Metasploit mailing list archives
linux x86 meterpreter portfwd bug
From: Anestis Bechtsoudis <bechtsoudis.a () gmail com>
Date: Sat, 19 May 2012 14:21:55 +0300
Hello list, while messing around with linux meterpreter's network features, I spotted that portfwd poses some malfunctions. If the dev team is familiar with this bug excuse me for this double report (a quick search doesn't reveal any relevant tracked issue). After applying the port forward rule, only data from the first TCP connection attempt reach the end service. Continuing with tcpdump debugging I discovered that the FIN packets from the client never reach the end service over the meterpreter's port forwarded path. After the first PSH, meterpreter's port forwarder is dead (ignoring any PSH packets) and it can only complete the initial 3-way handshake on a new connection attempt. Flushing the forward rules or choosing a different port does not help. Additionally on a 2.6.24-30 x86 box the meterpreter crashes with a segmentation fault when a second connection is attempted over the port forwarded path. If the dev team requires more evidence to replay the scenario feel free to contact me. Regards, Anestis Bechtsoudis -- #----------------------------------------------# | Anestis Bechtsoudis | | | | Network Operation Center, | | Laboratory for Computing (LabCom), | | Dept. of Computer Engineering & Informatics, | | University of Patras, Greece | |----------------------------------------------| | Website: https://bechtsoudis.com | #----------------------------------------------# _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- linux x86 meterpreter portfwd bug Anestis Bechtsoudis (May 19)