infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'nil_res_bug_fixes' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-nil_res_bug_fixes

unstable
jvazquez-r7 2012-10-30 16:18:05 +01:00
parent 5e873d0697 2c4273e478
commit 26808093d8
8 changed files with 15 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
modules/auxiliary/admin/officescan/tmlisten_traversal.rb
View File

@ -51,6 +51,11 @@ class Metasploit3 < Msf::Auxiliary
'method' => 'GET', 'method' => 'GET',
}, 20) }, 20)
if not res
print_error("No response from server")
return
end
http_fingerprint({ :response => res }) http_fingerprint({ :response => res })
if (res.code >= 200) if (res.code >= 200)

2
modules/auxiliary/dos/http/sonicwall_ssl_format.rb
View File

@ -58,7 +58,7 @@ class Metasploit3 < Msf::Auxiliary
'uri' => datastore['URI'] + fmt, 'uri' => datastore['URI'] + fmt,
}) })
if res.code == 200 if res and res.code == 200
res.body.scan(/\<td class\=\"loginError\"\>(.+)XX/ism) res.body.scan(/\<td class\=\"loginError\"\>(.+)XX/ism)
print_status("Information leaked: #{$1}") print_status("Information leaked: #{$1}")
end end

2
modules/auxiliary/scanner/http/ektron_cms400net.rb
View File

@ -67,7 +67,7 @@ class Metasploit3 < Msf::Auxiliary
#Check for HTTP 200 response. #Check for HTTP 200 response.
#Numerous versions and configs make if difficult to further fingerprint. #Numerous versions and configs make if difficult to further fingerprint.
if (res.code == 200) if (res and res.code == 200)
print_status("Ektron CMS400.NET install found at #{target_url} [HTTP 200]") print_status("Ektron CMS400.NET install found at #{target_url} [HTTP 200]")
#Gather __VIEWSTATE and __EVENTVALIDATION from HTTP response. #Gather __VIEWSTATE and __EVENTVALIDATION from HTTP response.

4
modules/auxiliary/scanner/http/sap_businessobjects_user_brute.rb
View File

@ -89,8 +89,8 @@ class Metasploit3 < Msf::Auxiliary
'Content-Type' => 'text/xml; charset=UTF-8', 'Content-Type' => 'text/xml; charset=UTF-8',
} }
}, 45) }, 45)
return :abort if (res.code == 404) return :abort if (!res or (res and res.code == 404))
success = true if(res.body.match(/SessionInfo/i)) success = true if(res and res.body.match(/SessionInfo/i))
success success
rescue ::Rex::ConnectionError rescue ::Rex::ConnectionError

2
modules/auxiliary/scanner/http/sap_businessobjects_user_brute_web.rb
View File

@ -75,7 +75,7 @@ class Metasploit3 < Msf::Auxiliary
'Accept-Encoding' => "gzip,deflate", 'Accept-Encoding' => "gzip,deflate",
}, },
}, 45) }, 45)
return :abort if (res.code != 200) return :abort if (!res or (res and res.code != 200))
if(res.body.match(/Account Information/i)) if(res.body.match(/Account Information/i))
success = false success = false
else else

4
modules/auxiliary/scanner/http/sap_businessobjects_user_enum.rb
View File

@ -93,8 +93,8 @@ class Metasploit3 < Msf::Auxiliary
}, 45) }, 45)
if res if res
return :abort if (res.code == 404) return :abort if (!res or (res and res.code == 404))
success = true if(res.body.match(/Invalid password/i)) success = true if(res and res.body.match(/Invalid password/i))
success success
else else
vprint_error("[SAP BusinessObjects] No response") vprint_error("[SAP BusinessObjects] No response")

2
modules/auxiliary/scanner/sap/sap_mgmt_con_brute_login.rb
View File

@ -126,6 +126,8 @@ class Metasploit4 < Msf::Auxiliary
} }
}, 45) }, 45)
return if not res
if (res.code != 500 and res.code != 200) if (res.code != 500 and res.code != 200)
return return
else else

2
modules/exploits/unix/webapp/dogfood_spell_exec.rb
View File

@ -70,7 +70,7 @@ class Metasploit3 < Msf::Exploit::Remote
'uri' => datastore['URIPATH'], 'uri' => datastore['URIPATH'],
}, 1) }, 1)
if (res.body =~ /Spell Check complete/) if (res and res.body =~ /Spell Check complete/)
return Exploit::CheckCode::Detected return Exploit::CheckCode::Detected
end end
return Exploit::CheckCode::Safe return Exploit::CheckCode::Safe