Stack Overflow
Stack Overflow

Questions tagged [metasploit]

This tag is for questions about *programming* the Metasploit framework, not for using the framework or attacking a specific site.

The Metasploit Framework is an open-source project owned/sponsored by Rapid7 for vulnerability assessment, exploitation development, penetration testing, and many other computer and network security-related tasks.

Since version 3 of the Framework, Metasploit has been written primarily in Ruby. Version 2 and older were written in Perl. The various payloads, stagers, and shellcodes are primarily written in C, assembly, and Java.

Metasploit is developed on Github. Documentation and community forums are available on Rapid7's community site. Questions can also be asked in the #metasploit channel on Freenode.

If your question is about using Metasploit, rather than programming with it, then it should probably go on our sister site Information Security.

If your question is about attacking a specific system, such questions are off-topic on Stack Overflow. They are also off-topic on Information Security unless they demonstrate an understanding of the concepts involved and clearly identify a specific problem.

Also, any issues resulting from using such tools without permission from the target are your own risk; we do not endorse such actions in any way.

228 questions
1
vote
2 answers

Installing Metasploit Framework on OS X Yosemite, metasploit-framework -v '4.10.1.pre.dev' not found

I am trying to install Metasploit Framework on OS X Yosemite and whilst running bundle install the installer gets stuck on trying to install metasploit-framework -v '4.10.1.pre.dev'. When I run gem install metasploit-framework -v '4.10.1.pre.dev' on…
Zach
  • 4,555
  • 9
  • 31
  • 52
1
vote
1 answer

Metasploit: send_request_cgi returns nil for HTTPS connections

I am currently trying to write an auxiliary module for Metasploit. The module basically tries multiple default credentials to get access to the router's management page. The authentication is done via web, i.e. HTTP POST. Currently, the module works…
InfectedPacket
  • 264
  • 2
  • 8
1
vote
1 answer

Simple Persistence Script - Metasploit

I am trying to design a simple persistence script for Metasploit, considering the one they have is tagged by antivirus. I'm running into some trouble about what the code should look like. Here's my plan: 1. Batch file in startup folder with a loop…
TooEasy
  • 11
  • 1
1
vote
0 answers

gem install network_interface -v '0.0.1' errors Cygwin

I'm trying to install metasploit in windows. When running the script in Cygwin, the network_interface gem won't install. I believe I have all the dependencies installed. Can anyone help? Thanks in advance. $ gem install network_interface -v…
user1781482
  • 623
  • 3
  • 15
  • 24
1
vote
1 answer

How to run the linux/x86/shell_reverse_tcp payload stand alone?

I'm trying to run the linux/x86/shell_reverse_tcp payload. If I look at the summary of the payload it seems like a host and port are the two requirements, shown below. max@ubuntu-vm:~/SLAE/mod2$ sudo msfpayload -p linux/x86/shell_reverse_tcp S …
mbigras
  • 7,664
  • 11
  • 50
  • 111
1
vote
1 answer

How to run the linux/x86/shell_bind_tcp payload stand alone?

I'm running a Metasploit payload in a sandbox c program. Below is a summary of the payload of interest. From there I generate some shellcode and load it up in my sandbox, but when I run it the program will simply wait. I think this is because it's…
mbigras
  • 7,664
  • 11
  • 50
  • 111
1
vote
2 answers

Error Installing pcaprub using GEM on Centos 5.9

I'm midprocess installing metasploit on my Centos 5.9 box. While performing the bundle install I get an error installing pcaprub which I've tried running solo as gem install pcaprub and recorded here. libpcap-devel-0.9.4-15.el5.i386.rpm is…
Dimbuddha
  • 11
  • 1
  • 4
1
vote
5 answers

Metasploit Framework running on Android

is it possible to run the metasploit framework on Android devices? I've googled it up and found this link. But there's an access denied error. Any ideas?
psm1k3
  • 23
  • 1
  • 1
  • 4
1
vote
2 answers

Find out which ciphers are supported by a server using Ruby

I'm trying to write/modify a metasploit module to find out which ciphers are supported by a server (for scanning purposes). Will I have to enumerate the ciphers, by trying them all out, or is there a way I can request from the server which ciphers…
user857990
  • 1,140
  • 3
  • 14
  • 29
1
vote
2 answers

Shell-spawning shellcode that is smaller than 295 bytes

I want shell-spawning shellcodes that is smaller than 295 bytes. Metasploit usually produces shell-spawning shellcodes that are (far) more than 300 bytes. Or is there anyway I can compress the shell-spawning shellcode? Edit: I need these shellcodes…
user1613156
  • 69
  • 2
  • 7
0
votes
1 answer

Using existing Ruby script written with net/http as metasploit auxiliary

I want to use follwing ruby code written using net/http as metasploit auxiliary. I want to know which one will help me to convert it easily either librex or any other metasploit API that supports file reading/writing and string manipulation using…
Akash Panchal
  • 205
  • 1
  • 6
  • 20
0
votes
1 answer

metasploit: bypassuac windows privilege escalation hangs

post/windows/escalate/bypassuac seems to fail for me For some reason I can't get the post exploitation module bypassuac to work. This is what I did: Opened a meterpreter session on the target machine (as the NETWORKSERVICE user) Put the session in…
68616c766172
  • 9
  • 1
  • 3
0
votes
0 answers

EOF error with raw_input - Issue executing Python script from a reverse shell

I am currently helping my university's cyber security program by creating a simple Capture the Flag style python script to be used for the final exam. I created the script and everything is working great when run natively on Windows. The issue…
Rferia0211
  • 1
  • 1
0
votes
1 answer

Unable to start msfconsole or msfdb due to LoadError and ThreadError

I am trying to run msfdb but I can't seem to do so because I get a LoadError and 2 ThreadErrors. Here is the full stack: /usr/share/metasploit-framework/vendor/bundle/ruby/3.1.0/gems/zeitwerk-2.5.4/lib/zeitwerk/kernel.rb:35:in `require': cannot load…
Matthew Schell
  • 599
  • 1
  • 6
  • 19
0
votes
1 answer

running 'msfconsole' command it throws error

In termux while "Could not find activerecord-6.1.4.7 in any of the sources", I tried running 'gem install activerecord' but still after installing this gem, it shows again same error. Plz help me!!
Heer Patel
  • 11
  • 1
  • 1
1 2 3
15 16