Verify a host is actually a real string before using it

git-svn-id: file:///home/svn/framework3/trunk@11372 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-18 03:37:27 +00:00 · 2010-12-18 03:37:27 +00:00 · a8311fd71d
parent c28ad8ea0c
commit a8311fd71d
2 changed files with 15 additions and 11 deletions
--- a/lib/msf/base/sessions/command_shell.rb
+++ b/lib/msf/base/sessions/command_shell.rb
@ -235,10 +235,7 @@ class CommandShell
 	# Closes the shell.
 	#
 	def shell_close()
-		begin
-			rstream.close
-		rescue ::Exception
-		end
+		rstream.close rescue nil
 		self.kill
 	end

--- a/lib/msf/core/framework.rb
+++ b/lib/msf/core/framework.rb
@ -275,11 +275,13 @@ class FrameworkEventSubscriber
 	# Generic handler for session events
 	#
 	def session_event(name, session, opts={})
-		if session.respond_to? :peerhost and session.peerhost
+		address = nil
+			
+		if session.respond_to? :peerhost and session.peerhost.to_s.length > 0
 			address = session.peerhost
-		elsif session.respond_to? :tunnel_peer and session.tunnel_peer
+		elsif session.respond_to? :tunnel_peer and session.tunnel_peer.to_s.length > 0
 			address = session.tunnel_peer[0, session.tunnel_peer.rindex(":") || session.tunnel_peer.length ]
-		elsif session.respond_to? :target_host and session.target_host
+		elsif session.respond_to? :target_host and session.target_host.to_s.length > 0
 			address = session.target_host
 		else
 			elog("Session with no peerhost/tunnel_peer")
@ -312,24 +314,29 @@ class FrameworkEventSubscriber
 	end

 	require 'msf/core/session'
+	
 	include ::Msf::SessionEvent
+	
 	def on_session_open(session)
 		opts = { :datastore => session.exploit_datastore.to_h, :critical => true }
 		session_event('session_open', session, opts)
 		if framework.db.active
 			framework.db.sync
-			# Copy/paste ftw
-			if session.respond_to? :peerhost and session.peerhost
+			
+			address = nil
+			
+			if session.respond_to? :peerhost and session.peerhost.to_s.length > 0
 				address = session.peerhost
-			elsif session.respond_to? :tunnel_peer and session.tunnel_peer
+			elsif session.respond_to? :tunnel_peer and session.tunnel_peer.to_s.length > 0
 				address = session.tunnel_peer[0, session.tunnel_peer.rindex(":") || session.tunnel_peer.length ]
-			elsif session.respond_to? :target_host and session.target_host
+			elsif session.respond_to? :target_host and session.target_host.to_s.length > 0
 				address = session.target_host
 			else
 				elog("Session with no peerhost/tunnel_peer")
 				dlog("#{session.inspect}", LEV_3)
 				return
 			end
+
 			# Since we got a session, we know the host is vulnerable to something.
 			# If the exploit used was multi/handler, though, we don't know what
 			# it's vulnerable to, so it isn't really useful to save it.