Hello,
to be honest, i`m new in kali linux, thus im asking for understanding. Im trying to exploit Oracle database with metasploit module "oracle_login" and it ends with following statement
msf auxiliary(oracle_login) > run
[*] Nmap: Setting up credential file...
[*] Nmap: Starting Oracle bruteforce with 568 credentials against SID 'XE'...
[-] Missing RPORTS
[-] Auxiliary failed: RuntimeError Cannot continue without a valid port list.
[-] Call stack:
[-] /usr/share/metasploit-framework/lib/msf/core/auxiliary/nmap.rb:162:in `nmap_add_ports'
[-] /usr/share/metasploit-framework/lib/msf/core/auxiliary/nmap.rb:48:in `set_nmap_cmd'
[-] /usr/share/metasploit-framework/lib/msf/core/auxiliary/nmap.rb:91:in `nmap_run'
[-] /usr/share/metasploit-framework/modules/auxiliary/scanner/oracle/oracle_login.rb:62:in `run'
[*] Auxiliary module execution completed
msf auxiliary(oracle_login) > set SID ncia11
SID => ncia11
msf auxiliary(oracle_login) > set RPORTS 1521
RPORTS => 1521
msf auxiliary(oracle_login) > run
[*] Nmap: Setting up credential file...
[*] Nmap: Starting Oracle bruteforce with 568 credentials against SID 'ncia11'...
[*] Using RPORTS range 1521
[*] Nmap: Starting nmap with pid 1514
[*] Nmap: 'Warning: The -P0 option is deprecated. Please use -Pn'
[*] Nmap: Starting Nmap 7.40 ( https://nmap.org ) at 2017-04-18 11:35 CEST
[*] Nmap: NSE: Loaded 1 scripts for scanning.
[*] Nmap: NSE: Script Pre-scanning.
[*] Nmap: Initiating NSE at 11:35
[*] Nmap: Completed NSE at 11:35, 0.00s elapsed
[*] Nmap: Initiating ARP Ping Scan at 11:35
[*] Nmap: Scanning 192.168.137.148 [1 port]
[*] Nmap: Completed ARP Ping Scan at 11:35, 0.02s elapsed (1 total hosts)
[*] Nmap: Initiating SYN Stealth Scan at 11:35
[*] Nmap: Scanning 192.168.137.148 [1 port]
[*] Nmap: Discovered open port 1521/tcp on 192.168.137.148
[*] Nmap: Completed SYN Stealth Scan at 11:35, 0.00s elapsed (1 total ports)
[*] Nmap: NSE: Script scanning 192.168.137.148.
[*] Nmap: Initiating NSE at 11:35
[*] Nmap: Completed NSE at 11:35, 0.04s elapsed
[*] Nmap: Nmap scan report for 192.168.137.148
[*] Nmap: Host is up (0.0033s latency).
[*] Nmap: PORT STATE SERVICE
[*] Nmap: 1521/tcp open oracle
[*] Nmap: MAC Address: 00:15:5D:6E:63:11 (Microsoft)
[*] Nmap: NSE: Script Post-scanning.
[*] Nmap: Initiating NSE at 11:35
[*] Nmap: Completed NSE at 11:35, 0.00s elapsed
[*] Nmap: Read data files from: /usr/bin/../share/nmap
[*] Nmap: Nmap done: 1 IP address (1 host up) scanned in 0.65 seconds
[*] Nmap: Raw packets sent: 2 (72B) | Rcvd: 2 (72B)
[-] Auxiliary failed: NoMethodError undefined method `doctype' for #<Rex::Parser::NmapXMLStreamParser:0x0055cabb8f8988>
[-] Call stack:
[-] /usr/lib/ruby/2.3.0/rexml/parsers/streamparser.rb:36:in `parse'
[-] /usr/lib/ruby/2.3.0/rexml/document.rb:242:in `parse_stream'
[-] /usr/share/metasploit-framework/lib/msf/core/auxiliary/nmap.rb:262:in `nmap_hosts'
[-] /usr/share/metasploit-framework/modules/auxiliary/scanner/oracle/oracle_login.rb:65:in `run'
[*] Auxiliary module execution completed
[/CODE]
I have set RHOST, correct RPORTS and correct SID for the database (which is located at 192.168.137.148).
[B]uname -a[/B]
[CODE]
uname -a
Linux kali 4.9.0-kali3-amd64 #1 SMP Debian 4.9.18-1kali1 (2017-04-04) x86_64 GNU/Linux
[/CODE]
[B]lsb_release -a
[/B][CODE]lsb_release -a
No LSB modules are available.
Distributor ID: Kali
Description: Kali GNU/Linux Rolling
Release: kali-rolling
Codename: kali-rolling
[/CODE]
[B]ifconfig
[/B][CODE]ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.137.105 netmask 255.255.255.0 broadcast 192.168.137.255
inet6 fe80::ed6a:6174:2190:25d5 prefixlen 64 scopeid 0x20<link>
ether 00:15:5d:6e:63:1d txqueuelen 1000 (Ethernet)
RX packets 9810 bytes 10043669 (9.5 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 7180 bytes 798373 (779.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[/CODE]
[B]metasploit version
[/B]metasploit v4.14.10-dev
Does anybody know what does it mean "undefined method 'doctype'?
streamparser.rb code
[CODE]# frozen_string_literal: false
require "rexml/parsers/baseparser"
module REXML
module Parsers
class StreamParser
def initialize source, listener
@listener = listener
@parser = BaseParser.new( source )
end
def add_listener( listener )
@parser.add_listener( listener )
end
def parse
# entity string
while true
event = @parser.pull
case event[0]
when :end_document
return
when :start_element
attrs = event[2].each do |n, v|
event[2][n] = @parser.unnormalize( v )
end
@listener.tag_start( event[1], attrs )
when :end_element
@listener.tag_end( event[1] )
when :text
normalized = @parser.unnormalize( event[1] )
@listener.text( normalized )
when :processing_instruction
@listener.instruction( *event[1,2] )
when :start_doctype
@listener.doctype( *event[1..-1] )
when :end_doctype
# FIXME: remove this condition for milestone:3.2
@listener.doctype_end if @listener.respond_to? :doctype_end
when :comment, :attlistdecl, :cdata, :xmldecl, :elementdecl
@listener.send( event[0].to_s, *event[1..-1] )
when :entitydecl, :notationdecl
@listener.send( event[0].to_s, event[1..-1] )
when :externalentity
entity_reference = event[1]
content = entity_reference.gsub(/\A%|;\z/, "")
@listener.entity(content)
end
end
end
end
end
end[/CODE]