When a Rex::Proto::SMB::Exceptions::InvalidWordCount exception is thrown by this module, it attempts to call the nonexistent method error_reason and throws a NoMethodError:
Auxiliary failed: NoMethodError undefined method `error_reason' for #<Rex::Proto::SMB::Exceptions::InvalidWordCount:0x007f48fcda0e48>
This changes uses the built in method get_error to return an error code.
[-] x.x.x.x:445 SMB - [1/1] - \\Domain - FAILED LOGIN (xxxxxxxx) xxxx : xxxxx [STATUS_WAIT_0]
I used the protocol version from the record layer thinking I was using
the protocol version from the handshake. This commit fix this and uses
the protocol version from the handshake instead of from the record layer
as in https://gist.github.com/rcvalle/10335282, which is how it should
have been initially.
Thanks to @wvu-r7 for finding this out!
The exploit against CVE-2010-0738 won't work when using GET or POST. In the existing code the request would fail and the function would return a nil. This would be passed to detect_platform without being checked and cause the module to crash ungracefully with the error:
Exploit failed: NoMethodError undefined method `body' for nil:NilClass
The first changes detect a 401 authentication message and provide useful feedback. Given that if, in any case, 'res' is not a valid or useful response the second change just terminates processing.
I've stayed with the module's coding style for consistency.
Newer releases of File have a much different output when given a jar
file. Adjust regex per egyp7's suggestion to close bug 8792 on redmine.
Failure/Error: verify_bin_fingerprint(format_hash, bin)
expected: /zip/i
got: "/dev/stdin: Java archive data (JAR)\n" (using =~)
Tested and confirmed working with file 5.17 on Gentoo Linux.
This is a new POST module that allows Windows, Linux, and OSX targets to be geolocated using Google services if the target has an active and functional wireless adapter.
Tod Beardsley
sinn3r
Samuel Huckins
William Vu
Pedro Laguna
Zinterax
lsanchez-r7
Ramon de C Valle
Tom Sellers
Christian Mehlmauer
Trevor Rosen
Spencer McIntyre
JoseMi
Thanat0s
Joe Vennix
kenkeiras
Wiesław Kielas
Rick Farina (Zero_Chaos)
James Lee
Brandon Turner