[framework] Bug Report from a metasploit lover SNERT in China
eros
erroix at qq.com
Sun Nov 25 02:25:06 CST 2007
I have found a little bug of metasploit.That appear in \lib\rex\text.rb line 584.
Attend below codes :
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////
def self.pattern_create(length, sets = [ UpperAlpha, LowerAlpha, Numerals ])
buf = ''
idx = 0
offsets = []
sets.length.times { offsets << 0 }
until buf.length >= length
begin
buf += converge_sets(sets, 0, offsets, length)
rescue RuntimeError
break
end
end
buf[0..length] # here will creat a pattern with length+1 characters
end
///////////////////////////////////////////////////////////////////////////////////////////////////////////////////
and when we use pattern_create() method on msfconsole,this bug will return us a unexpect result.For example:
#puts pattern_create(56) =>"Aa0Aa1Aa2Aa3Aa4Aa5Aa6Aa7Aa8A9Ab0Ab1Ab2Ab3Ab4Ab5Ab6Ab7Ab8"
#puts pattern_create(56).length =>57
and so on...You may have a deep test.
So it will recover normal after change buf[0..length] to buf[0...length].
Hope this will make your attention!
(Southwest University of Science and Technology Net Emergency Response Team)
SNERT in short
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://spool.metasploit.com/pipermail/framework/attachments/20071125/a1ad1cd1/attachment.htm
More information about the framework
mailing list