gate session reported when using bind udp

While this method here is somewhat noisy on the network it eliminates
a poor user experience when the handler is started but the payload is
not yet running on the target.

When a target is sent a udp packet and it is not rejected push down
an initial "echo syn" command that will respond with output.  This
allows framework to be aware that the payload is what is running on
the server port instead of assuming a non-existent target is a valid
session.

Author: jmartin-tech

lib/msf/core/handler/bind_udp.rb

@@ -81,6 +81,9 @@ def start_handler
     # Maximum number of seconds to run the handler
     ctimeout = 150
 
+    # Maximum number of seconds to await initial udp response
+    rtimeout = 5
+
     if (exploit_config and exploit_config['active_timeout'])
       ctimeout = exploit_config['active_timeout'].to_i
     end
@@ -131,7 +134,21 @@ def start_handler
         end
 
         client.extend(Rex::IO::Stream)
-        break if client
+        begin
+          # If a connection was acknowledged, request a basic response before promoting as a session
+          if client
+            message = 'syn'
+            client.write("echo #{message}\n")
+            response = client.get(rtimeout)
+            break if response && response.include?(message)
+            client.close()
+            client = nil
+          end
+        rescue Errno::ECONNREFUSED
+          client.close()
+          client = nil
+          wlog("Connection failed in udp bind handler continuing attempts: #{$!.class} #{$!}")
+        end
 
         # Wait a second before trying again
         Rex::ThreadSafe.sleep(0.5)