ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:661)

[xl7dev]

from metasploit.msfrpc import MsfRpcClient client = MsfRpcClient('mypassword') Traceback (most recent call last): File "", line 1, in File "/usr/local/lib/python2.7/site-packages/metasploit/msfrpc.py", line 207, in init self.login(kwargs.get('username', 'msf'), password) File "/usr/local/lib/python2.7/site-packages/metasploit/msfrpc.py", line 309, in login r = self.call(MsfRpcMethod.AuthLogin, username, password) File "/usr/local/lib/python2.7/site-packages/metasploit/msfrpc.py", line 224, in call self.client.request('POST', self.uri, packb(l), self._headers) File "/usr/local/Cellar/python/2.7.13/Frameworks/Python.framework/Versions/2.7/lib/python2.7/httplib.py", line 1042, in request self._send_request(method, url, body, headers) File "/usr/local/Cellar/python/2.7.13/Frameworks/Python.framework/Versions/2.7/lib/python2.7/httplib.py", line 1082, in _send_request self.endheaders(body) File "/usr/local/Cellar/python/2.7.13/Frameworks/Python.framework/Versions/2.7/lib/python2.7/httplib.py", line 1038, in endheaders self._send_output(message_body) File "/usr/local/Cellar/python/2.7.13/Frameworks/Python.framework/Versions/2.7/lib/python2.7/httplib.py", line 882, in _send_output self.send(msg) File "/usr/local/Cellar/python/2.7.13/Frameworks/Python.framework/Versions/2.7/lib/python2.7/httplib.py", line 844, in send self.connect() File "/usr/local/Cellar/python/2.7.13/Frameworks/Python.framework/Versions/2.7/lib/python2.7/httplib.py", line 1263, in connect server_hostname=server_hostname) File "/usr/local/Cellar/python/2.7.13/Frameworks/Python.framework/Versions/2.7/lib/python2.7/ssl.py", line 363, in wrap_socket _context=self) File "/usr/local/Cellar/python/2.7.13/Frameworks/Python.framework/Versions/2.7/lib/python2.7/ssl.py", line 611, in init self.do_handshake() File "/usr/local/Cellar/python/2.7.13/Frameworks/Python.framework/Versions/2.7/lib/python2.7/ssl.py", line 840, in do_handshake self._sslobj.do_handshake() ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:661)

[JohnTroony]

Hey, what's your setup?

[xl7dev]

➜ ~ msfrpcd -P mypassword -n -f -a 127.0.0.1 [] MSGRPC starting on 127.0.0.1:55553 (SSL):Msg... [] MSGRPC ready at 2017-02-01 21:06:57 +0800.

from metasploit.msfrpc import MsfRpcClient client = MsfRpcClient('mypassword')

[benkhlifafahmi]

@xl7dev try the following code

import ssl
try:
    _create_unverified_https_context = ssl._create_unverified_context
except AttributeError:
    pass
else:
    ssl._create_default_https_context = _create_unverified_https_context`

from metasploit.msfrpc import MsfRpcClient
client = MsfRpcClient('mypassword')```

[xl7dev]

@benkhlifafahmi thanks

[devcoinfet]

I tried the above fix and I'm still getting a hang up during the basic enumeration of a exploit module.

[benkhlifafahmi]

@devcoinfet do you get the same error ??? if not please paste the new exception

[devcoinfet]

yes but I have figured it out and am porting my new found working version of msfrpc connection into a tool I'm coding I am no longer using pymetasploit. If you wish to know how to set it up you can respond here with a mail and I'll conact you off pymetasploits page so we don't clutter there issues page with no pymeta support

On Wed, Feb 14, 2018 at 10:18 AM, Ben Khlifa Fahmi <[email protected]

wrote:

@devcoinfet https://github.com/devcoinfet do you get the same error ??? if not please paste the new exception

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/allfro/pymetasploit/issues/10#issuecomment-365697571, or mute the thread https://github.com/notifications/unsubscribe-auth/AhJZgTUoCNnkm2ZVQnEvzQLppRl8_zjdks5tUyOQgaJpZM4Ltn1b .

[benkhlifafahmi]

@devcoinfet yeah i'll be glad if you share your solution via [email protected]

[DanMcInerney]

I'm curious too. [email protected]

[HansDaigle]

Can you send you working version to me as well ? [email protected]

[devcoinfet]

There's a working version in my github

https://github.com/devcoinfet/TheSurg30n

I, was 95% done with this so I released it I believe all that is left is to properly add the nixawk cve in for cisco. I think I forgot to add the rest of the code perhaps otherwise she works well.

On Mon, Apr 9, 2018 at 11:54 AM, Hans Daigle [email protected] wrote:

Can you send you working version to me as well ? [email protected]

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/allfro/pymetasploit/issues/10#issuecomment-379856747, or mute the thread https://github.com/notifications/unsubscribe-auth/AhJZgVg6Rmxzyb6q_6aVmVl21NvFLomAks5tm650gaJpZM4Ltn1b .

[devcoinfet]

As well, make sure you load Metasploit up and the MSGRPC password=abc123

https://gist.github.com/carnal0wnage/5f5f64432738fc25c538

On Mon, Apr 9, 2018 at 6:19 PM, Wabefet Hacker [email protected] wrote:

There's a working version in my github

https://github.com/devcoinfet/TheSurg30n

I, was 95% done with this so I released it I believe all that is left is to properly add the nixawk cve in for cisco. I think I forgot to add the rest of the code perhaps otherwise she works well.

On Mon, Apr 9, 2018 at 11:54 AM, Hans Daigle [email protected] wrote:

Can you send you working version to me as well ? [email protected]

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/allfro/pymetasploit/issues/10#issuecomment-379856747, or mute the thread https://github.com/notifications/unsubscribe-auth/AhJZgVg6Rmxzyb6q_6aVmVl21NvFLomAks5tm650gaJpZM4Ltn1b .