37 lines
874 B
Plaintext
37 lines
874 B
Plaintext
|
|
|
|
Metasploit Framework v3.0
|
|
Known Bugs
|
|
|
|
|
|
[Payloads]
|
|
* cmd/unix/reverse_bash fails
|
|
- Example: distcc
|
|
|
|
[Exploits]
|
|
* Exploits can crash when a handler sets .sock/.udp_sock to nil
|
|
- Persistent payloads, exploit tries to use nil as a socket
|
|
|
|
* DCERPC calls use a very long default timeout, delaying shell access
|
|
|
|
[msfconsole]
|
|
* Regex errors if unmatched {/[ sequences are tabbed
|
|
- use exploit/[<tab>
|
|
|
|
* The persist command is not functional yet
|
|
* Tab completion stops functioning after meterpreter is loaded
|
|
* Does not load user modules if ~/.msf3/modules is a symlink
|
|
|
|
[msfcli]
|
|
* Load modules from a user-provuided directory path as an argument
|
|
|
|
[msfweb]
|
|
* Exploits are not functional
|
|
* Path information disclosed in stack traces
|
|
|
|
[Auxiliary]
|
|
* Including exploit mixins after auxiliary mixins leads to broken behavior
|
|
|
|
[msfgui]
|
|
* a lot of bugs ...
|