Metasploit Framework: Activity

Bug #6339: Railgun Error

2012-02-03T19:13:07-06:00

Judging from the error, a stray "(" got into the user's declaration for "NetGetJoinInformation". The mistake is not in the repository, however, so I imagine that someone's editor is playing tricks on them.

To solve, either revert lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_netapi32.rb or edit it to remove the stray parenthesis. I imagine it looks like this: dll.add_function('NetGetJoinInformation(', 'DWORD',[

Bug #6252: Upload fails from meterpreter session

2012-02-03T17:25:45-06:00

Related to Fastlib. Commenting out the Kernel.require override fixes it.

Bug #6252: Upload fails from meterpreter session

2012-02-03T17:11:19-06:00

Reproduced. The key here is the 'lcd' command which changes the working dir for all of the msfconsole process.

Bug #6147 (Feedback): Module synflood Argument INTERFACE: ArgumentError interface must be a strin...

2012-02-03T17:04:06-06:00

Can't reproduce on Linux. It looks like you're on a BSD of some variety, do any of the other pcap modules work for you?

Revision f89853d3: Squashed commit of the following:

2012-02-03T17:01:35-06:00

commit 69bb41a8176fb814485225e0c3b0e1c44342e652
Author: matugm <matugm@gmail.com>
Date: Tue Jan 31 11:30:52 2012 +0100

indentation

commit 175d230a06dc58e2123f092d39f33063efdce83d
Author: matugm <matugm@gmail.com>
Date: Tue Jan 31 11:13:02 2012 +0100

Changed way of finding hive names so that it works with xp hives

Revision 148dddba: http_fingerprint should use the ssl() function

2012-02-03T15:31:20-06:00

Instead of re-declaring ssl as a variable, just use the library's SSL
function, since it's there and it's incidentally more accurate.

Bug #6346: Concurrent access to console for printing when using multiple threads

2012-02-03T15:27:17-06:00

This could be hairy.

$ egrep -r 'print_(status|good)' modules/auxiliary/scanner/ | grep -iv host | grep -vi "#{ip}"| wc -l
467

Basically requires manual review of most scanners

Revision c0e98255: Whitespace and a typo

2012-02-03T15:10:17-06:00

Revision af506240: http_fingerprint reports service info

2012-02-03T12:15:11-06:00

Service info once again is reported when http_fingerprint is run against
a target, along with http status codes.

Bug #6346 (New): Concurrent access to console for printing when using multiple threads

2012-02-03T11:13:03-06:00

When using multiple threads with auxiliary modules , data output can be "mixed" between threads.
For instance, mssql_ping prints info about a sql server when it finds one, such as :
IP_ADDRESS
TCP port used
SERVER VERSION
...

When having 2 threads or more, results from differents servers can get "mixed" :

IP_ADDRESS 1
TCP port used 1
IP_ADDRESS 2
TCP port used 2
SERVER VERSION 2
SERVER VERSION 1

When having 20 thread or more, it can become a nightmare.

The idea would be to acquire a mutex before printing to the console and releasing it after.
Could be done in a print wrapper that acquires and release the mutex

Feature #6343: [POSIX meterpreter] needs a 'make debug' target

2012-02-03T11:12:14-06:00

Agreed, I think this adds too much to the payload size to be changed in the main trunk. I'll work on getting a 'make debug' target working which should make this unnecessary.

Revision 864a6815: Merge pull request #152 from argp/mozilla_mchannel_lion

2012-02-03T10:27:49-06:00

Modified (and tested) to work on Lion 10.7.2 and 10.7.3

Feature #6343: [POSIX meterpreter] needs a 'make debug' target

2012-02-03T10:20:00-06:00

What do you think, egypt7? I'n not super-thrilled about dropping 400k back into meterpreter.

Bug #6344 (Resolved): [meterpreter] double call to stdapi_net_config_get_interfaces when using "i...

2012-02-03T09:47:10-06:00

Applied in changeset 6623988fc09a2dd8241977e2c31bfe938802f91f.

Revision 6623988f: Remove duplicate interfaces call, fixes #6344

2012-02-03T09:46:08-06:00