Land #6390, report exceptions on bind/listen failure

2016-01-06 21:44:06 -06:00 · 2016-01-06 21:44:06 -06:00 · eb0b66a4cf
parent 6062d991ec a16a10aaf6
commit eb0b66a4cf
2 changed files with 90 additions and 84 deletions
--- a/lib/msf/base/simple/exploit.rb
+++ b/lib/msf/base/simple/exploit.rb
@ -154,90 +154,6 @@ module Exploit
    nil
  end
  def setup_fail_detail_from_exception e
    # Build a user-friendly error message
    msg = "#{e}"
    unless e.class == Msf::Exploit::Failed
      msg = "#{e.class} #{e}"
    end
    self.error = e
    # Record the detailed reason
    self.fail_detail ||= e.to_s
    msg
  end
  #
  # Handle the exception
  #
  def handle_exception e
    msg = setup_fail_detail_from_exception e
    case e
      when Msf::Exploit::Complete
        # Nothing to show in this case
        return
      when Msf::Exploit::Failed
        self.print_error("Exploit aborted due to failure: #{self.fail_reason}: #{msg}")
        # The caller should have already set self.fail_reason
        if self.fail_reason == Msf::Exploit::Failure::None
          self.fail_reason = Msf::Exploit::Failure::Unknown
        end
      when Rex::ConnectionError
        self.fail_reason = Msf::Exploit::Failure::Unreachable
        self.print_error("Exploit failed [#{self.fail_reason}]: #{msg}")
        elog("Exploit failed (#{self.refname}): #{msg}", 'core', LEV_0)
        dlog("Call stack:\n#{e.backtrace.join("\n")}", 'core', LEV_3)
      when Timeout::Error
        self.fail_reason = Msf::Exploit::Failure::TimeoutExpired
        self.print_error("Exploit failed [#{self.fail_reason}]: #{msg}")
        elog("Exploit failed (#{self.refname}): #{msg}", 'core', LEV_0)
        dlog("Call stack:\n#{e.backtrace.join("\n")}", 'core', LEV_3)
      else
        # Compare as a string since not all error classes may be loaded
        case msg
          when /access.denied|Login Failed/i # Covers SMB as well as some generic errors
            self.fail_reason = Msf::Exploit::Failure::NoAccess
          when /connection reset/i
            self.fail_reason = Msf::Exploit::Failure::Disconnected
          when /connection timed out|SSL_connect|unreachable|connection was refused/i
            self.fail_reason = Msf::Exploit::Failure::Unreachable
          when /unable.*target/i
            self.fail_reason = Msf::Exploit::Failure::NoTarget
          when /execution expired/i
            self.fail_reason = Msf::Exploit::Failure::TimeoutExpired
          when /(doesn.t|not).*vulnerable|may.*patched/i
            self.fail_reason = Msf::Exploit::Failure::NotVulnerable
        end
        # The caller should have already set self.fail_reason
        if self.fail_reason == Msf::Exploit::Failure::None
          self.fail_reason = Msf::Exploit::Failure::Unknown
        end
        if self.fail_reason == Msf::Exploit::Failure::Unknown
          self.print_error("Exploit failed: #{msg}")
        else
          self.print_error("Exploit failed [#{self.fail_reason}]: #{msg}")
        end
        elog("Exploit failed (#{self.refname}): #{msg}", 'core', LEV_0)
        dlog("Call stack:\n#{e.backtrace.join("\n")}", 'core', LEV_3)
    end
    # Record the error to various places
    self.framework.events.on_module_error(self, msg)
    # Report the failure (and attempt) in the database
    self.report_failure
  end
  #
  # Calls the class method.
  #
--- a/lib/msf/core/exploit.rb
+++ b/lib/msf/core/exploit.rb
@ -1263,6 +1263,96 @@ class Exploit < Msf::Module
    raise Msf::Exploit::Failed, (msg || "No failure message given")
  end
  def setup_fail_detail_from_exception e
    # Build a user-friendly error message
    msg = "#{e}"
    unless e.class == Msf::Exploit::Failed
      msg = "#{e.class} #{e}"
    end
    self.error = e
    # Record the detailed reason
    self.fail_detail ||= e.to_s
    msg
  end
  #
  # Handle the exception
  #
  def handle_exception e
    msg = setup_fail_detail_from_exception e
    case e
      when Msf::Exploit::Complete
        # Nothing to show in this case
        return
      when Msf::Exploit::Failed
        self.print_error("Exploit aborted due to failure: #{self.fail_reason}: #{msg}")
        # The caller should have already set self.fail_reason
        if self.fail_reason == Msf::Exploit::Failure::None
          self.fail_reason = Msf::Exploit::Failure::Unknown
        end
      when Rex::ConnectionError
        self.fail_reason = Msf::Exploit::Failure::Unreachable
        self.print_error("Exploit failed [#{self.fail_reason}]: #{msg}")
        elog("Exploit failed (#{self.refname}): #{msg}", 'core', LEV_0)
        dlog("Call stack:\n#{e.backtrace.join("\n")}", 'core', LEV_3)
      when Rex::BindFailed
        self.fail_reason = Msf::Exploit::Failure::BadConfig
        self.print_error("Exploit failed [#{self.fail_reason}]: #{msg}")
        elog("Exploit failed (#{self.refname}): #{msg}", 'core', LEV_0)
        dlog("Call stack:\n#{e.backtrace.join("\n")}", 'core', LEV_3)
      when Timeout::Error
        self.fail_reason = Msf::Exploit::Failure::TimeoutExpired
        self.print_error("Exploit failed [#{self.fail_reason}]: #{msg}")
        elog("Exploit failed (#{self.refname}): #{msg}", 'core', LEV_0)
        dlog("Call stack:\n#{e.backtrace.join("\n")}", 'core', LEV_3)
      else
        # Compare as a string since not all error classes may be loaded
        case msg
          when /access.denied|Login Failed/i # Covers SMB as well as some generic errors
            self.fail_reason = Msf::Exploit::Failure::NoAccess
          when /connection reset/i
            self.fail_reason = Msf::Exploit::Failure::Disconnected
          when /connection timed out|SSL_connect|unreachable|connection was refused/i
            self.fail_reason = Msf::Exploit::Failure::Unreachable
          when /unable.*target/i
            self.fail_reason = Msf::Exploit::Failure::NoTarget
          when /execution expired/i
            self.fail_reason = Msf::Exploit::Failure::TimeoutExpired
          when /(doesn.t|not).*vulnerable|may.*patched/i
            self.fail_reason = Msf::Exploit::Failure::NotVulnerable
        end
        # The caller should have already set self.fail_reason
        if self.fail_reason == Msf::Exploit::Failure::None
          self.fail_reason = Msf::Exploit::Failure::Unknown
        end
        if self.fail_reason == Msf::Exploit::Failure::Unknown
          self.print_error("Exploit failed: #{msg}")
        else
          self.print_error("Exploit failed [#{self.fail_reason}]: #{msg}")
        end
        elog("Exploit failed (#{self.refname}): #{msg}", 'core', LEV_0)
        dlog("Call stack:\n#{e.backtrace.join("\n")}", 'core', LEV_3)
    end
    # Record the error to various places
    self.framework.events.on_module_error(self, msg)
    # Report the failure (and attempt) in the database
    self.report_failure
  end
  def report_failure
    return unless framework.db and framework.db.active