-
Notifications
You must be signed in to change notification settings - Fork 14k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Check for nil res when setting echo shell #19617
Conversation
@@ -119,7 +119,7 @@ def set_is_echo_shell(timeout, command_separator) | |||
cmd = "echo #{numeric_token}" | |||
shell_write(cmd + "#{command_separator}echo #{token}#{command_termination}") | |||
res = shell_read_until_token(token, 0, timeout) | |||
@is_echo_shell = res.include?(cmd) | |||
@is_echo_shell = res ? res.include?(cmd) : false |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@is_echo_shell = res ? res.include?(cmd) : false | |
@is_echo_shell = res&.include?(cmd) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just a heads up that these would be semantically different
Before
3.2.5 :001 > res = nil
3.2.5 :002 > @is_echo_shell = res ? res.include?(cmd) : false
3.2.5 :003 > puts @is_echo_shell.inspect
=> false
After
3.2.5 :001 > res = nil
3.2.5 :002 > @is_echo_shell = res&.include?(cmd)
3.2.5 :003 > puts @is_echo_shell.inspect
nil
Not a blocker; !!res&.include?(cmd)
would be closer to the existing semantics
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, looks like if it ends up as nil
, it'll just keep trying this every time; which while probably harmless, is probably not intended. Going with false
seems better.
Release NotesFixes a crash when running against a shell session which does not echo the executed commands |
This PR fixes #19615
From the code,
shell_read_until_token
can returnnil
. Now the code that broke in the linked issue explicitly checks for anil
.I wasn't able to reproduce the issue locally using
ssh_login
against a Kali & Ubuntu VM, and I don't have any vCenter environments to test against.Verification
msfconsole
use auxiliary/scanner/ssh/ssh_login
sessions -i -1
shell
using theshell
commandExample