Currently, if you run 'check' on a module that does not have a check
method, it will first complain that you have not set the 'RHOSTS'
option, whether it's an exploit module or a scanner. Then, once you set
RHOSTS (or whatever else it needs), it will then say 'Psych! I didn't
have a method in the first place!'.
This switches that logic around so that it first alerts you that the
module doesn't have support in the first place. It also similarizes more
logic between aux and exploit for some future convergence possibility.
Remove accidental addition of gem
Remove commented out code
Remove commented out code
Remove commented out code
Refactor job tracking code, remove simple framework tests
finish renaming service to job_state_tracker
add missing require and move alias definition
fix private attr declaration
Add rspec tests
Address PR comments
Use let syntax in tests
Finish refactor moving job state tracker
The exception handling in the #exploit_simple method tries to set
error on exploit but exploit is defined within the begin block
causing a noMethodError on nilClass
MS-1608
Fix#6371
When a browser fails to bind (probably due to an invalid port or
server IP), the module actually fails to report this exception from
exception, the method calls exploit.handle_exception(e). But since
handle_exception is not a valid method for that object, it is unable
to do so, and as a result the module fails to properly terminate
the module, or show any error on the console. For the user, this will
make it look like the module has started, the payload listener is up,
but there is no exploit job.
Rex::BindFailed actually isn't the only error that could be raised
by #job_run_proc. As far as I can tell registering the same resource
again could, too. With this patch, the user should be able to see this
error too.
Since the exploit object does not have access to the methods in
Msf::Simple::Exploit, plus there is no other code using
handle_exception and setup_fail_detail_from_exception, I decided
to move these to lib/msf/core/exploit.rb so they are actually
callable.
Some exploits currently succeed, but can fail during cleanup, leading to a
false-negative. Reverting this so that the affected exploits can be fixed
first.
This reverts commits b0858e9d46 and
b3f754136e.
If the user supplies an invalid session (as in not on the session
list), it will cause a backtrace, because the setup method from
Msf::PostMixin isn't actually called.
We have thought about implementing this in a new OptSession instead.
But you can't use or even pass framework to option_container.rb, so
this is NOT possible.
The original PR was #3956.
When we know the module we're creating is definitely a payload, don't
bother looking in the other module sets.
Also removes an exception message that gets ignored anyway because the
exception class has a hard-coded #to_s
adfoster-r7