Land rapid7#3700, @ringt fix for oracle_login

jvazquez-r7 · jvazquez-r7 · commit bedbffa3776f · 2015-01-09T22:59:32.000-06:00
* Avoid retrying logins when connection cannot be stablished
diff --git a/modules/auxiliary/admin/oracle/oracle_login.rb b/modules/auxiliary/admin/oracle/oracle_login.rb
@@ -44,27 +44,28 @@ def run
     print_status("Starting brute force on #{datastore['RHOST']}:#{datastore['RPORT']}...")
 
     fd = CSV.foreach(list) do |brute|
+      datastore['DBUSER'] = brute[2].downcase
+      datastore['DBPASS'] = brute[3].downcase
 
-    datastore['DBUSER'] = brute[2].downcase
-    datastore['DBPASS'] = brute[3].downcase
-
-    begin
-      connect
-      disconnect
-    rescue ::OCIError => e
+      begin
+        connect
+        disconnect
+      rescue ::OCIError => e
+        if e.to_s =~ /^ORA-12170:\s/
+          print_error("#{datastore['RHOST']}:#{datastore['RPORT']} Connection timed out")
+          break
+        end
       else
-        if (not e)
-          report_auth_info(
+        report_auth_info(
             :host  => "#{datastore['RHOST']}",
             :port  => "#{datastore['RPORT']}",
             :sname => 'oracle',
             :user  => "#{datastore['SID']}/#{datastore['DBUSER']}",
             :pass  => "#{datastore['DBPASS']}",
             :active => true
-          )
-          print_status("Found user/pass of: #{datastore['DBUSER']}/#{datastore['DBPASS']} on #{datastore['RHOST']} with sid #{datastore['SID']}")
-        end
-    end
+        )
+        print_status("Found user/pass of: #{datastore['DBUSER']}/#{datastore['DBPASS']} on #{datastore['RHOST']} with sid #{datastore['SID']}")
+      end
     end
   end
 end
