::Errno::EINVAL, disable obfuscation, revoke ms14-064

wchen-r7 · wchen-r7 · commit 50c72125a433 · 2015-02-12T11:54:01.000-06:00
diff --git a/lib/rex/socket.rb b/lib/rex/socket.rb
@@ -735,7 +735,7 @@ def getpeername
     peer_name = nil
     begin
       peer_name = Socket.from_sockaddr(super)
-    rescue ::Exception => e
+    rescue ::Errno::EINVAL => e
       # Ruby's getpeername method may call rb_sys_fail("getpeername(2)")
       elog("#{e.message} (#{e.class})#{e.backtrace * "\n"}\n", 'core', LEV_3)
     end
diff --git a/modules/auxiliary/server/browser_autopwn.rb b/modules/auxiliary/server/browser_autopwn.rb
@@ -236,9 +236,9 @@ def setup
       print_debug("NOTE: Debug Mode; javascript will not be obfuscated")
     else
       pre = Time.now
-      print_status("Obfuscating initial javascript #{pre}")
-      @init_js.obfuscate
-      print_status "Done in #{Time.now - pre} seconds"
+      #print_status("Obfuscating initial javascript #{pre}")
+      #@init_js.obfuscate
+      #print_status "Done in #{Time.now - pre} seconds"
     end
 
     #@init_js << "window.onload = #{@init_js.sym("bodyOnLoad")};";
@@ -826,8 +826,8 @@ def build_script_response(cli, request)
     js << "#{js_debug("'starting exploits (' + global_exploit_list.length + ' total)<br>'")}\n"
     js << "window.next_exploit(0);\n"
 
-    js = ::Rex::Exploitation::JSObfu.new(js)
-    js.obfuscate unless datastore["DEBUG"]
+    #js = ::Rex::Exploitation::JSObfu.new(js)
+    #js.obfuscate unless datastore["DEBUG"]
 
     response.body = "#{js}"
     print_status("Responding with #{sploit_cnt} exploits")
diff --git a/modules/exploits/windows/browser/ms14_064_ole_code_execution.rb b/modules/exploits/windows/browser/ms14_064_ole_code_execution.rb
@@ -11,17 +11,17 @@ class Metasploit4 < Msf::Exploit::Remote
   Rank = ExcellentRanking
 
   include Msf::Exploit::Remote::BrowserExploitServer
-  include Msf::Exploit::Remote::BrowserAutopwn
+  #include Msf::Exploit::Remote::BrowserAutopwn
   include Msf::Exploit::Powershell
 
-  autopwn_info({
-    :ua_name    => HttpClients::IE,
-    :ua_minver  => "3.0",
-    :ua_maxver  => "10.0",
-    :javascript => true,
-    :os_name    => OperatingSystems::Match::WINDOWS,
-    :rank       => ExcellentRanking
-  })
+  #autopwn_info({
+  #  :ua_name    => HttpClients::IE,
+  #  :ua_minver  => "3.0",
+  #  :ua_maxver  => "10.0",
+  #  :javascript => true,
+  #  :os_name    => OperatingSystems::Match::WINDOWS,
+  #  :rank       => ExcellentRanking
+  #})
 
   def initialize(info={})
     super(update_info(info,
