linux x86 meterpreter portfwd bug

[Anestis Bechtsoudis <bechtsoudis.a () gmail com>]

Hello list,

while messing around with linux meterpreter's network features, I
spotted that portfwd poses some malfunctions. If the dev team is
familiar with this bug excuse me for this double report (a quick search
doesn't reveal any relevant tracked issue).

After applying the port forward rule, only data from the first TCP
connection attempt reach the end service. Continuing with tcpdump
debugging I discovered that the FIN packets from the client never reach
the end service over the meterpreter's port forwarded path.

After the first PSH, meterpreter's port forwarder is dead (ignoring any
PSH packets) and it can only complete the initial 3-way handshake on a
new connection attempt. Flushing the forward rules or choosing a
different port does not help.

Additionally on a 2.6.24-30 x86 box the meterpreter crashes with a
segmentation fault when a second connection is attempted over the port
forwarded path.

If the dev team requires more evidence to replay the scenario feel free
to contact me.



Regards,
Anestis Bechtsoudis

-- 
#----------------------------------------------#
| Anestis Bechtsoudis                          |
|                                              |
| Network Operation Center,                    |
| Laboratory for Computing (LabCom),           |
| Dept. of Computer Engineering & Informatics, |
| University of Patras, Greece                 |
|----------------------------------------------|
| Website: https://bechtsoudis.com             |
#----------------------------------------------#
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework