Try to fix Meatballs1 suggestions : optional service_description change call

Author: agix

lib/msf/core/exploit/smb/psexec.rb

@@ -72,7 +72,7 @@ def psexec(command, disconnect=true, service_description=nil)
     end
     servicename = Rex::Text.rand_text_alpha(11)
     displayname = Rex::Text.rand_text_alpha(16)
-    servicedescription = service_description || Rex::Text.rand_text_alpha(rand(32)+1)
+
     svc_handle = nil
     svc_status = nil
     stubdata =
@@ -101,21 +101,20 @@ def psexec(command, disconnect=true, service_description=nil)
       return false
     end
 
-    vprint_status("#{peer} - Changing service description...")
-    stubdata =
-      svc_handle +
-      NDR.long(1) +
-      NDR.long(1) +
-      NDR.long(0x0200) +
-      NDR.long(0x04000200) +
-      NDR.wstring(servicedescription)
-    begin
-      response = dcerpc.call(0x25, stubdata)
-      if (dcerpc.last_response != nil and dcerpc.last_response.stub_data != nil)
+    if service_description
+      vprint_status("#{peer} - Changing service description...")
+      stubdata =
+        svc_handle +
+        NDR.long(1) +
+        NDR.long(1) +
+        NDR.long(0x0200) +
+        NDR.long(0x04000200) +
+        NDR.wstring(service_description)
+      begin
+        response = dcerpc.call(0x25, stubdata)
+      rescue ::Exception => e
+        print_error("#{peer} - Error changing service description : #{e}")
       end
-    rescue ::Exception => e
-      print_error("#{peer} - Error changins service description : #{e}")
-      return false
     end
 
     vprint_status("#{peer} - Starting the service...")

modules/exploits/windows/smb/psexec.rb

@@ -153,7 +153,7 @@ def exploit
       simple.disconnect("ADMIN$")
     else
       servicename = rand_text_alpha(8)
-      servicedescription = datastore['SERVICE_DESCRIPTION'] || rand_text_alpha(rand(32)+1)
+      servicedescription = datastore['SERVICE_DESCRIPTION']
 
       # Upload the shellcode to a file
       print_status("Uploading payload...")