Metasploit-framework: Post Module (gnome_keyring_dump) - stdapi_railgun_api error.

Created on 29 May 2017  路  5Comments  路  Source: rapid7/metasploit-framework

Steps to reproduce

Gain a linux meterpreter shell on a x86/x64 bit linux box.
How'd you do it?

  1. Took a meterpreter session on linux box using msfvenom - elf type payload.
  2. Used meterpreter to run the gnome_keyring_dump module.

Expected behavior

Should have executed the post module without error and dump gnome keys.

Current behavior

Throwing an error.

meterpreter > sysinfo
Computer : 192.168.1.108
OS : Kali kali-rolling (Linux 4.9.0-kali3-amd64)
Architecture : x64
Meterpreter : x64/linux
meterpreter > run post/linux/gather/gnome_keyring_dump

[-] Post failed: Rex::Post::Meterpreter::RequestError stdapi_railgun_api: Operation failed: 1
[-] Call stack:
[-] /usr/local/share/metasploit-framework-master/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll.rb:266:in process_function_call' [-] /usr/local/share/metasploit-framework-master/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll.rb:84:incall_function'
[-] /usr/local/share/metasploit-framework-master/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_wrapper.rb:24:in method_missing' [-] /usr/local/share/metasploit-framework-master/modules/post/linux/gather/gnome_keyring_dump.rb:195:inrun'

System stuff

Metasploit version -

metasploit v4.14.22-dev

I installed Metasploit with:

  • [ ] Source install (please specify ruby version)
    ruby 2.4.1p111 (2017-03-22 revision 58053) [x86_64-darwin16]

OS

MacOS Sierra

bug module newbie-friendly
Source
picture upgoingstar

All 5 comments

Looks like I was trying with wrong meterpreter, this works with python meterpreter only.

upgoingstar picture upgoingstar on 29 May 2017
👍1

Re-opening since this is an issue with the native meterpreter. IIRC the railgun API is only available on the python meterpreter at the moment so the platform of the module should be changed from linux to python. /cc @zeroSteiner

void-in picture void-in on 30 May 2017

hi there i am an undergrad in computer science , i am looking forward to contribute for metasploit
what is there to contribute in for this bug ,can i help ?

Hyperion101010 picture Hyperion101010 on 7 Oct 2018

Absolutely! While Rapid7 owns the project and has a bunch of developers that do much of the main work, LOTS of the code is from volunteers (like myself). Check out the awesome docs on how to get started here: https://github.com/rapid7/metasploit-framework/wiki/Contributing-to-Metasploit

If you need further help, check the IRC channel.

h00die picture h00die on 7 Oct 2018

everything I am finding about railgun says it is a windows only post feature... that would make sense since it is trying to use DLLs and as far as I know linux systems don't use Windows DLLs. Also in the railgun.rb file it references windows and the railgun.rb file itself is in the core/post/windows folder.

d4v3y0rk picture d4v3y0rk on 23 Jan 2020
👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

kali64amd picture kali64amd  路  39Comments
kontenbonker picture kontenbonker  路  26Comments
nixawk picture nixawk  路  56Comments
Jab2870 picture Jab2870  路  26Comments
apollyonfirstcome picture apollyonfirstcome  路  42Comments