Check for nil before using the decoder in test_vulnerable

red0xff · red0xff · commit 88036a7f1fde · 2022-06-08T22:00:03.000+02:00
diff --git a/lib/msf/core/exploit/sqli/mssqli/common.rb b/lib/msf/core/exploit/sqli/mssqli/common.rb
@@ -185,6 +185,7 @@ def test_vulnerable
       query_string = "'#{random_string}'"
       query_string = @encoder[:encode].sub(/\^DATA\^/, query_string) if @encoder
       output = run_sql("select #{query_string}")
+      return false if output.nil?
       (@encoder ? @encoder[:decode].call(output) : output) == random_string
     end
 
diff --git a/lib/msf/core/exploit/sqli/mysqli/common.rb b/lib/msf/core/exploit/sqli/mysqli/common.rb
@@ -200,6 +200,7 @@ def test_vulnerable
       query_string = "'#{random_string}'"
       query_string = @encoder[:encode].sub(/\^DATA\^/, query_string) if @encoder
       output = run_sql("select #{query_string}")
+      return false if output.nil?
       (@encoder ? @encoder[:decode].call(output) : output) == random_string
     end
 
diff --git a/lib/msf/core/exploit/sqli/postgresqli/common.rb b/lib/msf/core/exploit/sqli/postgresqli/common.rb
@@ -192,6 +192,7 @@ def test_vulnerable
       query_string = "'#{random_string}'"
       query_string = @encoder[:encode].sub(/\^DATA\^/, query_string) if @encoder
       output = run_sql("select #{query_string}")
+      return false if output.nil?
       (@encoder ? @encoder[:decode].call(output) : output) == random_string
     end
 
diff --git a/lib/msf/core/exploit/sqli/sqlitei/common.rb b/lib/msf/core/exploit/sqli/sqlitei/common.rb
@@ -146,6 +146,7 @@ def test_vulnerable
       query_string = "'#{random_string}'"
       query_string = @encoder[:encode].sub(/\^DATA\^/, query_string) if @encoder
       output = run_sql("select #{query_string}")
+      return false if output.nil?
       (@encoder ? @encoder[:decode].call(output) : output) == random_string
     end
 
