From 4b082a77a86692c528211d3c9995414b75f9bc60 Mon Sep 17 00:00:00 2001
From: James Lee <James_Lee@rapid7.com>
Date: Fri, 21 Nov 2008 05:34:39 +0000
Subject: [PATCH] un-break reverse handler for ipv6

git-svn-id: file:///home/svn/framework3/trunk@5972 4d416f70-5f16-0410-b530-b9f4589650da
---
 lib/msf/core/handler/reverse_tcp.rb | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/lib/msf/core/handler/reverse_tcp.rb b/lib/msf/core/handler/reverse_tcp.rb
index 6a87e1e3fe..0a925b5140 100644
--- a/lib/msf/core/handler/reverse_tcp.rb
+++ b/lib/msf/core/handler/reverse_tcp.rb
@@ -60,7 +60,11 @@ module ReverseTcp
 		ex = false
 		# Switch to IPv6 ANY address if the LHOST is also IPv6
 		addr = Rex::Socket.resolv_nbo(datastore['LHOST'])
-		[ Rex::Socket.addr_ntoa(addr), "0.0.0.0" ].each { |ip|
+		# First attempt to bind LHOST.  If that fails, the user has probably
+		# set LHOST to a gateway for forwarding back through NAT and we need to
+		# bind any address; use the any addr for  LHOST was.
+		any = (addr.length == 4) ? "0.0.0.0" : "::0"
+		[ Rex::Socket.addr_ntoa(addr), any ].each { |ip|
 			begin 
 				print_status("Handler binding to LHOST #{ip}")
 				self.listener_sock = Rex::Socket::TcpServer.create(