infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Land #6449, properly handle HttpServer resource collisions

bug/bundler_fix
Brent Cook 2016-01-14 12:15:18 -06:00
parent 7e1446d8fa 6a2b4c2530
commit 37178cda06
No known key found for this signature in database
GPG Key ID: 1FFAA0B24B708F96
2 changed files with 17 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/msf/core/exploit/tcp_server.rb
View File

@ -162,10 +162,6 @@ module Exploit::Remote::TcpServer
self.service.stop
end
if service.kind_of?(Rex::Proto::Http::Server)
service.stop
end
self.service = nil
rescue ::Exception
end

17
modules/exploits/multi/misc/java_rmi_server.rb
View File

@ -187,6 +187,23 @@ class Metasploit3 < Msf::Exploit::Remote
end
end
def cleanup
# Normally service termination should not be managed on the module's level, but this is a
# special case.
#
# Originally this special service termination routine was implemented in
# Exploit::Remote::TcpServer#stop_service, but that would actually cause all HttpServers to stop
# if one of them attempts to register a resource that is already taken, which seems to be a
# harsh punishment. This is why the fix is moved here.
#
# See references:
# https://github.com/rapid7/metasploit-framework/pull/4203
# https://github.com/rapid7/metasploit-framework/issues/6445
service.stop if service
super
end
def autofilter
return true
end