infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix #7463, check nil return value when using redis_command 

Fix #7463
bug/bundler_fix
wchen-r7 2016-11-21 15:52:12 -06:00
parent 6f8660f345
commit 83a3a4e348
1 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
modules/auxiliary/scanner/redis/file_upload.rb
View File

@ -55,18 +55,18 @@ class MetasploitModule < Msf::Auxiliary
# Get the currently configured dir and dbfilename before we overwrite them; # Get the currently configured dir and dbfilename before we overwrite them;
# we should set them back to their original values after we are done. # we should set them back to their original values after we are done.
# XXX: this is a hack -- we should really parse the responses more correctly # XXX: this is a hack -- we should really parse the responses more correctly
original_dir = redis_command('CONFIG', 'GET', 'dir').split(/\r\n/).last original_dir = (redis_command('CONFIG', 'GET', 'dir') || '').split(/\r\n/).last
original_dbfilename = redis_command('CONFIG', 'GET', 'dbfilename').split(/\r\n/).last original_dbfilename = (redis_command('CONFIG', 'GET', 'dbfilename') || '').split(/\r\n/).last
if datastore['DISABLE_RDBCOMPRESSION'] if datastore['DISABLE_RDBCOMPRESSION']
original_rdbcompression = redis_command('CONFIG', 'GET', 'rdbcompression').split(/\r\n/).last original_rdbcompression = (redis_command('CONFIG', 'GET', 'rdbcompression') || '').split(/\r\n/).last
end end
# set the directory which stores the current redis local store # set the directory which stores the current redis local store
data = redis_command('CONFIG', 'SET', 'dir', dirname) data = redis_command('CONFIG', 'SET', 'dir', dirname) || ''
return unless data.include?('+OK') return unless data.include?('+OK')
# set the file name, relative to the above directory name, that is the redis local store # set the file name, relative to the above directory name, that is the redis local store
data = redis_command('CONFIG', 'SET', 'dbfilename', basename) data = redis_command('CONFIG', 'SET', 'dbfilename', basename) || ''
return unless data.include?('+OK') return unless data.include?('+OK')
# Compression string objects using LZF when dump .rdb databases ? # Compression string objects using LZF when dump .rdb databases ?
@ -75,7 +75,7 @@ class MetasploitModule < Msf::Auxiliary
# the dataset will likely be bigger if you have compressible values or # the dataset will likely be bigger if you have compressible values or
# keys. # keys.
if datastore['DISABLE_RDBCOMPRESSION'] && original_rdbcompression.upcase == 'YES' if datastore['DISABLE_RDBCOMPRESSION'] && original_rdbcompression.upcase == 'YES'
data = redis_command('CONFIG', 'SET', 'rdbcompression', 'no') data = redis_command('CONFIG', 'SET', 'rdbcompression', 'no') || ''
if data.include?('+OK') if data.include?('+OK')
reset_rdbcompression = true reset_rdbcompression = true
else else
@ -85,7 +85,7 @@ class MetasploitModule < Msf::Auxiliary
end end
if datastore['FLUSHALL'] if datastore['FLUSHALL']
data = redis_command('FLUSHALL') data = redis_command('FLUSHALL') || ''
unless data.include?('+OK') unless data.include?('+OK')
print_warning("#{peer} -- failed to flushall(); continuing") print_warning("#{peer} -- failed to flushall(); continuing")
end end
@ -96,9 +96,9 @@ class MetasploitModule < Msf::Auxiliary
# multiline. It also probably doesn't work well if the content isn't # multiline. It also probably doesn't work well if the content isn't
# simple ASCII text # simple ASCII text
key = Rex::Text.rand_text_alpha(32) key = Rex::Text.rand_text_alpha(32)
data = redis_command('SET', key, content) data = redis_command('SET', key, content) || ''
return unless data.include?('+OK') return unless data.include?('+OK')
data = redis_command('SAVE') data = redis_command('SAVE') || ''
if data.include?('+OK') if data.include?('+OK')
print_good("#{peer} -- saved #{content.size} bytes inside of redis DB at #{path}") print_good("#{peer} -- saved #{content.size} bytes inside of redis DB at #{path}")