adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Safer connection store file reading by handling the case where user does not have permissions to read the file.

Browse Source
This commit is contained in:
Quentin Kaiser
2020-11-25 12:33:28 +01:00
parent 26a3342a3d
commit debaa44733
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
modules/post/windows/gather/credentials/pulse_secure.rb
+3 -1
View File
@@ -108,8 +108,10 @@ class MetasploitModule < Msf::Post
if !session.fs.file.exist?(path)
next
end
connstore_file = session.fs.file.open(path) rescue nil
next if connstore_file.nil?
connstore_data = session.fs.file.open(path).read.to_s
connstore_data = connstore_file.read.to_s
matches = connstore_data.scan(/ive "([a-z0-9]*)" {.*?connection-source: "([^"]*)".*?friendly-name: "([^"]*)".*?uri: "([^"]*)".*?}/m)
matches.each do |m|
ives[m[0]] = {}