infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Land #10376, Handle connection errors and fail_with in check

GSoC/Meterpreter_Web_Console
Wei Chen 2018-07-26 11:27:02 -05:00
parent 2833330f21 2dff66aacb
commit 98528f256d
No known key found for this signature in database
GPG Key ID: 6E162ED2C01D9AAC
3 changed files with 18 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
lib/msf/core/exploit/http/client.rb
View File

@ -117,6 +117,9 @@ module Exploit::Remote::HttpClient
fail_with(::Msf::Module::Failure::NotFound, err) fail_with(::Msf::Module::Failure::NotFound, err)
end end
end end
elsif info.nil?
err = "The target server did not respond to fingerprinting, use 'set FingerprintCheck false' to disable this check."
fail_with(::Msf::Module::Failure::Unreachable, err)
end end
end end
end end
@ -730,7 +733,7 @@ module Exploit::Remote::HttpClient
{ {
'uri' => uri, 'uri' => uri,
'method' => method 'method' => method
}) }) rescue nil
end end
# Bail if the request did not receive a readable response # Bail if the request did not receive a readable response

14
lib/msf/ui/console/module_command_dispatcher.rb
View File

@ -139,13 +139,20 @@ module ModuleCommandDispatcher
last_rhosts_opt = mod.datastore['RHOSTS'] last_rhosts_opt = mod.datastore['RHOSTS']
mod.datastore['RHOSTS'] = ip_range_arg mod.datastore['RHOSTS'] = ip_range_arg
begin begin
check_multiple(hosts) if hosts.length > 1
check_multiple(hosts)
# Short-circuit check_multiple if it's a single host
else
mod.datastore['RHOST'] = hosts.next_ip
check_simple
end
ensure ensure
# Restore the original rhost if set # Restore the original rhost if set
mod.datastore['RHOST'] = last_rhost_opt mod.datastore['RHOST'] = last_rhost_opt
mod.datastore['RHOSTS'] = last_rhosts_opt mod.datastore['RHOSTS'] = last_rhosts_opt
mod.cleanup mod.cleanup
end end
# XXX: This is basically dead code now that exploits use RHOSTS
else else
# Check a single rhost # Check a single rhost
unless Msf::OptAddress.new('RHOST').valid?(mod.datastore['RHOST']) unless Msf::OptAddress.new('RHOST').valid?(mod.datastore['RHOST'])
@ -243,6 +250,11 @@ module ModuleCommandDispatcher
end end
rescue ::Rex::ConnectionError, ::Rex::ConnectionProxyError, ::Errno::ECONNRESET, ::Errno::EINTR, ::Rex::TimeoutError, ::Timeout::Error => e rescue ::Rex::ConnectionError, ::Rex::ConnectionProxyError, ::Errno::ECONNRESET, ::Errno::EINTR, ::Rex::TimeoutError, ::Timeout::Error => e
# Connection issues while running check should be handled by the module # Connection issues while running check should be handled by the module
print_error("Check failed: #{e.class} #{e}")
elog("#{e.message}\n#{e.backtrace.join("\n")}")
rescue ::Msf::Exploit::Failed => e
# Handle fail_with and other designated exploit failures
print_error("Check failed: #{e.class} #{e}")
elog("#{e.message}\n#{e.backtrace.join("\n")}") elog("#{e.message}\n#{e.backtrace.join("\n")}")
rescue ::RuntimeError => e rescue ::RuntimeError => e
# Some modules raise RuntimeError but we don't necessarily care about those when we run check() # Some modules raise RuntimeError but we don't necessarily care about those when we run check()

2
modules/exploits/unix/misc/distcc_exec.rb
View File

@ -61,7 +61,7 @@ class MetasploitModule < Msf::Exploit::Remote
sock.put("DOTI0000000A#{dtag}\n") sock.put("DOTI0000000A#{dtag}\n")
err, out = read_output err, out = read_output
if out.index(r) if out && out.index(r)
return Exploit::CheckCode::Vulnerable return Exploit::CheckCode::Vulnerable
end end
return Exploit::CheckCode::Safe return Exploit::CheckCode::Safe