New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Commit "da0a9f66ea93307cf2985dab3f75cf5611932cc8" breaks module "exploit/linux/http/openfiler_networkcard_exec" #5103
Comments
Is there a backtrace? |
@wchen-r7 maybe the |
Yeah, that would be the only difference between the two commits. Need to actually download the vulnerable software and test to make sure. |
@wchen-r7 if that's the case, we should add the da0a9f6#diff-b612aa6abe8a5e3a476e47624acd3879L99 |
Good to know, thanks! |
wchen-r7 - There is no backtrace. Here is a copy paste of what happens when it fails:
As you can see, the Metasploit prompt is returned with no shell (as opposed to coming back with no prompt at all, which is what the reverse Perl shell does. |
Ok I see. Thanks. Sounds like encoding is a possible root cause. |
Fix rapid7#5103. By default, Httpclient will encode the URI but we don't necessarily want that. These modules originally didn't use URI encoding when they were written so we should just keep them that way.
@jnesta if you use the git version and update the master branch, the module should be working again |
Yes, the latest version of the code works again. Thanks guys! |
Hello team - this bug is for the openfiler Metasploit module. For reference, here is the the official documentation page on the module and here is the Github page for it.
This commit by FireFart on May 25, 2014 appears to break the code.
To test, I am using a VM with Openfiler on it. The version is "Openfiler NSA (32-bit PAE)" (as reported in "/etc/distro-release").
In Metasploit, I load the payload "use exploit/linux/http/openfiler_networkcard_exec" and then use a payload of "cmd/unix/reverse_perl".
In my testing, versions of the code prior to this commit will work just fine and receive the remote shell. And versions of the code after this commit will fail. With someone who only has a passing familiarity with Metasploit module code, I'm not sure why this is.
Let me know if you need additional information, but I'm thinking this should be easy enough to reproduce. ;)
The text was updated successfully, but these errors were encountered: