Fix IPv6 issues in staged and stageless

OJ · OJ · commit c83a763150d7 · 2015-04-09T23:33:10.000+10:00
* Stageless payloads weren't adding brackets around IPv6 hosts.
* Staged HTTP handler was using an undefined function to check for IPv6
addresses when host header overriding was disabled.
diff --git a/lib/msf/core/handler/reverse_http.rb b/lib/msf/core/handler/reverse_http.rb
@@ -91,7 +91,7 @@ def listener_uri
   def payload_uri(req)
     if req and req.headers and req.headers['Host'] and not datastore['OverrideRequestHost']
       callback_host = req.headers['Host']
-    elsif ipv6?
+    elsif Rex::Socket.is_ipv6?(datastore['LHOST'])
       callback_host = "[#{datastore['LHOST']}]:#{datastore['LPORT']}"
     else
       callback_host = "#{datastore['LHOST']}:#{datastore['LPORT']}"
diff --git a/lib/msf/core/handler/reverse_http/stageless.rb b/lib/msf/core/handler/reverse_http/stageless.rb
@@ -35,7 +35,9 @@ def generate_stageless(opts={})
       raise ArgumentError, "Stageless generation requires an ssl argument"
     end
 
-    url = "http#{opts[:ssl] ? "s" : ""}://#{datastore['LHOST']}:#{datastore['LPORT']}"
+    host = datastore['LHOST']
+    host = "[#{host}]" if Rex::Socket.is_ipv6?(host)
+    url = "http#{opts[:ssl] ? "s" : ""}://#{host}:#{datastore['LPORT']}"
     url << "#{generate_uri_uuid_mode(:connect)}/"
 
     # invoke the given function to generate the architecture specific payload
