Home page logo
/

metasploit logo Metasploit mailing list archives

bug in auxiliary/scanner/http/jboss_vulnscan
From: Robin Wood <robin () digininja org>
Date: Thu, 2 Jun 2011 12:43:06 +0100

Another bug, this time in  auxiliary/scanner/http/jboss_vulnscan. I've
set the RHOSTS but this line:

info = http_fingerprint({ :response => res })

returns nil so print_status dies:

msf auxiliary(jboss_vulnscan) > show options

Module options (auxiliary/scanner/http/jboss_vulnscan):

   Name     Current Setting  Required  Description
   ----     ---------------  --------  -----------
   Proxies                   no        Use a proxy chain
   RHOSTS   1.1.1.1          yes       The target address range or
CIDR identifier
   RPORT    444              yes       The target port
   THREADS  1                yes       The number of concurrent threads
   VERB     HEAD             yes       Verb for auth bypass testing
   VHOST                     no        HTTP server virtual host

msf auxiliary(jboss_vulnscan) > exploit
Debug: res = nil

[*] Error: 1.1.1.1: TypeError can't convert nil into String
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed

I've tried to dig through to work out why but haven't got time to
fully understand the send_request_cgi function at the moment so can't
offer a solution.

Robin
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]