |
sorry guys im a real newbie im tring to understand this but getting confused is it possible to explain to me how i can apply this fix in newbie language |
@surfer663 These were the required code changes: The issue will be fixed and available in Metasploit 6.0.29 |
thank you kindly |
Steps to reproduce
How'd you do it?
This section should also tell us any relevant information about the
environment; for example, if an exploit that used to work is failing,
tell us the victim operating system and service versions.
Were you following a specific guide/tutorial or reading documentation?
no
If yes link the guide/tutorial or documentation you were following here, otherwise you may omit this section.
Expected behavior should have listed all ip addresses with countries
What should happen?got errors
Current behavior errors
What happens instead? errors : [-] Auxiliary failed: JSON::ParserError 809: unexpected token at '
<title>400 Bad Request</title>400 Bad Request
cloudflare ' [-] Call stack: [-] /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/json-2.5.1/lib/json/common.rb:216:in `parse' [-] /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/json-2.5.1/lib/json/common.rb:216:in `parse' [-] /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/activesupport-5.2.4.4/lib/active_support/json/decoding.rb:23:in `decode' [-] /usr/share/metasploit-framework/modules/auxiliary/gather/shodan_search.rb:72:in `shodan_query' [-] /usr/share/metasploit-framework/modules/auxiliary/gather/shodan_search.rb:118:in `run' [*] Auxiliary module execution completed
Metasploit version metasploit v6.0.28-dev
Get this with the
version
command in msfconsole (orgit log -1 --pretty=oneline
for a source install).Additional Information
If your version is less than
5.0.96
, please update to the latest version and ensure your issue is still present.If the issue is encountered within
msfconsole
, please run thedebug
command using the instructions below. If the issue is encountered outisdemsfconsole
, or the issue causesmsfconsole
to crash on startup, please delete this section.msfconsole
set loglevel 3
debug
command===8<=== CUT AND PASTE 6.EVERYTHING BELOW THIS LINE ===8<===
line and make sure to REMOVE ANY SENSITIVE INFORMATION.Module/Datastore
The following global/module datastore, and database setup was configured before the issue occurred:
Collapse
History
The following commands were ran during the session and before this issue occurred:
Collapse
Framework Errors
The following framework errors occurred before the issue occurred:
Collapse
Web Service Errors
The following web service errors occurred before the issue occurred:
Collapse
Framework Logs
The following framework logs were recorded before the issue occurred:
Collapse
Web Service Logs
The following web service logs were recorded before the issue occurred:
Collapse
Version/Install
The versions and install method of your Metasploit setup:
Collapse
The text was updated successfully, but these errors were encountered: