Error while running command db_autopwn

[seanothan]

I'll start off by saying I've spent a great deal of time searching and reading solutions with no avail.....

I've been working my way through the Metasploit Unleashed course and have been doing perfectly fine until recently. While working with Nessus through Msf I've been consistently recreating the following error during the db_autopwn -x -e command:

Code:

msf > db_autopwn -x -e
[-] Error while running command db_autopwn: undefined local variable or method `data' for #<#<Module:0xb4577a4c>::Metasploit3:0xb48cbb08>

Call stack:
(eval):21:in `initialize'
/opt/metasploit3/msf3/lib/msf/ui/console/command_dispatcher/db.rb:894:in `new'
/opt/metasploit3/msf3/lib/msf/ui/console/command_dispatcher/db.rb:894:in `cmd_db_autopwn'
/opt/metasploit3/msf3/lib/msf/core/module_manager.rb:230:in `call'
/opt/metasploit3/msf3/lib/msf/core/module_manager.rb:230:in `each_module_list'
/opt/metasploit3/msf3/lib/msf/core/module_manager.rb:203:in `each'
/opt/metasploit3/msf3/lib/msf/core/module_manager.rb:203:in `each_module_list'
/opt/metasploit3/msf3/lib/msf/core/module_manager.rb:121:in `each_module'
/opt/metasploit3/msf3/lib/msf/ui/console/command_dispatcher/db.rb:893:in `cmd_db_autopwn'
/opt/metasploit3/msf3/lib/msf/ui/console/command_dispatcher/db.rb:892:in `each'
/opt/metasploit3/msf3/lib/msf/ui/console/command_dispatcher/db.rb:892:in `cmd_db_autopwn'
/opt/metasploit3/msf3/lib/rex/ui/text/dispatcher_shell.rb:331:in `send'
/opt/metasploit3/msf3/lib/rex/ui/text/dispatcher_shell.rb:331:in `run_command'
/opt/metasploit3/msf3/lib/rex/ui/text/dispatcher_shell.rb:293:in `run_single'
/opt/metasploit3/msf3/lib/rex/ui/text/dispatcher_shell.rb:287:in `each'
/opt/metasploit3/msf3/lib/rex/ui/text/dispatcher_shell.rb:287:in `run_single'
/opt/metasploit3/msf3/lib/rex/ui/text/shell.rb:143:in `run'
/opt/metasploit3/msf3/msfconsole:130

I've tried using both mysql and sqlite3 (I skipped postgresql) while importing reports, but I receive identical errors when using both database types.

I'm running metasploit v3.7.0-dev [core:3.7 api:1.0] with svn r12451 updated today (2011.04.27).

I apologize if this results in a very basic fix, but as I said I am somewhat new and trying to work my way through everything at a pace that will truly allow me to build a solid foundation.... Any help is much appreciated.

[voidnecron]

Begin with what you have done prior to the 'db_autopwn' command.
And what was the last time you ran msfupdate?

[seanothan]

I'll include a snippet of commands prior to the error (I'm leaving out the Nessus through Msf commands as this is an issue with db_autopwn and clearly my report has been imported successfully)....

Code:

root@bt:~# msfconsole

#    # ###### #####   ##    ####  #####  #       ####  # #####
##  ## #        #    #  #  #      #    # #      #    # #   #
# ## # #####    #   #    #  ####  #    # #      #    # #   #
#    # #        #   ######      # #####  #      #    # #   #
#    # #        #   #    # #    # #      #      #    # #   #
#    # ######   #   #    #  ####  #      ######  ####  #   #


       =[ metasploit v3.7.0-dev [core:3.7 api:1.0]
+ -- --=[ 681 exploits - 356 auxiliary
+ -- --=[ 217 payloads - 27 encoders - 8 nops
       =[ svn r12451 updated today (2011.04.27)

msf > db_driver mysql[*] Using database driver mysql
msf > db_connect root:toor@127.0.0.1/autopwn
msf > load db_tracker[*] Successfully loaded plugin: db_tracker
msf > db_import /root/nessus_report_Victim.nessus[*] Importing 'Nessus XML (v2)' data[*] Importing host 192.168.1.148[*] Successfully imported /root/nessus_report_Victim.nessus
msf > db_hosts

Hosts
=====

address        mac                name             os_name            os_flavor  os_sp  purpose  info  comments
-------        ---                ----             -------            ---------  -----  -------  ----  --------
192.168.1.148  00:0C:29:XX:XX:XX  sean-913f8f8ad0  Microsoft Windows  XP         SP2    device

msf > db_services

Services
========

host           port  proto  name             state  info
----           ----  -----  ----             -----  ----
192.168.1.148  21    tcp    sean-913f8f8ad0  open
192.168.1.148  25    tcp    sean-913f8f8ad0  open
192.168.1.148  80    tcp    sean-913f8f8ad0  open
192.168.1.148  123   udp    sean-913f8f8ad0  open
192.168.1.148  135   tcp    sean-913f8f8ad0  open
......

msf > db_vulns[*] Time: Wed Apr 27 06:41:29 UTC 2011 Vuln: host=192.168.1.148 name=NSS- refs=[*] Time: Wed Apr 27 06:41:29 UTC 2011 Vuln: host=192.168.1.148 port=1434 proto=udp name=NSS-10674 refs=[*] Time: Wed Apr 27 06:41:29 UTC 2011 Vuln: host=192.168.1.148 port=1433 proto=tcp name=NSS-34311 refs=CVE-2008-0085,CVE-2008-0086,CVE-2008-0106,CVE-2008-0107,BID-30082,BID-30083,BID-30118,BID-30119,OSVDB-46770,OSVDB-46771,OSVDB-46772,OSVDB-46773,MSFT-MS08-040,CWE-189[*] Time: Wed Apr 27 06:41:29 UTC 2011 Vuln: host=192.168.1.148 port=1433 proto=tcp name=NSS-35635 refs=CVE-2008-5416,BID-32710,OSVDB-50589,MSFT-MS09-004,CWE-119,MSF-Microsoft SQL Server sp_replwritetovarbin Memory Corruption[*] Time: Wed Apr 27 06:41:29 UTC 2011 Vuln: host=192.168.1.148 port=1433 proto=tcp name=NSS-10144 refs=[*] Time: Wed Apr 27 06:41:29 UTC 2011 Vuln: host=192.168.1.148 port=1025 proto=tcp name=NSS-22319 refs=
...........

msf > db_autopwn -x -e
[-] Error while running command db_autopwn: undefined local variable or method `data' for #<#<Module:0xb4577a4c>::Metasploit3:0xb48cbb08>

Call stack:
(eval):21:in `initialize'
/opt/metasploit3/msf3/lib/msf/ui/console/command_dispatcher/db.rb:894:in `new'
/opt/metasploit3/msf3/lib/msf/ui/console/command_dispatcher/db.rb:894:in `cmd_db_autopwn'
/opt/metasploit3/msf3/lib/msf/core/module_manager.rb:230:in `call'
/opt/metasploit3/msf3/lib/msf/core/module_manager.rb:230:in `each_module_list'
/opt/metasploit3/msf3/lib/msf/core/module_manager.rb:203:in `each'
/opt/metasploit3/msf3/lib/msf/core/module_manager.rb:203:in `each_module_list'
/opt/metasploit3/msf3/lib/msf/core/module_manager.rb:121:in `each_module'
/opt/metasploit3/msf3/lib/msf/ui/console/command_dispatcher/db.rb:893:in `cmd_db_autopwn'
/opt/metasploit3/msf3/lib/msf/ui/console/command_dispatcher/db.rb:892:in `each'
/opt/metasploit3/msf3/lib/msf/ui/console/command_dispatcher/db.rb:892:in `cmd_db_autopwn'
/opt/metasploit3/msf3/lib/rex/ui/text/dispatcher_shell.rb:331:in `send'
/opt/metasploit3/msf3/lib/rex/ui/text/dispatcher_shell.rb:331:in `run_command'
/opt/metasploit3/msf3/lib/rex/ui/text/dispatcher_shell.rb:293:in `run_single'
/opt/metasploit3/msf3/lib/rex/ui/text/dispatcher_shell.rb:287:in `each'
/opt/metasploit3/msf3/lib/rex/ui/text/dispatcher_shell.rb:287:in `run_single'
/opt/metasploit3/msf3/lib/rex/ui/text/shell.rb:143:in `run'
/opt/metasploit3/msf3/msfconsole:130
msf >

As I mentioned prior, I last updated today.

I should also mention I am running everything through VM and my target is the recommended XP build that the course asks you to create.

(Truncated services and vulns due to char restrictions)

[seanothan]

Same issue after updating to r12460.

[seanothan]

I've confirmed that the issue still persists despite using revisions from today, yesterday, 8 days ago, and 48 days ago. I've gone ahead and opened a ticket with the dev.Metasploit ticket system, as well.

In the meantime, if anyone has any further suggestions or observations, feel free to include them. Anything relevant I will update on the dev ticket, too.

Should I hear back with a response or a fix, I'll be sure to include it on this thread for future searches.

[voidnecron]

What happens if you create a new db and delete the current autopwn?

[seanothan]

I've tried that along with running a different report through Nessus and then importing that. Both result in the same error.

[iproute]

Have you tried just using an nmap scan instead of nessus? Run an autopwn against just open ports maybe and filter it with regular expressions (-m if i recall). Seems to me if you've attempted with new MSF update, also with new database, that using the nessus scan to base the autopwn is the only remaining commonality(meaning using nessus as your scanning technique at all. I see you imported a new scan as well.) Also if you find that using an nmap scan is successful with autopwn, let the MSF devs know, so it's more isolated for them.

[seanothan]

Same error upon running Fasttrack (nmap)....

Code:

msf > db_driver sqlite3[*] Using database driver sqlite3
msf > db_destroy pentest[*] Deleting pentest...
[-] The specified database does not exist
msf > db_create pentest
[-]
[-] Warning: The db_create command is deprecated, use db_connect instead.
[-]          The database and schema will be created automatically by
[-]          db_connect. If db_connect fails to create the database, create
[-]          it manually with your DBMS's administration tools.
[-][*] Creating a new database instance...[*] Successfully connected to the database[*] File: pentest
msf > db_nmap 192.168.1.148[*] Nmap: Starting Nmap 5.35DC1 ( http://nmap.org ) at 2011-04-28 15:51 EDT[*] Nmap: Nmap scan report for sean-913f8f8ad0 (192.168.1.148)[*] Nmap: Host is up (0.000060s latency).[*] Nmap: Not shown: 991 closed ports[*] Nmap: PORT     STATE SERVICE[*] Nmap: 21/tcp   open  ftp[*] Nmap: 25/tcp   open  smtp[*] Nmap: 80/tcp   open  http[*] Nmap: 135/tcp  open  msrpc[*] Nmap: 139/tcp  open  netbios-ssn[*] Nmap: 443/tcp  open  https[*] Nmap: 445/tcp  open  microsoft-ds[*] Nmap: 1025/tcp open  NFS-or-IIS[*] Nmap: 1433/tcp open  ms-sql-s[*] Nmap: MAC Address: 00:0C:29:17:B1:21 (VMware)[*] Nmap: Nmap done: 1 IP address (1 host up) scanned in 1.44 seconds
msf > db_autopwn -p -t -e -b
[-] Error while running command db_autopwn: undefined local variable or method `data' for #<#<Module:0xb43dd40c>::Metasploit3:0xb3ad28f8>

Call stack:
/pentest/exploits/framework3/lib/msf/core/module.rb:32:in `type'
/pentest/exploits/framework3/lib/msf/core/module.rb:36:in `fullname'
/pentest/exploits/framework3/lib/msf/core/module.rb:86:in `inspect'
/pentest/exploits/framework3/lib/rex/ui/text/dispatcher_shell.rb:300:in `to_str'
/pentest/exploits/framework3/lib/rex/ui/text/dispatcher_shell.rb:300:in `to_s'
/pentest/exploits/framework3/lib/rex/ui/text/dispatcher_shell.rb:300:in `run_single'
/pentest/exploits/framework3/lib/rex/ui/text/dispatcher_shell.rb:287:in `each'
/pentest/exploits/framework3/lib/rex/ui/text/dispatcher_shell.rb:287:in `run_single'
/pentest/exploits/framework3/lib/rex/ui/text/shell.rb:143:in `run'
/pentest/exploits/framework3/msfconsole:130
msf > sleep 5
msf > jobs -K
Stopping all jobs...
msf >
msf >
msf >
msf >
msf > sessions -l

Active sessions
===============

No active sessions.

[seanothan]

Fantastic suggestion, iproute. I'll give it a shot and post back when I have a moment!

I sent them an attachment of the report fed by Nessus so if it is a Nessus issue, hopefully they're going to modify as needed.