infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fixes #3466 by detecting a second null handle and breaking the loop (happens with likewise servers) 

git-svn-id: file:///home/svn/framework3/trunk@11508 4d416f70-5f16-0410-b530-b9f4589650da
unstable
HD Moore 2011-01-07 19:51:59 +00:00
parent 8e664b2d41
commit e776697f38
1 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
lib/msf/core/exploit/dcerpc_epm.rb
View File

@ -96,7 +96,10 @@ module Exploit::Remote::DCERPC_EPM
# NULL handle to start with
data = [0, 0, 0, 0, 0, 0, 0, 0, 0, 1].pack("V*")
else
# Use the existing handle
# Break the loop early if we get another NULL handle
break if hnd == [0, 0, 0, 0, 1].pack("V*")
# Use the existing handle if we already have one
data = [0, 0, 0, 0, 0].pack("V*") + hnd
end
@ -203,6 +206,9 @@ module Exploit::Remote::DCERPC_EPM
info[:host].gsub!("\x00", '') if info[:host]
res << info
# Handle a buggy response from a Likewise server that can result in a loop otherwise
break if hnd == [0, 0, 0, 0, 0, 0, 0, 0, 0, 1].pack("V*")
end
rescue ::Interrupt