From 441feec3600f8928b0376935df4c60e6d757f1c0 Mon Sep 17 00:00:00 2001 From: David Maloney Date: Fri, 27 Mar 2015 12:31:14 -0500 Subject: [PATCH] fix missing exception handling a few of our http login scanners needed to handle a couple of other exception classes for when network communication errors occur MSP-12389 --- lib/metasploit/framework/login_scanner/chef_webui.rb | 2 +- lib/metasploit/framework/login_scanner/gitlab.rb | 2 +- lib/metasploit/framework/login_scanner/glassfish.rb | 2 +- lib/metasploit/framework/login_scanner/http.rb | 2 +- lib/metasploit/framework/login_scanner/jenkins.rb | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/lib/metasploit/framework/login_scanner/chef_webui.rb b/lib/metasploit/framework/login_scanner/chef_webui.rb index 3431c66a0a..ecdbb3b3c1 100644 --- a/lib/metasploit/framework/login_scanner/chef_webui.rb +++ b/lib/metasploit/framework/login_scanner/chef_webui.rb @@ -29,7 +29,7 @@ module Metasploit begin status = try_login(credential) result_opts.merge!(status) - rescue ::EOFError, Rex::ConnectionError, ::Timeout::Error => e + rescue ::EOFError, Errno::ECONNRESET, Rex::ConnectionError, OpenSSL::SSL::SSLError, ::Timeout::Error => e result_opts.merge!(status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT, proof: e) end diff --git a/lib/metasploit/framework/login_scanner/gitlab.rb b/lib/metasploit/framework/login_scanner/gitlab.rb index 8a3eee5ab4..5091f0effe 100644 --- a/lib/metasploit/framework/login_scanner/gitlab.rb +++ b/lib/metasploit/framework/login_scanner/gitlab.rb @@ -83,7 +83,7 @@ module Metasploit else result_opts.merge!(status: Metasploit::Model::Login::Status::INCORRECT, proof: res) end - rescue ::EOFError, Errno::ETIMEDOUT, Rex::ConnectionError, ::Timeout::Error => e + rescue ::EOFError, Errno::ECONNRESET, Rex::ConnectionError, OpenSSL::SSL::SSLError, ::Timeout::Error => e result_opts.merge!(status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT, proof: e) ensure cli.close diff --git a/lib/metasploit/framework/login_scanner/glassfish.rb b/lib/metasploit/framework/login_scanner/glassfish.rb index 02200d0e74..064a583d9e 100644 --- a/lib/metasploit/framework/login_scanner/glassfish.rb +++ b/lib/metasploit/framework/login_scanner/glassfish.rb @@ -183,7 +183,7 @@ module Metasploit status = try_glassfish_3(credential) result_opts.merge!(status) end - rescue ::EOFError, Rex::ConnectionError, ::Timeout::Error => e + rescue ::EOFError, Errno::ECONNRESET, Rex::ConnectionError, OpenSSL::SSL::SSLError, ::Timeout::Error => e result_opts.merge!(status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT, proof: e) end diff --git a/lib/metasploit/framework/login_scanner/http.rb b/lib/metasploit/framework/login_scanner/http.rb index 11ce0b74ad..f82311655e 100644 --- a/lib/metasploit/framework/login_scanner/http.rb +++ b/lib/metasploit/framework/login_scanner/http.rb @@ -231,7 +231,7 @@ module Metasploit cli.connect req = cli.request_cgi(opts) res = cli.send_recv(req) - rescue ::EOFError, Errno::ETIMEDOUT, Rex::ConnectionError, ::Timeout::Error => e + rescue ::EOFError, Errno::ECONNRESET, Rex::ConnectionError, OpenSSL::SSL::SSLError, ::Timeout::Error => e raise Rex::ConnectionError, e.message ensure cli.close diff --git a/lib/metasploit/framework/login_scanner/jenkins.rb b/lib/metasploit/framework/login_scanner/jenkins.rb index 5117c6e641..fe10d22c3a 100644 --- a/lib/metasploit/framework/login_scanner/jenkins.rb +++ b/lib/metasploit/framework/login_scanner/jenkins.rb @@ -50,7 +50,7 @@ module Metasploit else result_opts.merge!(status: Metasploit::Model::Login::Status::INCORRECT, proof: res) end - rescue ::EOFError, Errno::ETIMEDOUT, Rex::ConnectionError, ::Timeout::Error => e + rescue ::EOFError, Errno::ECONNRESET, Rex::ConnectionError, OpenSSL::SSL::SSLError, ::Timeout::Error => e result_opts.merge!(status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT, proof: e) end Result.new(result_opts)