Land #6243, check nil for sock.read
commit
493e476a43
|
@ -32,33 +32,37 @@ class Metasploit3 < Msf::Auxiliary
|
|||
|
||||
connect_udp
|
||||
udp_sock.put(pkt)
|
||||
res = udp_sock.read(1024).split(/\x00/)
|
||||
res = udp_sock.read(1024)
|
||||
|
||||
if (res)
|
||||
report_note(
|
||||
:host => ip,
|
||||
:proto => 'udp',
|
||||
:port => datastore['RPORT'],
|
||||
:type => 'SERVICE_INFO',
|
||||
:data => res[2] + "_" + res[1]
|
||||
)
|
||||
report_service(
|
||||
:host => ip,
|
||||
:port => datastore['RPORT'],
|
||||
:proto => 'udp',
|
||||
:name => "ibm-db2",
|
||||
:info => res[2] + "_" + res[1]
|
||||
)
|
||||
print_status("Host #{ip} node name is " + res[2] + " with a product id of " + res[1] )
|
||||
else
|
||||
unless res
|
||||
print_error("Unable to determine version info for #{ip}")
|
||||
return
|
||||
end
|
||||
|
||||
disconnect_udp
|
||||
res = res.split(/\x00/)
|
||||
|
||||
report_note(
|
||||
:host => ip,
|
||||
:proto => 'udp',
|
||||
:port => datastore['RPORT'],
|
||||
:type => 'SERVICE_INFO',
|
||||
:data => "#{res[2]}_#{res[1]}"
|
||||
)
|
||||
|
||||
report_service(
|
||||
:host => ip,
|
||||
:port => datastore['RPORT'],
|
||||
:proto => 'udp',
|
||||
:name => "ibm-db2",
|
||||
:info => "#{res[2]}_#{res[1]}"
|
||||
)
|
||||
|
||||
print_status("Host #{ip} node name is " + res[2] + " with a product id of " + res[1] )
|
||||
|
||||
rescue ::Rex::ConnectionError
|
||||
rescue ::Errno::EPIPE
|
||||
|
||||
ensure
|
||||
disconnect_udp
|
||||
end
|
||||
|
||||
end
|
||||
|
|
|
@ -71,6 +71,11 @@ class Metasploit3 < Msf::Auxiliary
|
|||
# read the file data from the socket that we opened
|
||||
response_data = sock.read(1024)
|
||||
|
||||
unless response_data
|
||||
print_error("#{file} not found")
|
||||
return
|
||||
end
|
||||
|
||||
if response_data.length == 0
|
||||
print_status("File (#{file_path})from #{peer} is empty...")
|
||||
return
|
||||
|
|
|
@ -70,6 +70,11 @@ class Metasploit3 < Msf::Auxiliary
|
|||
# read the file data from the socket that we opened
|
||||
response_data = sock.read(1024)
|
||||
|
||||
unless response_data
|
||||
print_error("#{file_path} not found")
|
||||
return
|
||||
end
|
||||
|
||||
if response_data.length == 0 or ! (res =~ /^150/ )
|
||||
print_status("File (#{file_path})from #{peer} is empty...")
|
||||
return
|
||||
|
|
|
@ -52,8 +52,8 @@ class Metasploit3 < Msf::Auxiliary
|
|||
else
|
||||
print_error("Unable to determine info for #{ip}...")
|
||||
end
|
||||
ensure
|
||||
disconnect_udp
|
||||
rescue ::Errno::EPIPE, ::Rex::HostUnreachable, ::Rex::ConnectionTimeout, ::Rex::ConnectionRefused
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -42,7 +42,7 @@ class Metasploit3 < Msf::Auxiliary
|
|||
send_packet = tns_packet("(CONNECT_DATA=(COMMAND=service_register_NSGR))")
|
||||
sock.put(send_packet)
|
||||
packet = sock.read(100)
|
||||
find_packet = packet.include? "(ERROR_STACK=(ERROR="
|
||||
find_packet = /\(ERROR_STACK=\(ERROR=/ === packet
|
||||
find_packet == true ? print_error("#{ip}:#{rport} is not vulnerable ") : print_good("#{ip}:#{rport} is vulnerable")
|
||||
# TODO: Module should report_vuln if this finding is solid.
|
||||
rescue ::Rex::ConnectionError, ::Errno::EPIPE
|
||||
|
|
|
@ -109,7 +109,11 @@ class Metasploit4 < Msf::Auxiliary
|
|||
print_good("#{host_port} - Connected to saprouter")
|
||||
print_good("#{host_port} - Sending ROUTER_ADM packet info request")
|
||||
sock.put(ni_packet)
|
||||
packet_len = sock.read(4).unpack('H*')[0].to_i 16
|
||||
sock_res = sock.read(4)
|
||||
unless sock_res
|
||||
fail_with(Failure::Unknown, 'Unable to get the packet length')
|
||||
end
|
||||
packet_len = sock_res.unpack('H*')[0].to_i 16
|
||||
print_good("#{host_port} - Got INFO response")
|
||||
while packet_len !=0
|
||||
count += 1
|
||||
|
|
|
@ -76,6 +76,12 @@ class Metasploit3 < Msf::Post
|
|||
|
||||
while true
|
||||
request = rsock.read(28)
|
||||
|
||||
unless request
|
||||
print_error("No data received")
|
||||
break
|
||||
end
|
||||
|
||||
magic, request, nbd_handle, offset_n, length = request.unpack("NNa8a8N")
|
||||
|
||||
if magic != 0x25609513
|
||||
|
|
|
@ -74,6 +74,12 @@ class Metasploit3 < Msf::Post
|
|||
|
||||
while true
|
||||
request = rsock.read(28)
|
||||
|
||||
unless request
|
||||
print_error("No data received")
|
||||
break
|
||||
end
|
||||
|
||||
magic, request, nbd_handle, offset_n, length = request.unpack("NNa8a8N")
|
||||
|
||||
if magic != 0x25609513
|
||||
|
|
Loading…
Reference in New Issue