Fix run command tab completions by using the correct value

[zeroSteiner]

This fixes a simple bug introduced in #14582 where a non-existent value is used to populate the tab completion array for the run command of modules that support actions as commands. See here for the original bug report.

To reproduce the issue, use an auxiliary or exploit module, type in run , and hit the tab key. Without this fix, the framework will crash while with this fix the tab completion should work correctly.

Verification

List the steps needed to make sure this thing works

• Start msfconsole
• use auxiliary/gather/jenkins_cred_recovery
• Type in run (note the space at the end)
• Double tap the tab key and see that metasploit suggestions options for completion instead of crashing

[gwillcox-r7]

Confirmed this seems to work as expected:

 ~/git/metasploit-framework │ land-pr14647:pr/14647 !1 ?10  ./msfconsole                                           ✔ │ 2.7.2 Ruby 
                                                  

                 _---------.
             .' #######   ;."
  .---,.    ;@             @@`;   .---,..
." @@@@@'.,'@@            @@@@@',.'@@@@ ".
'-.@@@@@@@@@@@@@          @@@@@@@@@@@@@ @;
   `.@@@@@@@@@@@@        @@@@@@@@@@@@@@ .'
     "--'.@@@  -.@        @ ,'-   .'--"
          ".@' ; @       @ `.  ;'
            |@@@@ @@@     @    .
             ' @@@ @@   @@    ,
              `.@@@@    @@   .
                ',@@     @   ;           _____________
                 (   3 C    )     /|___ / Metasploit! \
                 ;@'. __*__,."    \|--- \_____________/
                  '(.,...."/


       =[ metasploit v6.0.27-dev-f3746be8c6               ]
+ -- --=[ 2093 exploits - 1127 auxiliary - 356 post       ]
+ -- --=[ 592 payloads - 45 encoders - 10 nops            ]
+ -- --=[ 7 evasion                                       ]

Metasploit tip: You can upgrade a shell to a Meterpreter 
session on many platforms using sessions -u 
<session_id>

msf6 > use auxiliary/gather/jenkins_cred_recovery 
msf6 auxiliary(gather/jenkins_cred_recovery) > run
[-] Auxiliary failed: Msf::OptionValidateError One or more options failed to validate: RHOSTS.
msf6 auxiliary(gather/jenkins_cred_recovery) > run 
run -a                             run HTTP::pad_post_params=         run JENKINSDOMAIN=
run -h                             run HTTP::pad_post_params_count=   run LogLevel=
run -j                             run HTTP::pad_uri_version_count=   run MeterpreterPrompt=
run -o                             run HTTP::pad_uri_version_type=    run MinimumRank=
run -q                             run HTTP::uri_dir_fake_relative=   run Prompt=
run ACTION=                        run HTTP::uri_dir_self_reference=  run PromptChar=
run ConsoleLogging=                run HTTP::uri_encode_mode=         run PromptTimeFormat=
run DOMAIN=                        run HTTP::uri_fake_end=            run Proxies=
run DigestAuthIIS=                 run HTTP::uri_fake_params_start=   run RHOSTS=
run FingerprintCheck=              run HTTP::uri_full_url=            run RPORT=
run HTTP::header_folding=          run HTTP::uri_use_backslashes=     run SSL=
run HTTP::method_random_case=      run HTTP::version_random_invalid=  run SSLVersion=
run HTTP::method_random_invalid=   run HTTP::version_random_valid=    run SessionLogging=
run HTTP::method_random_valid=     run HttpClientTimeout=             run TARGETURI=
run HTTP::pad_fake_headers=        run HttpPassword=                  run TimestampOutput=
run HTTP::pad_fake_headers_count=  run HttpRawHeaders=                run UserAgent=
run HTTP::pad_get_params=          run HttpTrace=                     run VERBOSE=
run HTTP::pad_get_params_count=    run HttpTraceColors=               run VHOST=
run HTTP::pad_method_uri_count=    run HttpTraceHeadersOnly=          run WORKSPACE=
run HTTP::pad_method_uri_type=     run HttpUsername=                  
msf6 auxiliary(gather/jenkins_cred_recovery) > run 

Here is the crash from before this patch was applied:

 ~/git/metasploit-framework │ master !1 ?10  ./msfconsole                                                     ✔ │ 5s │ 2.7.2 Ruby 
                                                  
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%     %%%         %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%  %%  %%%%%%%%   %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%  %  %%%%%%%%   %%%%%%%%%%% https://metasploit.com %%%%%%%%%%%%%%%%%%%%%%%%
%%  %%  %%%%%%   %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%  %%%%%%%%%   %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%  %%%  %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%    %%   %%%%%%%%%%%  %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%  %%%  %%%%%
%%%%  %%  %%  %      %%      %%    %%%%%      %    %%%%  %%   %%%%%%       %%
%%%%  %%  %%  %  %%% %%%%  %%%%  %%  %%%%  %%%%  %% %%  %% %%% %%  %%%  %%%%%
%%%%  %%%%%%  %%   %%%%%%   %%%%  %%%  %%%%  %%    %%  %%% %%% %%   %%  %%%%%
%%%%%%%%%%%% %%%%     %%%%%    %%  %%   %    %%  %%%%  %%%%   %%%   %%%     %
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%  %%%%%%% %%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%          %%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%


       =[ metasploit v6.0.28-dev-772f98a7dc               ]
+ -- --=[ 2093 exploits - 1127 auxiliary - 356 post       ]
+ -- --=[ 592 payloads - 45 encoders - 10 nops            ]
+ -- --=[ 7 evasion                                       ]

Metasploit tip: Tired of setting RHOSTS for modules? Try 
globally setting it with setg RHOSTS x.x.x.x

msf6 > use auxiliary/gather/jenkins_cred_recovery 
msf6 auxiliary(gather/jenkins_cred_recovery) > run Traceback (most recent call last):
	22: from ./msfconsole:23:in `<main>'
	21: from /home/gwillcox/git/metasploit-framework/lib/metasploit/framework/command/base.rb:82:in `start'
	20: from /home/gwillcox/git/metasploit-framework/lib/metasploit/framework/command/console.rb:48:in `start'
	19: from /home/gwillcox/git/metasploit-framework/lib/rex/ui/text/shell.rb:141:in `run'
	18: from /home/gwillcox/git/metasploit-framework/lib/rex/ui/text/shell.rb:321:in `get_input_line'
	17: from /home/gwillcox/git/metasploit-framework/lib/rex/ui/text/input/readline.rb:100:in `pgets'
	16: from /home/gwillcox/git/metasploit-framework/lib/rex/ui/text/input/readline.rb:162:in `readline_with_output'
	15: from /home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/rb-readline-0.5.5/lib/rbreadline.rb:4875:in `readline'
	14: from /home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/rb-readline-0.5.5/lib/rbreadline.rb:4853:in `readline_internal'
	13: from /home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/rb-readline-0.5.5/lib/rbreadline.rb:4779:in `readline_internal_charloop'
	12: from /home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/rb-readline-0.5.5/lib/rbreadline.rb:4363:in `_rl_dispatch'
	11: from /home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/rb-readline-0.5.5/lib/rbreadline.rb:4374:in `_rl_dispatch_subseq'
	10: from /home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/rb-readline-0.5.5/lib/rbreadline.rb:6903:in `rl_complete'
	 9: from /home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/rb-readline-0.5.5/lib/rbreadline.rb:6813:in `rl_complete_internal'
	 8: from /home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/rb-readline-0.5.5/lib/rbreadline.rb:6329:in `gen_completion_matches'
	 7: from /home/gwillcox/.rvm/gems/ruby-2.7.2@metasploit-framework/gems/rb-readline-0.5.5/lib/readline.rb:136:in `readline_attempted_completion_function'
	 6: from /home/gwillcox/git/metasploit-framework/lib/rex/ui/text/shell.rb:69:in `block in init_tab_complete'
	 5: from /home/gwillcox/git/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:377:in `tab_complete'
	 4: from /home/gwillcox/git/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:392:in `tab_complete_stub'
	 3: from /home/gwillcox/git/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:392:in `each'
	 2: from /home/gwillcox/git/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:403:in `block in tab_complete_stub'
	 1: from /home/gwillcox/git/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:444:in `tab_complete_helper'
/home/gwillcox/git/metasploit-framework/lib/msf/ui/console/module_action_commands.rb:121:in `cmd_run_tabs': uninitialized class variable @@run_action_opts in Msf::Ui::Console::ModuleActionCommands (NameError)
 ~/git/metasploit-framework │ master !1 ?10

[adfoster-r7]

@gwillcox-r7 Let me know if you're landing this or I can later today 👍

[gwillcox-r7]

@adfoster-r7 Will handle it now was just waiting for your approval on the changes. Landing now.... 👍

[gwillcox-r7]

Original Release Notes
A fix has been added to address a typo introduced in #14582 whereby non-existent value is used to populate the tab completion array for the run command of modules that support actions as commands, resulting in msfconsole crashing when tab completion was attempted. Users should now be able to do tab completion using the run command without errors.

[pbarry-r7]

Release Notes

Fixed a recent regression with the run command where attempts to use tab completion would result in a crash of Framework.