#387 Console failing to start due to Metasploit

closed-fixed
nobody
None
2
2011-07-04
2011-07-03
Miguel Gesteiro
No

My machine is a Windows 7 Ultimate x64 (Spanish) and whenever I try to execute "Console.exe" (v.2.0.b147 beta-x64) I get this error message: "Unable to start a %BASE%\ruby\bin\ruby.exe msfconsole %MSFCONSOLE_OPTS%!" and the application fails to start. Console.exe is not able to create a "cmd.exe" proccess as it did on a VM I tried without a problem.

I have once installed Metasploit on this machine, but at the time running the console.exe it is not installed (it was removed early ago).
I searched for any "Metasploit" "rapid7" or "console" string on the register and environment (PATH, etc.) and found nothing related. I didn't find any related file on the hard drive also.

I tried to take a look at the source code but without much success (long time ago my VisualC days...). I was trying to look where or how the "cmd.exe" proccess is created (maybe you could explaing it so I can help on this).

If you need more information or details, just ask!

thanks!

Discussion

  • Dialog error before failing to start

     
  • Kirill
    Kirill
    2011-07-04

    • priority: 5 --> 2
    • status: open --> pending-invalid
     
  • Kirill
    Kirill
    2011-07-04

    In the simplest case with x64 version, you want ruby.exe to be x64. The official 147 supports running 32-bit shells in 64-bit console, but sometimes the mechanism fails due to complexities with inter-architecture injection.

    You can also try to have a shell with hard-coded values instead of environment variables. If this works, you can start investigating what's wrong with those variables (e.g. they're actually not present in Console when you try to open the tab; or expanded command line is pointing to a non-existing exe).

    If you don't have access to settings - because your ruby tab is the first one and you don't have any other tab - you may need to download default console.xml and delete %appdata%\console\console.xml.

    A tab's process is created by ConsoleHandler::StartShellProcess.

     
    • status: pending-invalid --> open-fixed
     
  • akirrill gave me the final clue with his comment: "... you may need to download default console.xml and delete %appdata%\console\console.xml."

    After deleting the file, everything works properly :) I suposse that metasploit is using your console and that, during the uninstall proccess, this file was not removed (it shouldn't). No other shell was configured in the file and that's why the application didn't even started.

    Maybe you should take this situation into account: if console is not able to start any of the configured shells, try to search and start the default one (cmd.exe). Just an idea.

    thanks!

     
  • Kirill
    Kirill
    2011-07-04

    • status: open-fixed --> closed-fixed