Landing #7517 Nexpose API error fix

2016-11-01 12:02:35 -05:00 · 2016-11-01 12:02:35 -05:00 · 51ad285521
parent 6b264ce6c4 4285e4ce15
commit 51ad285521
2 changed files with 27 additions and 1 deletions
--- a/lib/rapid7/nexpose.rb
+++ b/lib/rapid7/nexpose.rb
@ -182,6 +182,25 @@ class APIRequest
      end
    end

+    @res.elements.each('//Failure') do |s|
+
+      # 1.1 returns lower case elements
+      s.elements.each('message') do |m|
+        @error = m.text
+      end
+      s.elements.each('stacktrace') do |m|
+        @trace = m.text
+      end
+
+      # 1.2 returns capitalized elements
+      s.elements.each('Message') do |m|
+        @error = m.text
+      end
+      s.elements.each('Stacktrace') do |m|
+        @trace = m.text
+      end
+    end
+
    # This is a hack to handle corner cases where a heavily loaded Nexpose instance
    # drops our HTTP connection before processing. We try 5 times to establish a
    # connection in these situations. The actual exception occurs in the Ruby
--- a/plugins/nexpose.rb
+++ b/plugins/nexpose.rb
@ -520,7 +520,14 @@ class Plugin::Nexpose < Msf::Plugin
        print_status(" >> Created temporary report configuration ##{report.config_id}") if opt_verbose

        # Run the scan
-        res = site.scanSite()
+        begin
+          res  = site.scanSite()
+        rescue Nexpose::APIError => e
+          nexpose_error_message = e.message
+          nexpose_error_message.gsub!(/NexposeAPI: Action failed: /, '')
+          print_error "#{nexpose_error_message}"
+          return
+        end
        sid = res[:scan_id]

        print_status(" >> Scan has been launched with ID ##{sid}") if opt_verbose