Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix an uninitialized constant error in capture/http #18564

Merged
merged 2 commits into from Nov 22, 2023
Merged

Fix an uninitialized constant error in capture/http #18564

merged 2 commits into from Nov 22, 2023

Conversation

zeroSteiner
Copy link
Contributor

This fixes an error present in the auxiliary/server/capture/http module that was introduced in acf23e9. Prior to these changes, the module would crash with an exception when a client made a connection to it.

[11/22/2023 11:46:36] [e(0)] core: Error in stream server server monitor: uninitialized constant Rex::Proto::Http::ServerClient
Did you mean?  Rex::Service

Call stack:
/home/smcintyre/Repositories/metasploit-framework/modules/auxiliary/server/capture/http.rb:77:in `on_client_connect'
/home/smcintyre/Repositories/metasploit-framework/lib/msf/core/exploit/remote/tcp_server.rb:77:in `block in start_service'
/home/smcintyre/.rvm/gems/ruby-3.0.4@metasploit-framework/gems/rex-core-0.1.30/lib/rex/io/stream_server.rb:34:in `on_client_connect'
/home/smcintyre/.rvm/gems/ruby-3.0.4@metasploit-framework/gems/rex-core-0.1.30/lib/rex/io/stream_server.rb:153:in `monitor_listener'
/home/smcintyre/.rvm/gems/ruby-3.0.4@metasploit-framework/gems/rex-core-0.1.30/lib/rex/io/stream_server.rb:61:in `block in start'
/home/smcintyre/Repositories/metasploit-framework/lib/rex/thread_factory.rb:22:in `block in spawn'
/home/smcintyre/Repositories/metasploit-framework/lib/msf/core/thread_manager.rb:105:in `block in spawn'

Verification

  • Start msfconsole
  • use auxiliary/server/capture/http and run the module
  • Make an HTTP request to it and see that it responds instead of crashing

@zeroSteiner
Fix an uninitialized constant error
98e6bae 
This error was introduced by the loader changes in
acf23e9
@adfoster-r7
Copy link
Contributor

Before - crash:

msf6 auxiliary(scanner/postgres/postgres_login) > use auxiliary/server/capture/http
msf6 auxiliary(server/capture/http) > run
[*] Auxiliary module running as background job 0.

[*] Started service listener on 0.0.0.0:80 
[*] Server started.
msf6 auxiliary(server/capture/http) > curl localhost:80
[*] exec: curl localhost:80

curl: (56) Recv failure: Connec[*] Server stopped.
tion reset by peer
msf6 auxiliary(server/capture/http) >

After - no crash:

msf6 auxiliary(server/capture/http) > run
[*] Auxiliary module running as background job 0.

[*] Started service listener on 0.0.0.0:80 
[*] Server started.
msf6 auxiliary(server/capture/http) > curl localhost:80
[*] exec: curl localhost:80

[*] HTTP REQUEST 127.0.0.1 > localhost:80 GET / Unknown   cookies=
<html>
<head>
	<title>Hotel Gue... etc...

@adfoster-r7 adfoster-r7 merged commit bccd906 into rapid7:master Nov 22, 2023
34 checks passed
@adfoster-r7
Copy link
Contributor

Release Notes

Fixes a module crash when running the auxiliary/server/capture/http module

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@adfoster-r7 adfoster-r7 adfoster-r7 left review comments

Assignees
No one assigned
Labels
bug easy module rn-fix release notes fix
Projects
Metasploit Kanban
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@zeroSteiner @adfoster-r7 @smcintyre-r7