You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I believe store_loot should generate a local file name - and send it to the remote db webservice.
We shuold then persist the loot contents locally using the chosen webservice file name.
Current behavior
What happens instead?
the result of store_loot differs to future loot queries
Metasploit version
msf6 auxiliary(scanner/winrm/winrm_login) > version
Framework: 6.2.31-dev-6f9ebe4068
Console : 6.2.31-dev-6f9ebe4068
The text was updated successfully, but these errors were encountered:
This issue has been left open with no activity for a while now.
We get a lot of issues, so we currently close issues after 60 days of inactivity. It’s been at least 30 days since the last update here.
If we missed this issue or if you want to keep it open, please reply here. You can also add the label "not stale" to keep this issue open!
As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request.
Thanks for your contribution to Metasploit Framework! We've looked at this issue, and unfortunately we do not currently have the bandwidth to prioritize this issue.
We've labeled this as attic and closed it for now. If you believe this issue has been closed in error, or that it should be prioritized, please comment with additional information.
Steps to reproduce
Noticed when testing #17374
When loot is stored, it persists locally:
metasploit-framework/lib/msf/core/auxiliary/report.rb
Lines 417 to 430 in 37fe3b9
But when the ccache content and file name is sent to the remote DB, it creates an new path to stop naming conflicts:
metasploit-framework/lib/msf/core/web_services/servlet/loot_servlet.rb
Lines 39 to 45 in 04e8752
So the return result of
store_loot
is the locally chosen name:Whilst querying for loot shows the path as having a different prefix:
Expected behavior
I believe
store_loot
should generate a local file name - and send it to the remote db webservice.We shuold then persist the loot contents locally using the chosen webservice file name.
Current behavior
What happens instead?
the result of
store_loot
differs to future loot queriesMetasploit version
The text was updated successfully, but these errors were encountered: