Skip to content

Running the same handler 3 times results in 2 jobs where 1 would be right #19958

New issue
New issue
Open
Open
Running the same handler 3 times results in 2 jobs where 1 would be right#19958
Labels
bug
@fabpiaf

Description

@fabpiaf
fabpiaf
opened on Mar 13, 2025

Steps to reproduce

msfconsole  -x "use exploit/multi/handler; set payload  windows/x64/meterpreter/reverse_https; set LHOST lo; run -j ; sleep 1; run -j; sleep 1; run -j;sleep 3; jobs"

Jobs
====

  Id  Name                    Payload                                Payload opts
  --  ----                    -------                                ------------
  0   Exploit: multi/handler  windows/x64/meterpreter/reverse_https  https://127.0.0.1:8443
  1   Exploit: multi/handler  windows/x64/meterpreter/reverse_https  https://127.0.0.1:8443

Expected behavior

Only the first listener should be listed

Current behavior

2 of 3 listeners are listed

I tracked the problem down to this:

After

[-] Exploit failed: Rex::RuntimeError The supplied resource '/' is already added.

The clean up function is called which in turn calls

metasploit-framework/lib/rex/proto/http/server.rb

Lines 178 to 180 in b228e3b

def remove_resource(name)
self.resources.delete(name)
end

which basically removes only based on /

So, the first run adds / to resources
the second run remove_resource /
and the third run agains adds / to resources

But actually I would expect

metasploit-framework/lib/msf/core/handler/reverse_http.rb

Lines 218 to 230 in b228e3b

self.service = Rex::ServiceManager.start(Rex::Proto::Http::Server,
local_port, ip, ssl?,
{
'Msf' => framework,
'MsfExploit' => self,
},
comm,
(ssl?) ? datastore['HandlerSSLCert'] : nil, nil, nil, datastore['SSLVersion']
)
local_addr = ip
rescue
ex = $!
print_error("Handler failed to bind to #{ip}:#{local_port}")

to fail due to

[-] Handler failed to bind to 0.0.0.0:8443

But this only happens without the sleep 1

Metasploit version

Framework: 6.4.53-dev
Console  : 6.4.53-dev

Additional Information

Module/Datastore

The following global/module datastore, and database setup was configured before the issue occurred:

Collapse 
[framework/ui/console]
ActiveModule=exploit/multi/handler

[multi/handler]
loglevel=3
payload=windows/x64/meterpreter/reverse_https
LHOST=lo
WORKSPACE=
VERBOSE=false
WfsDelay=2
EnableContextEncoding=false
ContextInformationFile=
DisablePayloadHandler=false
ExitOnSession=true
ListenerTimeout=0

Database Configuration

The database contains the following information:

Collapse 
Session Type: postgresql selected, no connection

Framework Configuration

The features are configured as follows:

Collapse
name enabled
wrapped_tables true
fully_interactive_shells false
manager_commands false
metasploit_payload_warnings true
defer_module_loads false
smb_session_type true
postgresql_session_type true
mysql_session_type true
mssql_session_type true
ldap_session_type true
show_successful_logins false
dns true
hierarchical_search_table true
display_module_action true

History

The following commands were ran during the session and before this issue occurred:

Collapse 
0      debug

Framework Errors

The following framework errors occurred before the issue occurred:

Collapse 
[03/13/2025 12:37:40] [e(0)] core: Failed to connect to the database: No database YAML file
[03/13/2025 12:37:43] [e(0)] core: Dependency for windows/encrypted_shell_reverse_tcp is not supported
[03/13/2025 12:37:56] [e(0)] core: Dependency for windows/encrypted_reverse_tcp is not supported
[03/13/2025 12:38:15] [e(0)] core: Exploit failed (multi/handler): Rex::RuntimeError The supplied resource '/' is already added. - Rex::RuntimeError The supplied resource '/' is already added.
[03/13/2025 12:38:24] [e(0)] core: Failed to open history file: /usr/src/metasploit-framework/metasploit-config/history with error: No such file or directory @ rb_sysopen - /usr/src/metasploit-framework/metasploit-config/history

Web Service Errors

The following web service errors occurred before the issue occurred:

Collapse 
msf-ws.log does not exist.

Framework Logs

The following framework logs were recorded before the issue occurred:

Collapse 
[03/13/2025 12:37:40] [e(0)] core: Failed to connect to the database: No database YAML file
[03/13/2025 12:37:43] [e(0)] core: Dependency for windows/encrypted_shell_reverse_tcp is not supported
[03/13/2025 12:37:56] [e(0)] core: Dependency for windows/encrypted_reverse_tcp is not supported
[03/13/2025 12:38:15] [e(0)] core: Exploit failed (multi/handler): Rex::RuntimeError The supplied resource '/' is already added. - Rex::RuntimeError The supplied resource '/' is already added.
[03/13/2025 12:38:24] [e(0)] core: Failed to open history file: /usr/src/metasploit-framework/metasploit-config/history with error: No such file or directory @ rb_sysopen - /usr/src/metasploit-framework/metasploit-config/history

Web Service Logs

The following web service logs were recorded before the issue occurred:

Collapse 
msf-ws.log does not exist.

Version/Install

The versions and install method of your Metasploit setup:

Collapse 
Framework: 6.4.53-dev
Ruby: ruby 3.2.5 (2024-07-26 revision 31d0f1a2e7) [x86_64-linux-musl]
OpenSSL: OpenSSL 3.3.2 3 Sep 2024
Install Root: /usr/src/metasploit-framework
Session Type: postgresql selected, no connection
Install Method: Git Clone

Metadata

Metadata

Assignees

No one assigned

    Labels

    bug

    Type

    No type

    Projects

    Metasploit Kanban

    • Status

      No status

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions