Jump to content

pdobrzyn

Members
 View Profile  See their activity

  • Posts

    1

  • Joined

  • Last visited

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

pdobrzyn's Achievements

Newbie

Newbie (1/14)

  1. pdobrzyn
    Hello, to be honest, i`m new in kali linux, thus im asking for understanding. Im trying to exploit Oracle database with metasploit module "oracle_login" and it ends with following statement msf auxiliary(oracle_login) > run [*] Nmap: Setting up credential file... [*] Nmap: Starting Oracle bruteforce with 568 credentials against SID 'XE'... [-] Missing RPORTS [-] Auxiliary failed: RuntimeError Cannot continue without a valid port list. [-] Call stack: [-] /usr/share/metasploit-framework/lib/msf/core/auxiliary/nmap.rb:162:in `nmap_add_ports' [-] /usr/share/metasploit-framework/lib/msf/core/auxiliary/nmap.rb:48:in `set_nmap_cmd' [-] /usr/share/metasploit-framework/lib/msf/core/auxiliary/nmap.rb:91:in `nmap_run' [-] /usr/share/metasploit-framework/modules/auxiliary/scanner/oracle/oracle_login.rb:62:in `run' [*] Auxiliary module execution completed msf auxiliary(oracle_login) > set SID ncia11 SID => ncia11 msf auxiliary(oracle_login) > set RPORTS 1521 RPORTS => 1521 msf auxiliary(oracle_login) > run [*] Nmap: Setting up credential file... [*] Nmap: Starting Oracle bruteforce with 568 credentials against SID 'ncia11'... [*] Using RPORTS range 1521 [*] Nmap: Starting nmap with pid 1514 [*] Nmap: 'Warning: The -P0 option is deprecated. Please use -Pn' [*] Nmap: Starting Nmap 7.40 ( https://nmap.org ) at 2017-04-18 11:35 CEST [*] Nmap: NSE: Loaded 1 scripts for scanning. [*] Nmap: NSE: Script Pre-scanning. [*] Nmap: Initiating NSE at 11:35 [*] Nmap: Completed NSE at 11:35, 0.00s elapsed [*] Nmap: Initiating ARP Ping Scan at 11:35 [*] Nmap: Scanning 192.168.137.148 [1 port] [*] Nmap: Completed ARP Ping Scan at 11:35, 0.02s elapsed (1 total hosts) [*] Nmap: Initiating SYN Stealth Scan at 11:35 [*] Nmap: Scanning 192.168.137.148 [1 port] [*] Nmap: Discovered open port 1521/tcp on 192.168.137.148 [*] Nmap: Completed SYN Stealth Scan at 11:35, 0.00s elapsed (1 total ports) [*] Nmap: NSE: Script scanning 192.168.137.148. [*] Nmap: Initiating NSE at 11:35 [*] Nmap: Completed NSE at 11:35, 0.04s elapsed [*] Nmap: Nmap scan report for 192.168.137.148 [*] Nmap: Host is up (0.0033s latency). [*] Nmap: PORT STATE SERVICE [*] Nmap: 1521/tcp open oracle [*] Nmap: MAC Address: 00:15:5D:6E:63:11 (Microsoft) [*] Nmap: NSE: Script Post-scanning. [*] Nmap: Initiating NSE at 11:35 [*] Nmap: Completed NSE at 11:35, 0.00s elapsed [*] Nmap: Read data files from: /usr/bin/../share/nmap [*] Nmap: Nmap done: 1 IP address (1 host up) scanned in 0.65 seconds [*] Nmap: Raw packets sent: 2 (72B) | Rcvd: 2 (72B) [-] Auxiliary failed: NoMethodError undefined method `doctype' for #<Rex::Parser::NmapXMLStreamParser:0x0055cabb8f8988> [-] Call stack: [-] /usr/lib/ruby/2.3.0/rexml/parsers/streamparser.rb:36:in `parse' [-] /usr/lib/ruby/2.3.0/rexml/document.rb:242:in `parse_stream' [-] /usr/share/metasploit-framework/lib/msf/core/auxiliary/nmap.rb:262:in `nmap_hosts' [-] /usr/share/metasploit-framework/modules/auxiliary/scanner/oracle/oracle_login.rb:65:in `run' [*] Auxiliary module execution completed [/CODE] I have set RHOST, correct RPORTS and correct SID for the database (which is located at 192.168.137.148). [B]uname -a[/B] [CODE] uname -a Linux kali 4.9.0-kali3-amd64 #1 SMP Debian 4.9.18-1kali1 (2017-04-04) x86_64 GNU/Linux [/CODE] [B]lsb_release -a [/B][CODE]lsb_release -a No LSB modules are available. Distributor ID: Kali Description: Kali GNU/Linux Rolling Release: kali-rolling Codename: kali-rolling [/CODE] [B]ifconfig [/B][CODE]ifconfig eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.137.105 netmask 255.255.255.0 broadcast 192.168.137.255 inet6 fe80::ed6a:6174:2190:25d5 prefixlen 64 scopeid 0x20<link> ether 00:15:5d:6e:63:1d txqueuelen 1000 (Ethernet) RX packets 9810 bytes 10043669 (9.5 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 7180 bytes 798373 (779.6 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 [/CODE] [B]metasploit version [/B]metasploit v4.14.10-dev Does anybody know what does it mean "undefined method 'doctype'? streamparser.rb code [CODE]# frozen_string_literal: false require "rexml/parsers/baseparser" module REXML module Parsers class StreamParser def initialize source, listener @listener = listener @parser = BaseParser.new( source ) end def add_listener( listener ) @parser.add_listener( listener ) end def parse # entity string while true event = @parser.pull case event[0] when :end_document return when :start_element attrs = event[2].each do |n, v| event[2][n] = @parser.unnormalize( v ) end @listener.tag_start( event[1], attrs ) when :end_element @listener.tag_end( event[1] ) when :text normalized = @parser.unnormalize( event[1] ) @listener.text( normalized ) when :processing_instruction @listener.instruction( *event[1,2] ) when :start_doctype @listener.doctype( *event[1..-1] ) when :end_doctype # FIXME: remove this condition for milestone:3.2 @listener.doctype_end if @listener.respond_to? :doctype_end when :comment, :attlistdecl, :cdata, :xmldecl, :elementdecl @listener.send( event[0].to_s, *event[1..-1] ) when :entitydecl, :notationdecl @listener.send( event[0].to_s, event[1..-1] ) when :externalentity entity_reference = event[1] content = entity_reference.gsub(/\A%|;\z/, "") @listener.entity(content) end end end end end end[/CODE]
×
×
  • Create New...