Using services -p ## -R to populate RHOSTS generates error OptionaValidateError: Invalid option RHOSTS: Unexpected values: file:/tmp/msf-db-rhosts-....

[bfcrmimick]

Steps to reproduce

How'd you do it?

1. I have a small /26 network space scanned using the /aux/scanner/portscan/tcp and it populated the hosts and the services list.
2. Select a scanner, for example, /aux/scanner/http/http_version
3. Select the hosts with the "services -p 80 -R" command to populate the RHOSTS variable
4. "run" to execute

Message shown is "Auxiliary module execution completed" but when we run
5. "set verbose true" and "run" again - now you see the error:
msf auxiliary(scanner/http/http_version) > run
[-] Msf::OptionValidateError The following options failed to validate:
[-] Invalid option RHOSTS: Unexpected values: file:/tmp/msf-db-rhosts-20251230-136055-4d2tun

This section should also tell us any relevant information about the
environment; for example, if an exploit that used to work is failing,
tell us the victim operating system and service versions.

Were you following a specific guide/tutorial or reading documentation?

No, using the methods I have used in the past scans with this process.

Expected behavior

What should happen? - I am expecting to see each host scroll along and the scan data displayed - for this case, each version of the HTTP server is present

Current behavior

What happens instead? - The scan exits early. I cannot find this file in my /tmp folder so I cannot analyze what is in this file. Problem could be that the system is not generating this file.

Metasploit version

Get this with the version command in msfconsole (or git log -1 --pretty=oneline for a source install).
Framework: 6.4.103-dev
Console: 6.4.103-dev

VirtualBox Host running Kali Linux : 6.17.10+kali-amd64
I did attempt to run this on another VM on another computer, and also got the same issue. I have not tried a physical computer at this point.

Additional Information

If your version is less than 5.0.96, please update to the latest version and ensure your issue is still present.

If the issue is encountered within msfconsole, please run the debug command using the instructions below. If the issue is encountered outisde msfconsole, or the issue causes msfconsole to crash on startup, please delete this section.

1. Start msfconsole
2. Run the command set loglevel 3
3. Take the steps necessary recreate your issue
4. Run the debug command
5. Copy all the output below the ===8<=== CUT AND PASTE EVERYTHING BELOW THIS LINE ===8<=== line and make sure to REMOVE ANY SENSITIVE INFORMATION.
6. Replace these instructions and the paragraph above with the output from step 5.

Module/Datastore

The following global/module datastore, and database setup was configured before the issue occurred:

Collapse

[framework/ui/console]
ActiveModule=auxiliary/scanner/http/http_version
ActiveWorkspace=ext2025

[scanner/http/http_version]
RHOSTS=file:/tmp/msf-db-rhosts-20251230-136055-4d2tun
RPORT=443
SSL=true
THREADS=10
VERBOSE=true
loglevel=3
WORKSPACE=
VHOST=
Proxies=
KrbCacheMode=read-write
HTTP::Auth=auto
HTTP::Rhostname=
DomainControllerRhost=
HTTP::Krb5Ccname=
HTTP::KrbOfferedEncryptionTypes=AES256,AES128,RC4-HMAC,DES-CBC-MD5,DES3-CBC-SHA1
UserAgent=Mozilla/5.0 (Macintosh; Intel Mac OS X 14_7_2) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.15
HttpUsername=
HttpPassword=
HttpRawHeaders=
DigestAuthIIS=true
SSLVersion=Auto
FingerprintCheck=true
DOMAIN=WORKSTATION
HttpClientTimeout=
HttpTrace=false
HttpTraceHeadersOnly=false
HttpTraceColors=red/blu
SSLServerNameIndication=
SSLKeyLogFile=
HTTP::uri_encode_mode=hex-normal
HTTP::uri_full_url=false
HTTP::pad_method_uri_count=1
HTTP::pad_uri_version_count=1
HTTP::pad_method_uri_type=space
HTTP::pad_uri_version_type=space
HTTP::method_random_valid=false
HTTP::method_random_invalid=false
HTTP::method_random_case=false
HTTP::version_random_valid=false
HTTP::version_random_invalid=false
HTTP::uri_dir_self_reference=false
HTTP::uri_dir_fake_relative=false
HTTP::uri_use_backslashes=false
HTTP::pad_fake_headers=false
HTTP::pad_fake_headers_count=0
HTTP::pad_get_params=false
HTTP::pad_get_params_count=16
HTTP::pad_post_params=false
HTTP::pad_post_params_count=16
HTTP::shuffle_get_params=false
HTTP::shuffle_post_params=false
HTTP::uri_fake_end=false
HTTP::uri_fake_params_start=false
HTTP::header_folding=false
ShowProgress=true
ShowProgressPercent=10

Database Configuration

The database contains the following information:

Collapse

Session Type: Connected to msf. Connection type: postgresql.

ID	Hosts	Vulnerabilities	Notes	Services
1	0	0	0	0
2	192	0	171	1,166
3 (Current)	21	0	49	68
Total (3)	213	0	220	1,234

Framework Configuration

The features are configured as follows:

Collapse

name	enabled
wrapped_tables	true
fully_interactive_shells	false
manager_commands	false
metasploit_payload_warnings	true
defer_module_loads	true
smb_session_type	true
postgresql_session_type	true
mysql_session_type	true
mssql_session_type	true
ldap_session_type	true
show_successful_logins	false
dns	true
hierarchical_search_table	true
display_module_action	true

History

The following commands were ran during the session and before this issue occurred:

Collapse

201    options
202    use 37
203    options
204    use 38
205    options
206    use 39
207    options
208    use 40
209    use 41
210    options
211    use 42
212    options
213    use 51
214    options
215    use 66
216    options
217    use 67
218    options
219    use 82
220    options
221    search pop
222    search pop3
223    use 0
224    options
225    set srvport 995
226    set ssl true
227    use 2
228    options
229    use 3
230    options
231    use 4
232    options
233    use 5
234    options
235    use 6
236    options
237    use auxiliary/scanner/http/http_version
238    options
239    services -p 443 -R
240    set rport 443
241    set ssl true
242    set threads 10
243    run
244    set verbose true
245    run
246    version
247    options
248    set loglevel 3
249    run
250    debug

Framework Errors

The following framework errors occurred before the issue occurred:

Collapse

[12/30/2025 12:42:41] [e(0)] core: Exploit failed (linux/smtp/exim_gethostbyname_bof) - NameError uninitialized constant Msf::EncodedPayload::PayloadSpaceViolation
[12/30/2025 12:43:41] [e(0)] core: Exploit failed (unix/smtp/exim4_string_format) - Msf::MissingPayloadError A payload has not been selected.
[12/30/2025 12:44:08] [e(0)] core: Auxiliary failed - Errno::ENOENT No such file or directory @ rb_sysopen - /tmp/email_body.txt
[12/30/2025 12:44:49] [e(0)] core: Auxiliary failed - Errno::ENOENT No such file or directory @ rb_sysopen - /tmp/email_body.txt
[12/30/2025 12:45:24] [e(0)] core: Unexpected output running /usr/share/metasploit-framework/modules/exploits/linux/smtp/haraka.py:
Traceback (most recent call last):

[12/30/2025 12:45:24] [e(0)] core: Unexpected output running /usr/share/metasploit-framework/modules/exploits/linux/smtp/haraka.py:
  File "/usr/share/metasploit-framework/modules/exploits/linux/smtp/haraka.py", line 190, in <module>
    module.run(metadata, exploit, soft_check=check_banner)
    ~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/share/metasploit-framework/lib/msf/core/modules/external/python/metasploit/module.py", line 122, in run
    ret = callback(args)
  File "/usr/share/metasploit-framework/modules/exploits/linux/smtp/haraka.py", line 180, in exploit
    send_mail(
    ~~~~~~~~~^
        args["email_to"],
        ^^^^^^^^^^^^^^^^^
    ...<3 lines>...
        int(args["rport"]),
        ^^^^^^^^^^^^^^^^^^^
    )
    ^
  File "/usr/share/metasploit-framework/modules/exploits/linux/smtp/haraka.py", line 108, in send_mail
    resp = s.sendmail(mfrom, to, msg.as_string())
  File "/usr/lib/python3.13/smtplib.py", line 904, in sendmail
    raise SMTPRecipientsRefused(senderrs)
smtplib.SMTPRecipientsRefused: {'admin@localhost': (550, b'5.1.1 <admin@localhost>: Recipient address rejected: User unknown in local recipient table')}

[12/30/2025 13:08:27] [e(0)] core: rhosts walker invalid - NoMethodError undefined method `scan' for nil
[12/30/2025 13:08:49] [e(0)] core: Exploit failed (unix/webapp/squirrelmail_pgp_plugin): NameError uninitialized constant Msf::Modules::Exploit__Unix__Webapp__Squirrelmail_pgp_plugin::MetasploitModule::MessageExtend - NameError uninitialized constant Msf::Modules::Exploit__Unix__Webapp__Squirrelmail_pgp_plugin::MetasploitModule::MessageExtend
[12/30/2025 13:14:44] [e(0)] core: Auxiliary failed - NoMethodError undefined method `rand_text_english' for #<Msf::Modules::Auxiliary__Vsploit__Pii__Email_pii::MetasploitModule:0x00007f429303e3a0>
[12/30/2025 14:45:10] [e(0)] core: Error in stream server server monitor: stream closed in another thread

Call stack:
/usr/share/metasploit-framework/vendor/bundle/ruby/3.3.0/gems/rex-socket-0.1.64/lib/rex/socket/tcp_server.rb:46:in `accept'
/usr/share/metasploit-framework/vendor/bundle/ruby/3.3.0/gems/rex-socket-0.1.64/lib/rex/socket/tcp_server.rb:46:in `accept'
/usr/share/metasploit-framework/vendor/bundle/ruby/3.3.0/gems/rex-socket-0.1.64/lib/rex/socket/ssl_tcp_server.rb:55:in `accept'
/usr/share/metasploit-framework/vendor/bundle/ruby/3.3.0/gems/rex-core-0.1.35/lib/rex/io/stream_server.rb:142:in `monitor_listener'
/usr/share/metasploit-framework/vendor/bundle/ruby/3.3.0/gems/rex-core-0.1.35/lib/rex/io/stream_server.rb:61:in `block in start'
/usr/share/metasploit-framework/lib/rex/thread_factory.rb:22:in `block in spawn'
/usr/share/metasploit-framework/lib/msf/core/thread_manager.rb:105:in `block in spawn'

Web Service Errors

The following web service errors occurred before the issue occurred:

Collapse

msf-ws.log does not exist.

Framework Logs

The following framework logs were recorded before the issue occurred:

Collapse

[12/30/2025 13:07:54] [d(0)] core: Module cmd/unix/python/meterpreter_reverse_https is incompatible with unix/webapp/squirrelmail_pgp_plugin for PayloadType: limiter was cmd cmd_bash
[12/30/2025 13:07:54] [d(0)] core: Module cmd/unix/python/meterpreter_reverse_tcp is incompatible with unix/webapp/squirrelmail_pgp_plugin for PayloadType: limiter was cmd cmd_bash
[12/30/2025 13:07:54] [d(0)] core: Module generic/custom is incompatible with unix/webapp/squirrelmail_pgp_plugin for PayloadType: limiter was cmd cmd_bash
[12/30/2025 13:07:54] [d(0)] core: Module generic/shell_bind_aws_ssm is incompatible with unix/webapp/squirrelmail_pgp_plugin for PayloadType: limiter was cmd cmd_bash
[12/30/2025 13:07:54] [d(0)] core: Module generic/shell_bind_tcp is incompatible with unix/webapp/squirrelmail_pgp_plugin for PayloadType: limiter was cmd cmd_bash
[12/30/2025 13:07:54] [d(0)] core: Module generic/shell_reverse_tcp is incompatible with unix/webapp/squirrelmail_pgp_plugin for PayloadType: limiter was cmd cmd_bash
[12/30/2025 13:08:27] [e(0)] core: rhosts walker invalid - NoMethodError undefined method `scan' for nil
[12/30/2025 13:08:49] [d(0)] core: Module cmd/unix/bind_aws_instance_connect is incompatible with unix/webapp/squirrelmail_pgp_plugin for PayloadType: limiter was cmd cmd_bash
[12/30/2025 13:08:49] [d(0)] core: Module cmd/unix/php/bind_php is incompatible with unix/webapp/squirrelmail_pgp_plugin for RequiredCmd: limiter was generic perl ruby python bash-tcp telnet
[12/30/2025 13:08:49] [d(0)] core: Module cmd/unix/php/bind_php_ipv6 is incompatible with unix/webapp/squirrelmail_pgp_plugin for RequiredCmd: limiter was generic perl ruby python bash-tcp telnet
[12/30/2025 13:08:49] [d(0)] core: Module cmd/unix/php/download_exec is incompatible with unix/webapp/squirrelmail_pgp_plugin for PayloadType: limiter was cmd cmd_bash
[12/30/2025 13:08:49] [d(0)] core: Module cmd/unix/php/exec is incompatible with unix/webapp/squirrelmail_pgp_plugin for PayloadType: limiter was cmd cmd_bash
[12/30/2025 13:08:49] [d(0)] core: Module cmd/unix/php/meterpreter/bind_tcp is incompatible with unix/webapp/squirrelmail_pgp_plugin for PayloadType: limiter was cmd cmd_bash
[12/30/2025 13:08:49] [d(0)] core: Module cmd/unix/php/meterpreter/bind_tcp_ipv6 is incompatible with unix/webapp/squirrelmail_pgp_plugin for PayloadType: limiter was cmd cmd_bash
[12/30/2025 13:08:49] [d(0)] core: Module cmd/unix/php/meterpreter/bind_tcp_ipv6_uuid is incompatible with unix/webapp/squirrelmail_pgp_plugin for PayloadType: limiter was cmd cmd_bash
[12/30/2025 13:08:49] [d(0)] core: Module cmd/unix/php/meterpreter/bind_tcp_uuid is incompatible with unix/webapp/squirrelmail_pgp_plugin for PayloadType: limiter was cmd cmd_bash
[12/30/2025 13:08:49] [d(0)] core: Module cmd/unix/php/meterpreter/reverse_tcp is incompatible with unix/webapp/squirrelmail_pgp_plugin for PayloadType: limiter was cmd cmd_bash
[12/30/2025 13:08:49] [d(0)] core: Module cmd/unix/php/meterpreter/reverse_tcp_uuid is incompatible with unix/webapp/squirrelmail_pgp_plugin for PayloadType: limiter was cmd cmd_bash
[12/30/2025 13:08:49] [d(0)] core: Module cmd/unix/php/meterpreter_reverse_tcp is incompatible with unix/webapp/squirrelmail_pgp_plugin for PayloadType: limiter was cmd cmd_bash
[12/30/2025 13:08:49] [d(0)] core: Module cmd/unix/php/reverse_php is incompatible with unix/webapp/squirrelmail_pgp_plugin for RequiredCmd: limiter was generic perl ruby python bash-tcp telnet
[12/30/2025 13:08:49] [d(0)] core: Module cmd/unix/php/shell_findsock is incompatible with unix/webapp/squirrelmail_pgp_plugin for PayloadType: limiter was cmd cmd_bash
[12/30/2025 13:08:49] [d(0)] core: Module cmd/unix/python/meterpreter/bind_tcp is incompatible with unix/webapp/squirrelmail_pgp_plugin for PayloadType: limiter was cmd cmd_bash
[12/30/2025 13:08:49] [d(0)] core: Module cmd/unix/python/meterpreter/bind_tcp_uuid is incompatible with unix/webapp/squirrelmail_pgp_plugin for PayloadType: limiter was cmd cmd_bash
[12/30/2025 13:08:49] [d(0)] core: Module cmd/unix/python/meterpreter/reverse_http is incompatible with unix/webapp/squirrelmail_pgp_plugin for PayloadType: limiter was cmd cmd_bash
[12/30/2025 13:08:49] [d(0)] core: Module cmd/unix/python/meterpreter/reverse_https is incompatible with unix/webapp/squirrelmail_pgp_plugin for PayloadType: limiter was cmd cmd_bash
[12/30/2025 13:08:49] [d(0)] core: Module cmd/unix/python/meterpreter/reverse_tcp is incompatible with unix/webapp/squirrelmail_pgp_plugin for PayloadType: limiter was cmd cmd_bash
[12/30/2025 13:08:49] [d(0)] core: Module cmd/unix/python/meterpreter/reverse_tcp_ssl is incompatible with unix/webapp/squirrelmail_pgp_plugin for PayloadType: limiter was cmd cmd_bash
[12/30/2025 13:08:49] [d(0)] core: Module cmd/unix/python/meterpreter/reverse_tcp_uuid is incompatible with unix/webapp/squirrelmail_pgp_plugin for PayloadType: limiter was cmd cmd_bash
[12/30/2025 13:08:49] [d(0)] core: Module cmd/unix/python/meterpreter_bind_tcp is incompatible with unix/webapp/squirrelmail_pgp_plugin for PayloadType: limiter was cmd cmd_bash
[12/30/2025 13:08:49] [d(0)] core: Module cmd/unix/python/meterpreter_reverse_http is incompatible with unix/webapp/squirrelmail_pgp_plugin for PayloadType: limiter was cmd cmd_bash
[12/30/2025 13:08:49] [d(0)] core: Module cmd/unix/python/meterpreter_reverse_https is incompatible with unix/webapp/squirrelmail_pgp_plugin for PayloadType: limiter was cmd cmd_bash
[12/30/2025 13:08:49] [d(0)] core: Module cmd/unix/python/meterpreter_reverse_tcp is incompatible with unix/webapp/squirrelmail_pgp_plugin for PayloadType: limiter was cmd cmd_bash
[12/30/2025 13:08:49] [d(0)] core: Module generic/custom is incompatible with unix/webapp/squirrelmail_pgp_plugin for PayloadType: limiter was cmd cmd_bash
[12/30/2025 13:08:49] [d(0)] core: Module generic/shell_bind_aws_ssm is incompatible with unix/webapp/squirrelmail_pgp_plugin for PayloadType: limiter was cmd cmd_bash
[12/30/2025 13:08:49] [d(0)] core: Module generic/shell_bind_tcp is incompatible with unix/webapp/squirrelmail_pgp_plugin for PayloadType: limiter was cmd cmd_bash
[12/30/2025 13:08:49] [d(0)] core: Module generic/shell_reverse_tcp is incompatible with unix/webapp/squirrelmail_pgp_plugin for PayloadType: limiter was cmd cmd_bash
[12/30/2025 13:08:49] [e(0)] core: Exploit failed (unix/webapp/squirrelmail_pgp_plugin): NameError uninitialized constant Msf::Modules::Exploit__Unix__Webapp__Squirrelmail_pgp_plugin::MetasploitModule::MessageExtend - NameError uninitialized constant Msf::Modules::Exploit__Unix__Webapp__Squirrelmail_pgp_plugin::MetasploitModule::MessageExtend
[12/30/2025 13:12:48] [i(0)] core: windows/meterpreter/reverse_tcp: iteration 1: Successfully encoded with encoder x86/shikata_ga_nai (size is 329)
[12/30/2025 13:14:44] [e(0)] core: Auxiliary failed - NoMethodError undefined method `rand_text_english' for #<Msf::Modules::Auxiliary__Vsploit__Pii__Email_pii::MetasploitModule:0x00007f429303e3a0>
[12/30/2025 13:30:34] [i(0)] core: windows/meterpreter/reverse_tcp: iteration 1: Successfully encoded with encoder x86/shikata_ga_nai (size is 381)
[12/30/2025 14:45:10] [e(0)] core: Error in stream server server monitor: stream closed in another thread

Call stack:
/usr/share/metasploit-framework/vendor/bundle/ruby/3.3.0/gems/rex-socket-0.1.64/lib/rex/socket/tcp_server.rb:46:in `accept'
/usr/share/metasploit-framework/vendor/bundle/ruby/3.3.0/gems/rex-socket-0.1.64/lib/rex/socket/tcp_server.rb:46:in `accept'
/usr/share/metasploit-framework/vendor/bundle/ruby/3.3.0/gems/rex-socket-0.1.64/lib/rex/socket/ssl_tcp_server.rb:55:in `accept'
/usr/share/metasploit-framework/vendor/bundle/ruby/3.3.0/gems/rex-core-0.1.35/lib/rex/io/stream_server.rb:142:in `monitor_listener'
/usr/share/metasploit-framework/vendor/bundle/ruby/3.3.0/gems/rex-core-0.1.35/lib/rex/io/stream_server.rb:61:in `block in start'
/usr/share/metasploit-framework/lib/rex/thread_factory.rb:22:in `block in spawn'
/usr/share/metasploit-framework/lib/msf/core/thread_manager.rb:105:in `block in spawn'

Web Service Logs

The following web service logs were recorded before the issue occurred:

Collapse

msf-ws.log does not exist.

Version/Install

The versions and install method of your Metasploit setup:

Collapse

Framework: 6.4.103-dev
Ruby: ruby 3.3.8 (2025-04-09 revision b200bad6cd) [x86_64-linux-gnu]
OpenSSL: OpenSSL 3.5.4 30 Sep 2025
Install Root: /usr/share/metasploit-framework
Session Type: Connected to msf. Connection type: postgresql.
Install Method: Other - Please specify

msf auxiliary(scanner/http/http_version) >

MetaSploit Services List.txt

[bfcrmimick]

After writing this, I attempted to create my own file with just the list of IP addresses (based on the services -p output) and use

set RHOSTS file:/{full path to file} and it would scan correctly:

[] Scanned 2 of 13 hosts (15% complete)
[] Scanned 4 of 13 hosts (30% complete)
/usr/share/metasploit-framework/vendor/bundle/ruby/3.3.0/gems/recog-3.1.25/lib/recog/fingerprint/regexp_factory.rb:34: warning: nested repeat operator '+' and '?' was replaced with '' in regular expression
/usr/share/metasploit-framework/vendor/bundle/ruby/3.3.0/gems/recog-3.1.25/lib/recog/fingerprint/regexp_factory.rb:34: warning: nested repeat operator '+' and '?' was replaced with '' in regular expression
/usr/share/metasploit-framework/vendor/bundle/ruby/3.3.0/gems/recog-3.1.25/lib/recog/fingerprint/regexp_factory.rb:34: warning: nested repeat operator '+' and '?' was replaced with '' in regular expression
[] Scanned 4 of 13 hosts (30% complete)
[+] .215:443 Microsoft-IIS/10.0 ( Powered by ASP.NET, AspNet-Version-4.0.30319, 302-/Login.aspx?ReturnUrl=%2f )
[+] .208:443 Microsoft-IIS/10.0 ( Powered by ASP.NET, AspNet-Version-4.0.30319 )
[+] .243:443 Microsoft-IIS/10.0 ( Powered by ASP.NET, AspNet-Version-4.0.30319, 302-/Login.aspx?ReturnUrl=%2f )
[] Scanned 6 of 13 hosts (46% complete)
[] Scanned 7 of 13 hosts (53% complete)
[+] .214:443 ( 302-/Account/Login?ReturnUrl=%2f )
[+] .247:443 Microsoft-IIS/10.0 ( Powered by ASP.NET, AspNet-Version-4.0.30319 )
[] Scanned 8 of 13 hosts (61% complete)
[+] .233:443 Microsoft-IIS/10.0 ( Powered by ASP.NET )
[] Scanned 10 of 13 hosts (76% complete)
[+] .246:443 Microsoft-IIS/10.0 ( Powered by ASP.NET, AspNet-Version-4.0.30319 )
[+] .250:443 ( Powered by ARR/3.0, ASP.NET, 302-https://216.145.118.250/jsp/authentication/login.jsp )
[] Scanned 11 of 13 hosts (84% complete)
[] Scanned 12 of 13 hosts (92% complete)
[+] .251:443 Microsoft-IIS/10.0 ( Powered by ASP.NET, AspNet-Version-4.0.30319 )
[] Scanned 13 of 13 hosts (100% complete)
[] Auxiliary module execution completed

Potential Conclusion: the services -p 443 -R did not output a file the system could then use to run the scan.

[lucasgates]

I am seeing this as well. Running on the latest Kali.

[rtpt-alexanderneumann]

Likely caused by Ruby 3.3 being much more aggressive with garbage collection.

Here's a patch that I use to restore RHOSTS file generation:

0001-Fix-RHOSTS-tempfile-generation-for-Ruby-3.3.patch

This patch uses Tempfile.create instead of Quickfile, at least for the one instance where files for RHOSTS are generated:

diff --git a/lib/msf/ui/console/command_dispatcher/common.rb b/lib/msf/ui/console/command_dispatcher/common.rb
index e764b89b00..2f12cbe069 100644
--- a/lib/msf/ui/console/command_dispatcher/common.rb
+++ b/lib/msf/ui/console/command_dispatcher/common.rb
@@ -1,6 +1,7 @@
 # -*- coding: binary -*-
 
 require 'rexml/document'
+require 'tempfile'
 
 module Msf
 module Ui
@@ -84,7 +85,7 @@ module Common
     if rhosts.length > 5
       # Lots of hosts makes 'show options' wrap which is difficult to
       # read, store to a temp file
-      rhosts_file = Rex::Quickfile.new("msf-db-rhosts-")
+      rhosts_file = Tempfile.create("msf-db-rhosts-")
       mydatastore['RHOSTS'] = 'file:'+rhosts_file.path
       # create the output file and assign it to the RHOSTS variable
       rhosts_file.write(rhosts.join("\n")+"\n")
-- 

I guess that Ruby 3.3 has much more aggressive garbage collection, and this changed behavior is a result of that.

I can observer that the temp file created with the default constructor (Tempfile.new()) via REX's Quickfile class is almost instantly removed, so at most the first attempt to read from the file (which is opened again using the filename, so there is no internal reference to the object any more) succeeds, and later ones fail. Conveniently, the error messages ("no such file or directory") are not shown at all.

When using the (recommended) Tempfile.create() method without a block to create the tempfile, it stays on the file system unless is it explicitly removed.

This is not ideal, but at least restores functionality.

I suspect that someone with much more Ruby experience can probably fix this generically within Quickfile, so that all other places which use this class behave correctly.