Merge branch 'nil_res_bug_fixes' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-nil_res_bug_fixes
commit
26808093d8
|
@ -51,6 +51,11 @@ class Metasploit3 < Msf::Auxiliary
|
|||
'method' => 'GET',
|
||||
}, 20)
|
||||
|
||||
if not res
|
||||
print_error("No response from server")
|
||||
return
|
||||
end
|
||||
|
||||
http_fingerprint({ :response => res })
|
||||
|
||||
if (res.code >= 200)
|
||||
|
|
|
@ -58,7 +58,7 @@ class Metasploit3 < Msf::Auxiliary
|
|||
'uri' => datastore['URI'] + fmt,
|
||||
})
|
||||
|
||||
if res.code == 200
|
||||
if res and res.code == 200
|
||||
res.body.scan(/\<td class\=\"loginError\"\>(.+)XX/ism)
|
||||
print_status("Information leaked: #{$1}")
|
||||
end
|
||||
|
|
|
@ -67,7 +67,7 @@ class Metasploit3 < Msf::Auxiliary
|
|||
|
||||
#Check for HTTP 200 response.
|
||||
#Numerous versions and configs make if difficult to further fingerprint.
|
||||
if (res.code == 200)
|
||||
if (res and res.code == 200)
|
||||
print_status("Ektron CMS400.NET install found at #{target_url} [HTTP 200]")
|
||||
|
||||
#Gather __VIEWSTATE and __EVENTVALIDATION from HTTP response.
|
||||
|
|
|
@ -89,8 +89,8 @@ class Metasploit3 < Msf::Auxiliary
|
|||
'Content-Type' => 'text/xml; charset=UTF-8',
|
||||
}
|
||||
}, 45)
|
||||
return :abort if (res.code == 404)
|
||||
success = true if(res.body.match(/SessionInfo/i))
|
||||
return :abort if (!res or (res and res.code == 404))
|
||||
success = true if(res and res.body.match(/SessionInfo/i))
|
||||
success
|
||||
|
||||
rescue ::Rex::ConnectionError
|
||||
|
|
|
@ -75,7 +75,7 @@ class Metasploit3 < Msf::Auxiliary
|
|||
'Accept-Encoding' => "gzip,deflate",
|
||||
},
|
||||
}, 45)
|
||||
return :abort if (res.code != 200)
|
||||
return :abort if (!res or (res and res.code != 200))
|
||||
if(res.body.match(/Account Information/i))
|
||||
success = false
|
||||
else
|
||||
|
|
|
@ -93,8 +93,8 @@ class Metasploit3 < Msf::Auxiliary
|
|||
}, 45)
|
||||
|
||||
if res
|
||||
return :abort if (res.code == 404)
|
||||
success = true if(res.body.match(/Invalid password/i))
|
||||
return :abort if (!res or (res and res.code == 404))
|
||||
success = true if(res and res.body.match(/Invalid password/i))
|
||||
success
|
||||
else
|
||||
vprint_error("[SAP BusinessObjects] No response")
|
||||
|
|
|
@ -126,6 +126,8 @@ class Metasploit4 < Msf::Auxiliary
|
|||
}
|
||||
}, 45)
|
||||
|
||||
return if not res
|
||||
|
||||
if (res.code != 500 and res.code != 200)
|
||||
return
|
||||
else
|
||||
|
|
|
@ -70,7 +70,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
'uri' => datastore['URIPATH'],
|
||||
}, 1)
|
||||
|
||||
if (res.body =~ /Spell Check complete/)
|
||||
if (res and res.body =~ /Spell Check complete/)
|
||||
return Exploit::CheckCode::Detected
|
||||
end
|
||||
return Exploit::CheckCode::Safe
|
||||
|
|
Loading…
Reference in New Issue