From e15840f8dbde79bc2bb293fe7df5e90f007fc4a1 Mon Sep 17 00:00:00 2001
From: Tom Sellers <tom@fadedcode.net>
Date: Tue, 4 Jun 2019 08:36:58 -0500
Subject: [PATCH] Add nil check for quick response

---
 modules/auxiliary/scanner/rdp/cve_2019_0708_bluekeep.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/auxiliary/scanner/rdp/cve_2019_0708_bluekeep.rb b/modules/auxiliary/scanner/rdp/cve_2019_0708_bluekeep.rb
index dc149ea3ea..bdf00d03c9 100644
--- a/modules/auxiliary/scanner/rdp/cve_2019_0708_bluekeep.rb
+++ b/modules/auxiliary/scanner/rdp/cve_2019_0708_bluekeep.rb
@@ -182,7 +182,7 @@ class MetasploitModule < Msf::Auxiliary
 
       # Quick check for the Ultimatum PDU
       res = sock.get_once(-1, 1)
-      return Exploit::CheckCode::Vulnerable if res.include?(["0300000902f0802180"].pack("H*"))
+      return Exploit::CheckCode::Vulnerable if res && res.include?(["0300000902f0802180"].pack("H*"))
 
       # Slow check for Ultimatum PDU. If it doesn't respond in a timely
       # manner then the host is likely patched.