Fix rapid7#6371, being able to report an exception in #job_run_proc

wchen-r7 · wchen-r7 · commit a16a10aaf6ef · 2015-12-22T16:35:29.000-06:00
Fix rapid7#6371 When a browser fails to bind (probably due to an invalid port or server IP), the module actually fails to report this exception from exception, the method calls exploit.handle_exception(e). But since handle_exception is not a valid method for that object, it is unable to do so, and as a result the module fails to properly terminate the module, or show any error on the console. For the user, this will make it look like the module has started, the payload listener is up, but there is no exploit job. Rex::BindFailed actually isn't the only error that could be raised by #job_run_proc. As far as I can tell registering the same resource again could, too. With this patch, the user should be able to see this error too. Since the exploit object does not have access to the methods in Msf::Simple::Exploit, plus there is no other code using handle_exception and setup_fail_detail_from_exception, I decided to move these to lib/msf/core/exploit.rb so they are actually callable.
diff --git a/lib/msf/base/simple/exploit.rb b/lib/msf/base/simple/exploit.rb
@@ -154,90 +154,6 @@ def self.exploit_simple(oexploit, opts, &block)
     nil
   end
 
-
-  def setup_fail_detail_from_exception e
-    # Build a user-friendly error message
-    msg = "#{e}"
-    unless e.class == Msf::Exploit::Failed
-      msg = "#{e.class} #{e}"
-    end
-
-    self.error = e
-
-    # Record the detailed reason
-    self.fail_detail ||= e.to_s
-    msg
-  end
-
-  #
-  # Handle the exception
-  #
-  def handle_exception e
-    msg = setup_fail_detail_from_exception e
-
-    case e
-      when Msf::Exploit::Complete
-        # Nothing to show in this case
-        return
-
-      when Msf::Exploit::Failed
-        self.print_error("Exploit aborted due to failure: #{self.fail_reason}: #{msg}")
-
-        # The caller should have already set self.fail_reason
-        if self.fail_reason == Msf::Exploit::Failure::None
-          self.fail_reason = Msf::Exploit::Failure::Unknown
-        end
-
-      when Rex::ConnectionError
-        self.fail_reason = Msf::Exploit::Failure::Unreachable
-        self.print_error("Exploit failed [#{self.fail_reason}]: #{msg}")
-        elog("Exploit failed (#{self.refname}): #{msg}", 'core', LEV_0)
-        dlog("Call stack:\n#{e.backtrace.join("\n")}", 'core', LEV_3)
-
-      when Timeout::Error
-        self.fail_reason = Msf::Exploit::Failure::TimeoutExpired
-        self.print_error("Exploit failed [#{self.fail_reason}]: #{msg}")
-        elog("Exploit failed (#{self.refname}): #{msg}", 'core', LEV_0)
-        dlog("Call stack:\n#{e.backtrace.join("\n")}", 'core', LEV_3)
-      else
-
-        # Compare as a string since not all error classes may be loaded
-        case msg
-          when /access.denied|Login Failed/i # Covers SMB as well as some generic errors
-            self.fail_reason = Msf::Exploit::Failure::NoAccess
-          when /connection reset/i
-            self.fail_reason = Msf::Exploit::Failure::Disconnected
-          when /connection timed out|SSL_connect|unreachable|connection was refused/i
-            self.fail_reason = Msf::Exploit::Failure::Unreachable
-          when /unable.*target/i
-            self.fail_reason = Msf::Exploit::Failure::NoTarget
-          when /execution expired/i
-            self.fail_reason = Msf::Exploit::Failure::TimeoutExpired
-          when /(doesn.t|not).*vulnerable|may.*patched/i
-            self.fail_reason = Msf::Exploit::Failure::NotVulnerable
-        end
-
-        # The caller should have already set self.fail_reason
-        if self.fail_reason == Msf::Exploit::Failure::None
-          self.fail_reason = Msf::Exploit::Failure::Unknown
-        end
-
-        if self.fail_reason == Msf::Exploit::Failure::Unknown
-          self.print_error("Exploit failed: #{msg}")
-        else
-          self.print_error("Exploit failed [#{self.fail_reason}]: #{msg}")
-        end
-
-        elog("Exploit failed (#{self.refname}): #{msg}", 'core', LEV_0)
-        dlog("Call stack:\n#{e.backtrace.join("\n")}", 'core', LEV_3)
-    end
-
-    # Record the error to various places
-    self.framework.events.on_module_error(self, msg)
-
-    # Report the failure (and attempt) in the database
-    self.report_failure
-  end
   #
   # Calls the class method.
   #
diff --git a/lib/msf/core/exploit.rb b/lib/msf/core/exploit.rb
@@ -1263,6 +1263,96 @@ def fail_with(reason,msg=nil)
     raise Msf::Exploit::Failed, (msg || "No failure message given")
   end
 
+  def setup_fail_detail_from_exception e
+    # Build a user-friendly error message
+    msg = "#{e}"
+    unless e.class == Msf::Exploit::Failed
+      msg = "#{e.class} #{e}"
+    end
+
+    self.error = e
+
+    # Record the detailed reason
+    self.fail_detail ||= e.to_s
+    msg
+  end
+
+  #
+  # Handle the exception
+  #
+  def handle_exception e
+    msg = setup_fail_detail_from_exception e
+
+    case e
+      when Msf::Exploit::Complete
+        # Nothing to show in this case
+        return
+
+      when Msf::Exploit::Failed
+        self.print_error("Exploit aborted due to failure: #{self.fail_reason}: #{msg}")
+
+        # The caller should have already set self.fail_reason
+        if self.fail_reason == Msf::Exploit::Failure::None
+          self.fail_reason = Msf::Exploit::Failure::Unknown
+        end
+
+      when Rex::ConnectionError
+        self.fail_reason = Msf::Exploit::Failure::Unreachable
+        self.print_error("Exploit failed [#{self.fail_reason}]: #{msg}")
+        elog("Exploit failed (#{self.refname}): #{msg}", 'core', LEV_0)
+        dlog("Call stack:\n#{e.backtrace.join("\n")}", 'core', LEV_3)
+
+      when Rex::BindFailed
+        self.fail_reason = Msf::Exploit::Failure::BadConfig
+        self.print_error("Exploit failed [#{self.fail_reason}]: #{msg}")
+        elog("Exploit failed (#{self.refname}): #{msg}", 'core', LEV_0)
+        dlog("Call stack:\n#{e.backtrace.join("\n")}", 'core', LEV_3)
+
+      when Timeout::Error
+        self.fail_reason = Msf::Exploit::Failure::TimeoutExpired
+        self.print_error("Exploit failed [#{self.fail_reason}]: #{msg}")
+        elog("Exploit failed (#{self.refname}): #{msg}", 'core', LEV_0)
+        dlog("Call stack:\n#{e.backtrace.join("\n")}", 'core', LEV_3)
+      else
+
+        # Compare as a string since not all error classes may be loaded
+        case msg
+          when /access.denied|Login Failed/i # Covers SMB as well as some generic errors
+            self.fail_reason = Msf::Exploit::Failure::NoAccess
+          when /connection reset/i
+            self.fail_reason = Msf::Exploit::Failure::Disconnected
+          when /connection timed out|SSL_connect|unreachable|connection was refused/i
+            self.fail_reason = Msf::Exploit::Failure::Unreachable
+          when /unable.*target/i
+            self.fail_reason = Msf::Exploit::Failure::NoTarget
+          when /execution expired/i
+            self.fail_reason = Msf::Exploit::Failure::TimeoutExpired
+          when /(doesn.t|not).*vulnerable|may.*patched/i
+            self.fail_reason = Msf::Exploit::Failure::NotVulnerable
+        end
+
+        # The caller should have already set self.fail_reason
+        if self.fail_reason == Msf::Exploit::Failure::None
+          self.fail_reason = Msf::Exploit::Failure::Unknown
+        end
+
+        if self.fail_reason == Msf::Exploit::Failure::Unknown
+          self.print_error("Exploit failed: #{msg}")
+        else
+          self.print_error("Exploit failed [#{self.fail_reason}]: #{msg}")
+        end
+
+        elog("Exploit failed (#{self.refname}): #{msg}", 'core', LEV_0)
+        dlog("Call stack:\n#{e.backtrace.join("\n")}", 'core', LEV_3)
+    end
+
+    # Record the error to various places
+    self.framework.events.on_module_error(self, msg)
+
+    # Report the failure (and attempt) in the database
+    self.report_failure
+  end
+
   def report_failure
     return unless framework.db and framework.db.active
 
