From bc6a529388f32cdb28adbba6df6626afd3e8f52d Mon Sep 17 00:00:00 2001
From: Brendan <bwatters@rapid7.com>
Date: Fri, 26 Aug 2016 16:21:54 -0500
Subject: [PATCH] Added some error checking to CredEnuerateA() railgun call

---
 .../gather/credentials/enum_cred_store.rb     | 25 +++++++++++++------
 1 file changed, 18 insertions(+), 7 deletions(-)

diff --git a/modules/post/windows/gather/credentials/enum_cred_store.rb b/modules/post/windows/gather/credentials/enum_cred_store.rb
index cfa9d84987..a0b9658d85 100644
--- a/modules/post/windows/gather/credentials/enum_cred_store.rb
+++ b/modules/post/windows/gather/credentials/enum_cred_store.rb
@@ -178,14 +178,25 @@ class MetasploitModule < Msf::Post
     credentials = []
     #call credenumerate to get the ptr needed
     adv32 = session.railgun.advapi32
-    ret = adv32.CredEnumerateA(nil,0,4,4)
-    p_to_arr = ret["Credentials"].unpack("V")
-    if is_86
-      count = ret["Count"]
-      arr_len = count * 4
+    begin
+      ret = adv32.CredEnumerateA(nil,0,4,4)
+    rescue Rex::Post::Meterpreter::RequestError => e
+      print_error("This module requires WinXP or higher")
+      print_error("CredEnumerateA() failed: #{e.class} #{e}")
+      ret = nil
+    end
+    if ret.nil?
+      count = 0
+      arr_len = 0
     else
-      count = ret["Count"] & 0x00000000ffffffff
-      arr_len = count * 8
+      p_to_arr = ret["Credentials"].unpack("V")
+      if is_86
+        count = ret["Count"]
+        arr_len = count * 4
+      else
+        count = ret["Count"] & 0x00000000ffffffff
+        arr_len = count * 8
+      end
     end
 
     #tell user what's going on