Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

client.modules.use("exploit","exploit/linux/misc/saltstack_salt_unauth_rce") #54

Open
sachinly opened this issue Aug 5, 2020 · 4 comments
Open

client.modules.use("exploit","exploit/linux/misc/saltstack_salt_unauth_rce") #54

sachinly opened this issue Aug 5, 2020 · 4 comments

Comments

@sachinly
Copy link

sachinly commented Aug 5, 2020

can not get result ,msfrpcd in metasploit v5.0.101-dev.
@zn3x
Copy link

zn3x commented Aug 14, 2020
edited
Loading

Socket seems to be waiting for data. Did run into same problem. And here is stack trace of what's happening

Traceback (most recent call last):
  File "ms.py", line 8, in <module>
    ex = client.modules.use('exploit', 'linux/misc/saltstack_salt_unauth_rce')
  File "/usr/lib/python3.8/site-packages/pymetasploit3/msfrpc.py", line 1663, in use
    return ExploitModule(self.rpc, mname)
  File "/usr/lib/python3.8/site-packages/pymetasploit3/msfrpc.py", line 1450, in __init__
    super(ExploitModule, self).__init__(rpc, 'exploit', exploit)
  File "/usr/lib/python3.8/site-packages/pymetasploit3/msfrpc.py", line 1256, in __init__
    self._info = rpc.call(MsfRpcMethod.ModuleInfo, [mtype, mname])
  File "/usr/lib/python3.8/site-packages/pymetasploit3/msfrpc.py", line 215, in call
    r = self.post_request(url, payload)
  File "<decorator-gen-2>", line 2, in post_request
  File "/usr/lib/python3.8/site-packages/retry/api.py", line 73, in retry_decorator
    return __retry_internal(partial(f, *args, **kwargs), exceptions, tries, delay, max_delay, backoff, jitter,
  File "/usr/lib/python3.8/site-packages/retry/api.py", line 33, in __retry_internal
    return f()
  File "/usr/lib/python3.8/site-packages/pymetasploit3/msfrpc.py", line 226, in post_request
    return requests.post(url, data=payload, headers=self.headers, verify=False)
  File "/usr/lib/python3.8/site-packages/requests/api.py", line 119, in post
    return request('post', url, data=data, json=json, **kwargs)
  File "/usr/lib/python3.8/site-packages/requests/api.py", line 61, in request
    return session.request(method=method, url=url, **kwargs)
  File "/usr/lib/python3.8/site-packages/requests/sessions.py", line 530, in request
    resp = self.send(prep, **send_kwargs)
  File "/usr/lib/python3.8/site-packages/requests/sessions.py", line 643, in send
    r = adapter.send(request, **kwargs)
  File "/usr/lib/python3.8/site-packages/requests/adapters.py", line 439, in send
    resp = conn.urlopen(
  File "/usr/lib/python3.8/site-packages/urllib3/connectionpool.py", line 670, in urlopen
    httplib_response = self._make_request(
  File "/usr/lib/python3.8/site-packages/urllib3/connectionpool.py", line 426, in _make_request
    six.raise_from(e, None)
  File "<string>", line 3, in raise_from
  File "/usr/lib/python3.8/site-packages/urllib3/connectionpool.py", line 421, in _make_request
    httplib_response = conn.getresponse()
  File "/usr/lib/python3.8/http/client.py", line 1332, in getresponse
    response.begin()
  File "/usr/lib/python3.8/http/client.py", line 303, in begin
    version, status, reason = self._read_status()
  File "/usr/lib/python3.8/http/client.py", line 264, in _read_status
    line = str(self.fp.readline(_MAXLINE + 1), "iso-8859-1")
  File "/usr/lib/python3.8/socket.py", line 669, in readinto
    return self._sock.recv_into(b)
KeyboardInterrupt

@zn3x
Copy link

zn3x commented Aug 14, 2020

After some research in code, it seems like this is a metasploit issue.

@dosten-xx
Copy link

After some research in code, it seems like this is a metasploit issue.

Agree. We have to skip this exploit when getting the exploit info.

@adfoster-r7
Copy link

I haven't tested it; but I believe this might be fixed by rapid7/metasploit-framework#15686

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@dosten-xx @sachinly @zn3x @adfoster-r7