diff --git a/modules/auxiliary/voip/asterisk_login.rb b/modules/auxiliary/voip/asterisk_login.rb index 9ec6e5625e..57fe89b6a5 100644 --- a/modules/auxiliary/voip/asterisk_login.rb +++ b/modules/auxiliary/voip/asterisk_login.rb @@ -73,7 +73,7 @@ class Metasploit3 < Msf::Auxiliary select(nil,nil,nil,0.4) end sock.put(command) - @result = sock.get_once + @result = sock.get_once || '' rescue ::Exception => err print_error("Error: #{err.to_s}") end diff --git a/modules/exploits/linux/ftp/proftp_telnet_iac.rb b/modules/exploits/linux/ftp/proftp_telnet_iac.rb index c31a958177..4a66140e0c 100644 --- a/modules/exploits/linux/ftp/proftp_telnet_iac.rb +++ b/modules/exploits/linux/ftp/proftp_telnet_iac.rb @@ -278,7 +278,7 @@ class Metasploit3 < Msf::Exploit::Remote def check # NOTE: We don't care if the login failed here... ret = connect - banner = sock.get_once + banner = sock.get_once || '' # We just want the banner to check against our targets.. print_status("FTP Banner: #{banner.strip}") @@ -317,7 +317,7 @@ class Metasploit3 < Msf::Exploit::Remote def exploit connect - banner = sock.get_once + banner = sock.get_once || '' # Use a copy of the target mytarget = target diff --git a/modules/exploits/linux/mysql/mysql_yassl_getname.rb b/modules/exploits/linux/mysql/mysql_yassl_getname.rb index 428a164b31..0115b6833c 100644 --- a/modules/exploits/linux/mysql/mysql_yassl_getname.rb +++ b/modules/exploits/linux/mysql/mysql_yassl_getname.rb @@ -87,7 +87,7 @@ class Metasploit3 < Msf::Exploit::Remote # read the mysql server hello :) version = nil - if (buf = sock.get_once(-1, 5)) + if (buf = sock.get_once(-1, 5) || '') #print_status("\n" + Rex::Text.to_hex_dump(buf)) if (buf =~ /is not allowed to connect/) raise RuntimeError, 'The server refused our connection!' diff --git a/modules/exploits/windows/brightstor/lgserver_multi.rb b/modules/exploits/windows/brightstor/lgserver_multi.rb index 2fe7cbdd86..7aff7a7d09 100644 --- a/modules/exploits/windows/brightstor/lgserver_multi.rb +++ b/modules/exploits/windows/brightstor/lgserver_multi.rb @@ -66,7 +66,7 @@ class Metasploit3 < Msf::Exploit::Remote disconnect - if ( ver =~ /11.1.742/ ) + if ( ver and ver =~ /11.1.742/ ) return Exploit::CheckCode::Vulnerable end diff --git a/modules/exploits/windows/brightstor/lgserver_rxrlogin.rb b/modules/exploits/windows/brightstor/lgserver_rxrlogin.rb index 5e9f055fb0..41a451bdc5 100644 --- a/modules/exploits/windows/brightstor/lgserver_rxrlogin.rb +++ b/modules/exploits/windows/brightstor/lgserver_rxrlogin.rb @@ -65,7 +65,7 @@ class Metasploit3 < Msf::Exploit::Remote disconnect - if ( ver =~ /11.1.742/ ) + if ( ver and ver =~ /11.1.742/ ) return Exploit::CheckCode::Vulnerable end return Exploit::CheckCode::Safe diff --git a/modules/exploits/windows/brightstor/lgserver_rxssetdatagrowthscheduleandfilter.rb b/modules/exploits/windows/brightstor/lgserver_rxssetdatagrowthscheduleandfilter.rb index 6f31135cf3..4bb856dae7 100644 --- a/modules/exploits/windows/brightstor/lgserver_rxssetdatagrowthscheduleandfilter.rb +++ b/modules/exploits/windows/brightstor/lgserver_rxssetdatagrowthscheduleandfilter.rb @@ -65,7 +65,7 @@ class Metasploit3 < Msf::Exploit::Remote disconnect - if ( ver =~ /11.1.742/ ) + if ( ver and ver =~ /11.1.742/ ) return Exploit::CheckCode::Vulnerable end diff --git a/modules/exploits/windows/brightstor/lgserver_rxsuselicenseini.rb b/modules/exploits/windows/brightstor/lgserver_rxsuselicenseini.rb index cacedbd98b..68c6dc0dd4 100644 --- a/modules/exploits/windows/brightstor/lgserver_rxsuselicenseini.rb +++ b/modules/exploits/windows/brightstor/lgserver_rxsuselicenseini.rb @@ -64,7 +64,7 @@ class Metasploit3 < Msf::Exploit::Remote disconnect - if ( ver =~ /11.1.742/ ) + if ( ver and ver =~ /11.1.742/ ) return Exploit::CheckCode::Vulnerable end diff --git a/modules/exploits/windows/iis/ms01_026_dbldecode.rb b/modules/exploits/windows/iis/ms01_026_dbldecode.rb index 707beb0c2c..bb4b815721 100644 --- a/modules/exploits/windows/iis/ms01_026_dbldecode.rb +++ b/modules/exploits/windows/iis/ms01_026_dbldecode.rb @@ -91,8 +91,8 @@ class Metasploit3 < Msf::Exploit::Remote # This isn't exactly awesome, but it seems to work.. begin - headers = sock.get_once(-1, timeout) - body = sock.get_once(-1, timeout) + headers = sock.get_once(-1, timeout) || '' + body = sock.get_once(-1, timeout) || '' rescue ::EOFError # nothing end diff --git a/modules/exploits/windows/license/calicserv_getconfig.rb b/modules/exploits/windows/license/calicserv_getconfig.rb index 8457395884..35700fad07 100644 --- a/modules/exploits/windows/license/calicserv_getconfig.rb +++ b/modules/exploits/windows/license/calicserv_getconfig.rb @@ -77,7 +77,7 @@ class Metasploit3 < Msf::Exploit::Remote connect banner = sock.get_once sock.put("A0 GETCONFIG SELF 0") - res = sock.get_once + res = sock.get_once || '' disconnect if (res =~ /OS\<([^\>]+)/) print_status("CA License Server reports OS: #{$1}") diff --git a/modules/exploits/windows/lotus/domino_icalendar_organizer.rb b/modules/exploits/windows/lotus/domino_icalendar_organizer.rb index 8c9ad9b9b6..04a1e25a4f 100644 --- a/modules/exploits/windows/lotus/domino_icalendar_organizer.rb +++ b/modules/exploits/windows/lotus/domino_icalendar_organizer.rb @@ -98,7 +98,7 @@ class Metasploit3 < Msf::Exploit::Remote def check connect - banner = sock.get_once(-1,5).chomp + banner = (sock.get_once(-1,5) || '').chomp disconnect if banner =~ /Lotus Domino Release 8.5/ @@ -241,7 +241,7 @@ class Metasploit3 < Msf::Exploit::Remote connect # Get SMTP Banner - res = sock.get_once.chomp + res = (sock.get_once || '').chomp print_status("Banner: #{res}") # Check banner before trying the exploit @@ -253,22 +253,22 @@ class Metasploit3 < Msf::Exploit::Remote # Send HELO sock.put(commands[:HELO]) - res = sock.get_once + res = sock.get_once || '' print_status("Received: #{res.chomp}") # Set MAIL FROM sock.put(commands[:FROM]) - res = sock.get_once + res = sock.get_once || '' print_status("Received: #{res.chomp}") # Set RCPT sock.put(commands[:RCPT]) - res = sock.get_once + res = sock.get_once || '' print_status("Received: #{res.chomp}") # Set DATA sock.put(commands[:DATA]) - res = sock.get_once + res = sock.get_once || '' print_status("Received: #{res.chomp}") # Send malicious data @@ -277,7 +277,7 @@ class Metasploit3 < Msf::Exploit::Remote # QUIT sock.put(commands[:QUIT]) - res = sock.get_once + res = sock.get_once || '' print_status("Received: #{res.chomp}") handler diff --git a/modules/exploits/windows/lotus/domino_sametime_stmux.rb b/modules/exploits/windows/lotus/domino_sametime_stmux.rb index 0575e3e5bf..4a70e0bd7d 100644 --- a/modules/exploits/windows/lotus/domino_sametime_stmux.rb +++ b/modules/exploits/windows/lotus/domino_sametime_stmux.rb @@ -74,7 +74,7 @@ class Metasploit3 < Msf::Exploit::Remote req << "User-Agent: Sametime Community Agent\r\n" req << "Host: #{datastore['RHOST']}:#{datastore['RPORT']}\r\n" sock.put(req) - res = sock.get_once(-1,3) + res = sock.get_once(-1,3) || '' disconnect @@ -85,7 +85,7 @@ class Metasploit3 < Msf::Exploit::Remote req << "User-Agent: Sametime Community Agent\r\n" req << "Host: #{datastore['RHOST']}:#{datastore['RPORT']}\r\n" sock.put(req) - res = sock.get_once(-1,3) + res = sock.get_once(-1,3) || '' disconnect diff --git a/modules/exploits/windows/pop3/seattlelab_pass.rb b/modules/exploits/windows/pop3/seattlelab_pass.rb index 014ae88951..bcefab085e 100644 --- a/modules/exploits/windows/pop3/seattlelab_pass.rb +++ b/modules/exploits/windows/pop3/seattlelab_pass.rb @@ -88,7 +88,7 @@ class Metasploit3 < Msf::Exploit::Remote print_status("Trying #{target.name} using jmp esp at #{"%.8x" % target.ret}") - banner = sock.get_once + banner = sock.get_once || '' if banner !~ /^\+OK POP3 server (.*) ready/ print_error("POP3 server does not appear to be running") return diff --git a/modules/exploits/windows/proxy/ccproxy_telnet_ping.rb b/modules/exploits/windows/proxy/ccproxy_telnet_ping.rb index 94bec916bc..1b8f62d878 100644 --- a/modules/exploits/windows/proxy/ccproxy_telnet_ping.rb +++ b/modules/exploits/windows/proxy/ccproxy_telnet_ping.rb @@ -65,7 +65,7 @@ class Metasploit3 < Msf::Exploit::Remote def check connect - banner = sock.get_once(-1,3) + banner = sock.get_once(-1,3) || '' disconnect if (banner =~ /CCProxy Telnet Service Ready/) diff --git a/modules/exploits/windows/proxy/qbik_wingate_wwwproxy.rb b/modules/exploits/windows/proxy/qbik_wingate_wwwproxy.rb index 586dab040e..a1e99a62dd 100644 --- a/modules/exploits/windows/proxy/qbik_wingate_wwwproxy.rb +++ b/modules/exploits/windows/proxy/qbik_wingate_wwwproxy.rb @@ -63,7 +63,7 @@ class Metasploit3 < Msf::Exploit::Remote def check connect sock.put("GET /\r\n\r\n") # Malformed request to get proxy info - banner = sock.get_once + banner = sock.get_once || '' if (banner =~ /Server:\sWinGate\s6.1.1\s\(Build 1077\)/) return Exploit::CheckCode::Vulnerable end diff --git a/modules/exploits/windows/scada/procyon_core_server.rb b/modules/exploits/windows/scada/procyon_core_server.rb index 075bf03df1..df6b4ef591 100644 --- a/modules/exploits/windows/scada/procyon_core_server.rb +++ b/modules/exploits/windows/scada/procyon_core_server.rb @@ -76,8 +76,8 @@ class Metasploit3 < Msf::Exploit::Remote def check connect - res = sock.get_once.chomp #This gives us string "----------------------------" - res = sock.get_once.chomp #This gives us the actual software version + res = (sock.get_once || '').chomp #This gives us string "----------------------------" + res = (sock.get_once || '').chomp #This gives us the actual software version disconnect if res =~ /Core Command Interface V1\.(.*)2/ diff --git a/modules/exploits/windows/smtp/mailcarrier_smtp_ehlo.rb b/modules/exploits/windows/smtp/mailcarrier_smtp_ehlo.rb index 5b6733ecb8..cfbf6bbdad 100644 --- a/modules/exploits/windows/smtp/mailcarrier_smtp_ehlo.rb +++ b/modules/exploits/windows/smtp/mailcarrier_smtp_ehlo.rb @@ -65,7 +65,7 @@ class Metasploit3 < Msf::Exploit::Remote def check connect - banner = sock.get_once(-1,3) + banner = sock.get_once(-1,3) || '' disconnect if (banner =~ /ESMTP TABS Mail Server for Windows NT/) diff --git a/modules/exploits/windows/smtp/ms03_046_exchange2000_xexch50.rb b/modules/exploits/windows/smtp/ms03_046_exchange2000_xexch50.rb index 9f94e36742..ae6e2a2118 100644 --- a/modules/exploits/windows/smtp/ms03_046_exchange2000_xexch50.rb +++ b/modules/exploits/windows/smtp/ms03_046_exchange2000_xexch50.rb @@ -71,7 +71,7 @@ class Metasploit3 < Msf::Exploit::Remote def check connect - banner = sock.get_once + banner = sock.get_once || '' if (banner !~ /Microsoft/) print_status("Target does not appear to be an Exchange server.") @@ -79,20 +79,20 @@ class Metasploit3 < Msf::Exploit::Remote end sock.put("EHLO #{Rex::Text.rand_text_alpha(1)}\r\n") - res = sock.get_once + res = sock.get_once || '' if (res !~ /XEXCH50/) print_status("Target does not appear to be an Exchange server.") return Exploit::CheckCode::Safe end sock.put("MAIL FROM: #{datastore['MAILFROM']}\r\n") - res = sock.get_once + res = sock.get_once || '' if (res =~ /Sender OK/) sock.put("RCPT TO: #{datastore['MAILTO']}\r\n") - res = sock.get_once + res = sock.get_once || '' if (res =~ /250/) sock.put("XEXCH50 2 2\r\n") - res = sock.get_once + res = sock.get_once || '' if (res !~ /Send binary data/) print_error("Target has been patched!") return Exploit::CheckCode::Detected @@ -110,7 +110,7 @@ class Metasploit3 < Msf::Exploit::Remote connect select(nil,nil,nil,1) - banner = sock.get_once + banner = sock.get_once || '' print_status("Connected to SMTP server: #{banner.to_s}") if (banner !~ /Microsoft/) @@ -121,7 +121,7 @@ class Metasploit3 < Msf::Exploit::Remote select(nil,nil,nil,5) sock.put("EHLO X\r\n") select(nil,nil,nil,7) - res = sock.get_once + res = sock.get_once || '' if (res !~ /XEXCH50/) print_status("Target is not running Exchange.") @@ -187,7 +187,7 @@ class Metasploit3 < Msf::Exploit::Remote sock.put("XEXCH50 -1 2\r\n") # Allocate negative value select(nil,nil,nil,2) - res = sock.get_once + res = sock.get_once || '' if (!res) print_error("Error - no response") diff --git a/modules/exploits/windows/ssh/sysax_ssh_username.rb b/modules/exploits/windows/ssh/sysax_ssh_username.rb index 47cf6a02f2..30e489678c 100644 --- a/modules/exploits/windows/ssh/sysax_ssh_username.rb +++ b/modules/exploits/windows/ssh/sysax_ssh_username.rb @@ -75,7 +75,7 @@ class Metasploit3 < Msf::Exploit::Remote def check begin connect - banner = sock.get_once(-1,5) + banner = sock.get_once(-1,5) || '' disconnect if banner =~ /SSH\-2\.0\-SysaxSSH_1\.0/ return Exploit::CheckCode::Vulnerable diff --git a/modules/exploits/windows/telnet/gamsoft_telsrv_username.rb b/modules/exploits/windows/telnet/gamsoft_telsrv_username.rb index 6065b362d8..6edaf84865 100644 --- a/modules/exploits/windows/telnet/gamsoft_telsrv_username.rb +++ b/modules/exploits/windows/telnet/gamsoft_telsrv_username.rb @@ -91,7 +91,7 @@ class Metasploit3 < Msf::Exploit::Remote connect print_status("Attempting to determine if target is vulnerable...") select(nil,nil,nil,7) - banner = sock.get_once(-1,3) + banner = sock.get_once(-1,3) || '' if (banner =~ /TelSrv 1\.5/) return Exploit::CheckCode::Vulnerable diff --git a/modules/exploits/windows/unicenter/cam_log_security.rb b/modules/exploits/windows/unicenter/cam_log_security.rb index 95a81f9a59..6492658b65 100644 --- a/modules/exploits/windows/unicenter/cam_log_security.rb +++ b/modules/exploits/windows/unicenter/cam_log_security.rb @@ -59,7 +59,7 @@ class Metasploit3 < Msf::Exploit::Remote def check connect - ack = sock.get_once + ack = sock.get_once || '' disconnect (ack == "ACK\x00") ? Exploit::CheckCode::Detected : Exploit::CheckCode::Safe