Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Failed to load extension: No response was received to the core_enumextcmd request #14773

Closed
qszx opened this issue Feb 19, 2021 · 7 comments
Closed

Failed to load extension: No response was received to the core_enumextcmd request #14773

qszx opened this issue Feb 19, 2021 · 7 comments
Labels
bug Stale Marks an issue as stale, to be closed if no action is taken

Comments

@qszx
Copy link

qszx commented Feb 19, 2021

Module/Datastore

The following global/module datastore, and database setup was configured before the issue occurred:

Collapse 
[framework/core]
LHOST=eth0

[framework/ui/console]
ActiveModule=exploit/linux/http/linuxki_rce

[linux/http/linuxki_rce]
WORKSPACE=
VERBOSE=false
PAYLOAD=linux/x64/meterpreter/bind_tcp
WfsDelay=0
EnableContextEncoding=false
ContextInformationFile=
DisablePayloadHandler=false
SRVHOST=0.0.0.0
SRVPORT=8080
ListenerComm=
SSL=false
SSLCert=
SSLCompression=false
SSLCipher=
TCP::max_send_size=0
TCP::send_delay=0
RHOSTS=xx
RPORT=80
VHOST=
Proxies=
UserAgent=Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
HttpUsername=
HttpPassword=
HttpRawHeaders=
DigestAuthIIS=true
SSLVersion=Auto
FingerprintCheck=true
DOMAIN=WORKSTATION
HttpClientTimeout=
HttpTrace=false
HttpTraceHeadersOnly=false
HttpTraceColors=red/blu
HTTP::uri_encode_mode=hex-normal
HTTP::uri_full_url=false
HTTP::pad_method_uri_count=1
HTTP::pad_uri_version_count=1
HTTP::pad_method_uri_type=space
HTTP::pad_uri_version_type=space
HTTP::method_random_valid=false
HTTP::method_random_invalid=false
HTTP::method_random_case=false
HTTP::version_random_valid=false
HTTP::version_random_invalid=false
HTTP::uri_dir_self_reference=false
HTTP::uri_dir_fake_relative=false
HTTP::uri_use_backslashes=false
HTTP::pad_fake_headers=false
HTTP::pad_fake_headers_count=0
HTTP::pad_get_params=false
HTTP::pad_get_params_count=16
HTTP::pad_post_params=false
HTTP::pad_post_params_count=16
HTTP::uri_fake_end=false
HTTP::uri_fake_params_start=false
HTTP::header_folding=false
EXE::EICAR=false
EXE::Custom=
EXE::Path=
EXE::Template=
EXE::Inject=false
EXE::OldMethod=false
EXE::FallBack=false
MSI::EICAR=false
MSI::Custom=
MSI::Path=
MSI::Template=
MSI::UAC=false
FileDropperDelay=
URIPATH=
HTTP::no_cache=false
HTTP::chunked=false
HTTP::junk_headers=false
HTTP::compression=none
HTTP::server_name=Apache
URIHOST=
URIPORT=
SendRobots=false
CMDSTAGER::FLAVOR=auto
CMDSTAGER::DECODER=
CMDSTAGER::TEMP=
CMDSTAGER::SSL=false
TARGETURI=/
WritableDir=/tmp
AutoCheck=true
ForceExploit=true
target=3
LPORT=9632
AutoRunScript=true

History

The following commands were ran during the session and before this issue occurred:

Collapse 
647    use linux/http/linuxki_rce
648    set target 3
649    set payload linux/x64/meterpreter/bind_tcp
650    set RHOSTS   xx
651    setg LHOST eth0
652    set  RPORT 80 
653    set LPORT 9632
654    set AutoRunScript true 
655    set ForceExploit true
656    run
657    debug

Framework Errors

The following framework errors occurred before the issue occurred:

Collapse 
[02/17/2021 01:26:39] [e(0)] core: Dependency for windows/x64/encrypted_reverse_tcp is not supported
[02/19/2021 12:29:29] [e(0)] core: Failed to connect to the database: No database YAML file
[02/19/2021 12:29:33] [e(0)] core: Dependency for windows/encrypted_shell_reverse_tcp is not supported
[02/19/2021 12:29:33] [e(0)] core: Dependency for windows/x64/encrypted_shell_reverse_tcp is not supported
[02/19/2021 12:29:33] [e(0)] core: Dependency for windows/encrypted_reverse_tcp is not supported
[02/19/2021 12:29:33] [e(0)] core: Dependency for windows/x64/encrypted_reverse_tcp is not supported
[02/19/2021 12:29:46] [e(0)] core: Dependency for windows/encrypted_shell_reverse_tcp is not supported
[02/19/2021 12:29:46] [e(0)] core: Dependency for windows/x64/encrypted_shell_reverse_tcp is not supported
[02/19/2021 12:29:46] [e(0)] core: Dependency for windows/encrypted_reverse_tcp is not supported
[02/19/2021 12:29:46] [e(0)] core: Dependency for windows/x64/encrypted_reverse_tcp is not supported

Web Service Errors

The following web service errors occurred before the issue occurred:

Collapse 
msf-ws.log does not exist.

Framework Logs

The following framework logs were recorded before the issue occurred:

Collapse 
[02/17/2021 00:53:44] [e(0)] core: Dependency for windows/encrypted_reverse_tcp is not supported
[02/17/2021 00:53:44] [e(0)] core: Dependency for windows/x64/encrypted_reverse_tcp is not supported
[02/17/2021 00:54:05] [w(0)] core: Exception in scheduler thread Rex::TimeoutError Operation timed out.
[02/17/2021 00:59:35] [w(0)] core: Exception in scheduler thread Rex::TimeoutError Operation timed out.
[02/17/2021 00:59:37] [e(0)] meterpreter: Failed to load extension: No response was received to the core_enumextcmd request.
[02/17/2021 00:59:37] [d(0)] meterpreter: Call stack:
/usr/share/metasploit-framework/lib/rex/post/meterpreter/client_core.rb:341:in `use'
/usr/share/metasploit-framework/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb:1321:in `block in cmd_load'
/usr/share/metasploit-framework/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb:1291:in `each'
/usr/share/metasploit-framework/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb:1291:in `cmd_load'
/usr/share/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:525:in `run_command'
/usr/share/metasploit-framework/lib/rex/post/meterpreter/ui/console.rb:105:in `run_command'
/usr/share/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:476:in `block in run_single'
/usr/share/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:470:in `each'
/usr/share/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:470:in `run_single'
/usr/share/metasploit-framework/lib/rex/post/meterpreter/ui/console.rb:68:in `block in interact'
/usr/share/metasploit-framework/lib/rex/ui/text/shell.rb:153:in `run'
/usr/share/metasploit-framework/lib/rex/post/meterpreter/ui/console.rb:66:in `interact'
/usr/share/metasploit-framework/lib/msf/base/sessions/meterpreter.rb:581:in `_interact'
/usr/share/metasploit-framework/lib/rex/ui/interactive.rb:51:in `interact'
/usr/share/metasploit-framework/lib/msf/ui/console/command_dispatcher/core.rb:1545:in `cmd_sessions'
/usr/share/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:525:in `run_command'
/usr/share/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:476:in `block in run_single'
/usr/share/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:470:in `each'
/usr/share/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:470:in `run_single'
/usr/share/metasploit-framework/lib/msf/ui/console/command_dispatcher/exploit.rb:223:in `cmd_exploit'
/usr/share/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:525:in `run_command'
/usr/share/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:476:in `block in run_single'
/usr/share/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:470:in `each'
/usr/share/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:470:in `run_single'
/usr/share/metasploit-framework/lib/rex/ui/text/shell.rb:158:in `run'
/usr/share/metasploit-framework/lib/metasploit/framework/command/console.rb:48:in `start'
/usr/share/metasploit-framework/lib/metasploit/framework/command/base.rb:82:in `start'
/usr/bin/msfconsole:23:in `<main>'
[02/17/2021 01:01:20] [w(0)] core: Session 2 has died
[02/17/2021 01:26:39] [e(0)] core: Dependency for windows/encrypted_shell_reverse_tcp is not supported
[02/17/2021 01:26:39] [e(0)] core: Dependency for windows/x64/encrypted_shell_reverse_tcp is not supported
[02/17/2021 01:26:39] [e(0)] core: Dependency for windows/encrypted_reverse_tcp is not supported
[02/17/2021 01:26:39] [e(0)] core: Dependency for windows/x64/encrypted_reverse_tcp is not supported
[02/17/2021 01:26:57] [w(0)] core: Exception in scheduler thread Rex::TimeoutError Operation timed out.
[02/17/2021 01:28:43] [w(0)] core: Session 3 has died
[02/19/2021 12:29:29] [e(0)] core: Failed to connect to the database: No database YAML file
[02/19/2021 12:29:33] [e(0)] core: Dependency for windows/encrypted_shell_reverse_tcp is not supported
[02/19/2021 12:29:33] [e(0)] core: Dependency for windows/x64/encrypted_shell_reverse_tcp is not supported
[02/19/2021 12:29:33] [e(0)] core: Dependency for windows/encrypted_reverse_tcp is not supported
[02/19/2021 12:29:33] [e(0)] core: Dependency for windows/x64/encrypted_reverse_tcp is not supported
[02/19/2021 12:29:46] [e(0)] core: Dependency for windows/encrypted_shell_reverse_tcp is not supported
[02/19/2021 12:29:46] [e(0)] core: Dependency for windows/x64/encrypted_shell_reverse_tcp is not supported
[02/19/2021 12:29:46] [e(0)] core: Dependency for windows/encrypted_reverse_tcp is not supported
[02/19/2021 12:29:46] [e(0)] core: Dependency for windows/x64/encrypted_reverse_tcp is not supported

Web Service Logs

The following web service logs were recorded before the issue occurred:

Collapse 
msf-ws.log does not exist.

Version/Install

The versions and install method of your Metasploit setup:

Collapse 
Framework: 6.0.30-dev
Ruby: ruby 2.7.2p137 (2020-10-01 revision 5445e04352) [x86_64-linux-gnu]
Install Root: /usr/share/metasploit-framework
Session Type: postgresql selected, no connection
Install Method: Other - Please specify
@qszx qszx added the bug label Feb 19, 2021
@smcintyre-r7
Copy link
Contributor

It sounds like the meterpreter session wasn't fully established. There isn't any console output here so it's hard to tell when this occurred but if it was as soon as the session was opened, it's likely that something killed it.

@qszx
Copy link
Author

qszx commented Feb 19, 2021

It sounds like the meterpreter session wasn't fully established. There isn't any console output here so it's hard to tell when this occurred but if it was as soon as the session was opened, it's likely that something killed it.

[*] Exploit completed, but no session was created.

@gwillcox-r7
Copy link
Contributor

gwillcox-r7 commented Feb 20, 2021
edited
Loading

It sounds like the meterpreter session wasn't fully established. There isn't any console output here so it's hard to tell when this occurred but if it was as soon as the session was opened, it's likely that something killed it.

[*] Exploit completed, but no session was created.

This doesn't really tell us anything. The only thing this tells us is that the exploit was attempted, because you set ForceExploit to true, but no session was created. Are you sure the target is vulnerable to the exploit? Try setting ForceExploit to false and then trying again.

Also now that #14617 has landed, it may be a good idea to update your Metasploit version to pull in that PR, as there is a small change that PR may help to address this issue.

@qszx
Copy link
Author

qszx commented Feb 22, 2021

It sounds like the meterpreter session wasn't fully established. There isn't any console output here so it's hard to tell when this occurred but if it was as soon as the session was opened, it's likely that something killed it.

[*] Exploit completed, but no session was created.

This doesn't really tell us anything. The only thing this tells us is that the exploit was attempted, because you set ForceExploit to true, but no session was created. Are you sure the target is vulnerable to the exploit? Try setting ForceExploit to false and then trying again.

Also now that #14617 has landed, it may be a good idea to update your Metasploit version to pull in that PR, as there is a small change that PR may help to address this issue.

Uncertain target is vulnerable

┌──(root💀kali)-[/home/o]
└─# apt update
Hit:1 http://mirrors.ocf.berkeley.edu/kali kali-rolling InRelease
Reading package lists... Done
Building dependency tree
Reading state information... Done
553 packages can be upgraded. Run 'apt list --upgradable' to see them.

┌──(root💀kali)-[/home/o]
└─# apt list metasploit-framework
Listing... Done
metasploit-framework/kali-rolling,now 6.0.30-0kali1 amd64 [installed]

@gwillcox-r7
Copy link
Contributor

gwillcox-r7 commented Feb 22, 2021
edited
Loading

If your uncertain the target is vulnerable then I would advise not running with ForceExploit set to true, and instead set this setting to false (in other words please execute set ForceExploit false). Also try running the check command to see if the target is vulnerable. If the target is not vulnerable and you are running the exploit with ForceExploit set to true, this would explain why you are getting the message [*] Exploit completed, but no session was created.

@github-actions
Copy link

Hi!

This issue has been left open with no activity for a while now.

We get a lot of issues, so we currently close issues after 60 days of inactivity. It’s been at least 30 days since the last update here.
If we missed this issue or if you want to keep it open, please reply here. You can also add the label "not stale" to keep this issue open!

As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request.

@github-actions github-actions bot added the Stale Marks an issue as stale, to be closed if no action is taken label Mar 25, 2021
@github-actions
Copy link

Hi again!

It’s been 60 days since anything happened on this issue, so we are going to close it.
Please keep in mind that I’m only a robot, so if I’ve closed this issue in error please feel free to reopen this issue or create a new one if you need anything else.

As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Stale Marks an issue as stale, to be closed if no action is taken
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@qszx @smcintyre-r7 @gwillcox-r7