Heartbleed - Add autodetection of XMPP hostname (round 2)

TomSellers · TomSellers · commit 1f3ec46b8a3e · 2014-04-16T08:49:45.000-05:00
Add the ability to scrape the hostname from the XMPP error message when connecting to an XMPP (Jabber) server. This allows the connection to get far enough to negotiate a TLS tunnel with STARTTLS. The manually specified domain, if present, will be used first and then the hostname autodetection will kick in if that fails.

This version addresses issues that FireFart (Thanks!) brought up about code quality and connection reliability.
diff --git a/modules/auxiliary/scanner/ssl/openssl_heartbleed.rb b/modules/auxiliary/scanner/ssl/openssl_heartbleed.rb
@@ -192,29 +192,28 @@ def tls_pop3
     end
     res
   end
-
-  def tls_jabber
+  
+  def jabber_connect_msg(hostname)
     # http://xmpp.org/extensions/xep-0035.html
     msg = "<stream:stream xmlns='jabber:client' "
     msg << "xmlns:stream='http://etherx.jabber.org/streams' "
     msg << "version='1.0' "
-    msg << "to='#{datastore['XMPPDOMAIN']}'>"
-    sock.put(msg)
+    msg << "to='#{hostname}'>"
+  end
+
+  def tls_jabber
+    sock.put( jabber_connect_msg(datastore['XMPPDOMAIN']) )
     res = sock.get
-    if res  && res =~ /host-unknown/
+    if res && res =~ /host-unknown/
       jabber_host = res.match(/ from='([\w.]*)' /)
-      if jabber_host
+      if jabber_host && jabber_host[1]
+        disconnect
         connect
         vprint_status("#{peer} - Connecting with autodetected remote XMPP hostname: #{jabber_host[1]}...")
-        msg = "<stream:stream xmlns='jabber:client' "
-        msg << "xmlns:stream='http://etherx.jabber.org/streams' "
-        msg << "version='1.0' "
-        msg << "to='#{jabber_host[1]}'>"
-        sock.put(msg)
+        sock.put( jabber_connect_msg(jabber_host[1]) )
         res = sock.get
       end
     end
-
     if res.nil? || res =~ /stream:error/ || res !~ /<starttls xmlns=['"]urn:ietf:params:xml:ns:xmpp-tls['"]/
       vprint_error("#{peer} - Jabber host unknown. Please try changing the XMPPDOMAIN option.") if res && res =~ /<host-unknown/
       return nil
@@ -226,6 +225,8 @@ def tls_jabber
     res
   end
 
+
+
   def tls_ftp
     # http://tools.ietf.org/html/rfc4217
     res = sock.get
