Metasploit-framework: Error: Failed to load module on metasploit using Kali Linux 2018.1. Can anyone suggest solution for this. Thanks
Steps to reproduce
How'd you do it?
- ...
- ...
This section should also tell us any relevant information about the
environment; for example, if an exploit that used to work is failing,
tell us the victim operating system and service versions.
Expected behavior
What should happen?
Current behavior
What happens instead?
You might also want to check the last ~1k lines of
/opt/metasploit/apps/pro/engine/config/logs/framework.log or
~/.msf4/logs/framework.log for relevant stack traces
System stuff
Metasploit version
Get this with the version command in msfconsole (or git log -1 --pretty=oneline for a source install).
I installed Metasploit with:
- [ ] Kali package via apt
- [ ] Omnibus installer (nightly)
- [ ] Commercial/Community installer (from http://www.rapid7.com/products/metasploit/download.jsp)
- [ ] Source install (please specify ruby version)
OS
What OS are you running Metasploit on?
question
darroy1722
All 6 comments
I started Metasploit by running the command msfconsole.
Then, I typed in the command use exploit/multi/handlers.
It then gives the error.
Attaching screenshot for the same.
darroy1722
on 27 Mar 2018
👎2
There is no module called 'exploit'. Also, please don't submit the same question in multiple places.
https://www.offensive-security.com/metasploit-unleashed/using-exploits/
busterb
on 27 Mar 2018
👍1
dhiren01234
on 11 Sep 2019
please help me
dhiren01234
on 11 Sep 2019
@dhiren01234 Please don't post on closed issues.
It appears you have invoked searchsploit from within Metasploit. searchsploit and Metaspliot are two unrelated tools.
When you run searchsploit, it will list all the available exploits in Exploit DB. A local exploit DB repository is available on kali (exploit-db package), and is located in /usr/share/exploitdb/ by default. searchsploit will also print the location of the repository for you (see console output below).
# searchsploit ruby on rail
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------- ----------------------------------------
Exploit Title | Path
| (/usr/share/exploitdb/)
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------- ----------------------------------------
Ruby On Rails - DoubleTap Development Mode secret_key_base Remote Code Execution (Metasploit) | exploits/linux/remote/46785.rb
Ruby on Rails - Development Web Console (v2) Code Execution (Metasploit) | exploits/ruby/remote/39792.rb
Ruby on Rails - Dynamic Render File Upload / Remote Code Execution (Metasploit) | exploits/multiple/remote/40561.rb
Ruby on Rails - JSON Processor YAML Deserialization Code Execution (Metasploit) | exploits/multiple/remote/24434.rb
Ruby on Rails - Known Secret Session Cookie Remote Code Execution (Metasploit) | exploits/multiple/remote/27527.rb
Ruby on Rails - XML Processor YAML Deserialization Code Execution (Metasploit) | exploits/multiple/remote/24019.rb
Ruby on Rails 1.2.3 To_JSON - Script Injection | exploits/linux/remote/30089.txt
Ruby on Rails 2.3.5 - 'protect_from_forgery' Cross-Site Request Forgery | exploits/linux/remote/33402.txt
Ruby on Rails 3.0.5 - 'WEBrick::HTTPRequest' Module HTTP Header Injection | exploits/multiple/remote/35352.rb
Ruby on Rails 4.0.x/4.1.x/4.2.x (Web Console v2) - Whitelist Bypass Code Execution (Metasploit) | exploits/multiple/remote/41689.rb
Ruby on Rails ActionPack Inline ERB - Code Execution (Metasploit) | exploits/ruby/remote/40086.rb
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------- ----------------------------------------
Shellcodes: No Result
In this instance, the exploits/ruby/remote/40086.rb file you're looking for is located at /usr/share/exploitdb/exploits/ruby/remote/40086.rb
If you wish to search for Metasploit modules available within Metasploit, you can use the search command.
msf5 > search -h
Usage: search [<options>] [<keywords>]
If no options or keywords are provided, cached results are displayed.
OPTIONS:
-h Show this help information
-o <file> Send output to a file in csv format
-S <string> Search string for row filter
-u Use module if there is one result
Keywords:
aka : Modules with a matching AKA (also-known-as) name
author : Modules written by this author
arch : Modules affecting this architecture
bid : Modules with a matching Bugtraq ID
cve : Modules with a matching CVE ID
edb : Modules with a matching Exploit-DB ID
check : Modules that support the 'check' method
date : Modules with a matching disclosure date
description : Modules with a matching description
fullname : Modules with a matching full name
mod_time : Modules with a matching modification date
name : Modules with a matching descriptive name
path : Modules with a matching path
platform : Modules affecting this platform
port : Modules with a matching port
rank : Modules with a matching rank (Can be descriptive (ex: 'good') or numeric with comparison operators (ex: 'gte400'))
ref : Modules with a matching ref
reference : Modules with a matching reference
target : Modules affecting this target
type : Modules of a specific type (exploit, payload, auxiliary, encoder, evasion, post, or nop)
Examples:
search cve:2009 type:exploit
msf5 > search -S ruby on rails
Matching Modules
================
# Name Disclosure Date Rank Check Description
- ---- --------------- ---- ----- -----------
64 auxiliary/admin/http/rails_devise_pass_reset 2013-01-28 normal No Ruby on Rails Devise Authentication Password Reset
204 auxiliary/dos/http/rails_action_view 2013-12-04 normal No Ruby on Rails Action View MIME Memory Exhaustion
205 auxiliary/dos/http/rails_json_float_dos 2013-11-22 normal No Ruby on Rails JSON Processor Floating Point Heap Overflow DoS
210 auxiliary/dos/http/webrick_regex 2008-08-08 normal No Ruby WEBrick::HTTP::DefaultFileHandler DoS
356 auxiliary/gather/rails_doubletap_file_read normal Yes Ruby On Rails File Content Disclosure ('doubletap')
547 auxiliary/scanner/http/rails_json_yaml_scanner normal Yes Ruby on Rails JSON Processor YAML Deserialization Scanner
548 auxiliary/scanner/http/rails_mass_assignment normal Yes Ruby On Rails Attributes Mass Assignment Scanner
549 auxiliary/scanner/http/rails_xml_yaml_scanner normal Yes Ruby on Rails XML Processor YAML Deserialization Scanner
1213 exploit/linux/misc/drb_remote_codeexec 2011-03-23 excellent No Distributed Ruby Remote Code Execution
1458 exploit/multi/http/rails_actionpack_inline_exec 2016-03-01 excellent No Ruby on Rails ActionPack Inline ERB Code Execution
1459 exploit/multi/http/rails_double_tap 2019-03-13 excellent Yes Ruby On Rails DoubleTap Development Mode secret_key_base Vulnerability
1460 exploit/multi/http/rails_dynamic_render_code_exec 2016-10-16 excellent Yes Ruby on Rails Dynamic Render File Upload Remote Code Execution
1461 exploit/multi/http/rails_json_yaml_code_exec 2013-01-28 excellent No Ruby on Rails JSON Processor YAML Deserialization Code Execution
1462 exploit/multi/http/rails_secret_deserialization 2013-04-11 excellent No Ruby on Rails Known Secret Session Cookie Remote Code Execution
1463 exploit/multi/http/rails_web_console_v2_code_exec 2015-06-16 excellent No Ruby on Rails Web Console (v2) Whitelist Bypass Code Execution
1464 exploit/multi/http/rails_xml_yaml_code_exec 2013-01-07 excellent No Ruby on Rails XML Processor YAML Deserialization Code Execution
2859 payload/cmd/unix/bind_ruby normal No Unix Command Shell, Bind TCP (via Ruby)
2860 payload/cmd/unix/bind_ruby_ipv6 normal No Unix Command Shell, Bind TCP (via Ruby) IPv6
2876 payload/cmd/unix/reverse_ruby normal No Unix Command Shell, Reverse TCP (via Ruby)
2877 payload/cmd/unix/reverse_ruby_ssl normal No Unix Command Shell, Reverse TCP SSL (via Ruby)
2885 payload/cmd/windows/bind_ruby normal No Windows Command Shell, Bind TCP (via Ruby)
2891 payload/cmd/windows/reverse_ruby normal No Windows Command Shell, Reverse TCP (via Ruby)
3034 payload/ruby/pingback_bind_tcp normal No Ruby Pingback, Bind TCP
3035 payload/ruby/pingback_reverse_tcp normal No Ruby Pingback, Reverse TCP
3036 payload/ruby/shell_bind_tcp normal No Ruby Command Shell, Bind TCP
3037 payload/ruby/shell_bind_tcp_ipv6 normal No Ruby Command Shell, Bind TCP IPv6
3038 payload/ruby/shell_reverse_tcp normal No Ruby Command Shell, Reverse TCP
3039 payload/ruby/shell_reverse_tcp_ssl normal No Ruby Command Shell, Reverse TCP SSL
3346 post/multi/gather/rubygems_api_key normal No Multi Gather RubyGems API Key
msf5 >
bcoles
on 11 Sep 2019
Iam not getting any options in the multi handler module
aukay-coder
on 27 Oct 2019
Was this page helpful?
0 / 5 - 0 ratings
Related issues
handsomebeast
路
3Comments
fluit105
路
3Comments
Sonya2010
路
3Comments
verapex
路
3Comments
wvu-r7
路
3Comments