View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0007646Kali LinuxGeneral Bugpublic2022-03-29 11:572022-04-15 15:11
Reporteradfoster-r7 Assigned Tosbrun  
PrioritynormalSeverityminorReproducibilityalways
Status resolvedResolutionfixed 
Fixed in Version2022.2 
Summary0007646: Metasploit framework ctrl+z doesn't work with msfdb run on Kali
Description

Using ctrl+z in a Metasploit session backgrounds msfconsole, instead of the currently interacted with session

Steps To Reproduce

Open msfconsole via the msfdb wrapper:

sudo msfdb run

Create a new ncat session:

sudo msfdb run
use cmd/unix/reverse_ncat_ssl
set lhost 127.0.0.1
generate -f raw
to_handler

Trigger the generated payload in a separate tab, and interact with the session:

sessions -i -1

Verify the session works, then run ctrl+z to background the session. Current behavior is backgrounds the msfconsole process:

msf6 payload(cmd/unix/reverse_ncat_ssl) > sessions -i -1
[*] Starting interaction with 1...

whoami 
kali
^Z
[1]  + 2601 suspended  sudo msfdb run

Expected behavior:

Background session 1? [y/N]  y
msf6 payload(cmd/unix/reverse_ncat_ssl) >

Full example:

➜  ~ sudo msfdb run
[sudo] password for kali: 
[i] Database already started

msf6 > use cmd/unix/reverse_ncat_ssl
msf6 payload(cmd/unix/reverse_ncat_ssl) > set lhost 127.0.0.1
lhost => 127.0.0.1
msf6 payload(cmd/unix/reverse_ncat_ssl) > generate -f raw
ncat -e /bin/sh --ssl 127.0.0.1 4444
msf6 payload(cmd/unix/reverse_ncat_ssl) > to_handler
[*] Payload Handler Started as Job 0

[!] You are binding to a loopback address by setting LHOST to 127.0.0.1. Did you want ReverseListenerBindAddress?
msf6 payload(cmd/unix/reverse_ncat_ssl) > [*] Started reverse SSL handler on 127.0.0.1:4444 
[*] Command shell session 1 opened (127.0.0.1:4444 -> 127.0.0.1:46388) at 2022-03-29 07:49:42 -0400

msf6 payload(cmd/unix/reverse_ncat_ssl) > sessions -i -1
[*] Starting interaction with 1...

whoami 
kali
^Z
[1]  + 2601 suspended  sudo msfdb run

➜  ~
Additional Information

Original Metasploit framework issue:
https://github.com/rapid7/metasploit-framework/issues/8860

Metasploit framework fix:
https://github.com/rapid7/metasploit-omnibus/pull/160

Activities

sbrun

sbrun

2022-04-13 13:57

manager   ~0016037

It should be fixed in version 6.1.37-0kali2.
The package will be soon in kali-rolling

Issue History

Date Modified Username Field Change
2022-03-29 11:57 adfoster-r7 New Issue
2022-04-03 18:05 steev Assigned To => sbrun
2022-04-03 18:05 steev Status new => assigned
2022-04-13 13:57 sbrun Note Added: 0016037
2022-04-15 15:11 sbrun Status assigned => resolved
2022-04-15 15:11 sbrun Resolution open => fixed
2022-04-15 15:11 sbrun Fixed in Version => 2022.2