fix buggy handling of partial ingress packet data

busterb · busterb · commit 85b59c87ca27 · 2017-10-27T02:15:08.000-07:00
If we have more data, and the packet parser needs more data, connect the two
together rather than bailing. This fixes reverse_tcp_ssl along with probably a
lot of other higher-latency corner cases.
diff --git a/lib/msf/base/sessions/meterpreter.rb b/lib/msf/base/sessions/meterpreter.rb
@@ -147,9 +147,9 @@ def bootstrap(datastore = {}, handler = nil)
         guid = [SecureRandom.uuid.gsub(/-/, '')].pack('H*')
         session.core.set_session_guid(guid)
         session.session_guid = guid
-        # TODO: New statgeless session, do some account in the DB so we can track it later.
+        # TODO: New stageless session, do some account in the DB so we can track it later.
       else
-        # TODO: This session was either staged or previously known, and so we shold do some accounting here!
+        # TODO: This session was either staged or previously known, and so we should do some accounting here!
       end
 
       unless datastore['AutoLoadStdapi'] == false
diff --git a/lib/rex/post/meterpreter/packet_parser.rb b/lib/rex/post/meterpreter/packet_parser.rb
@@ -30,24 +30,20 @@ def reset
   # Reads data from the wire and parse as much of the packet as possible.
   #
   def recv(sock)
-    bytes_left = self.packet.raw_bytes_required
-
-    if bytes_left > 0
-      raw = sock.read(bytes_left)
-      if raw
+    if self.packet.raw_bytes_required
+      while (raw = sock.read(self.packet.raw_bytes_required))
         self.packet.add_raw(raw)
-      else
-        raise EOFError
+        break if self.packet.raw_bytes_required == 0
       end
     end
 
-    if self.packet.raw_bytes_required == 0
-      packet = self.packet
-      reset
-      return packet
+    if self.packet.raw_bytes_required > 0
+      return nil
     end
 
-    nil
+    packet = self.packet
+    reset
+    packet
   end
 
 protected
