From 0c04dc3a37cf1ca2ca83d8e4a51e228e2dbbc15d Mon Sep 17 00:00:00 2001
From: John Sherwood <jsherwood0@users.noreply.github.com>
Date: Sat, 30 Mar 2024 14:24:23 -0400
Subject: [PATCH 1/2] Update apache_activemq_rce_cve_2023_46604.rb to ensure
 timeout

Add a timeout to eliminate the hang in the check method
---
 .../multi/misc/apache_activemq_rce_cve_2023_46604.rb | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/modules/exploits/multi/misc/apache_activemq_rce_cve_2023_46604.rb b/modules/exploits/multi/misc/apache_activemq_rce_cve_2023_46604.rb
index 4f8e45ff16c8..a4e5a09775ac 100644
--- a/modules/exploits/multi/misc/apache_activemq_rce_cve_2023_46604.rb
+++ b/modules/exploits/multi/misc/apache_activemq_rce_cve_2023_46604.rb
@@ -78,9 +78,17 @@ def initialize(info = {})
   end
 
   def check
-    connect
+    res = nil
+    begin
+      ::Timeout.timeout(datastore['ConnectTimeout']) do
+        connect
 
-    res = sock.get_once
+        res = sock.get_once
+      end
+    rescue => e
+      print_error("Error: #{e.message}")
+      return CheckCode::Unknown
+    end
 
     disconnect
 

From 8a954a15c61ebf7f1525bf4e52d861c4fb68fb6a Mon Sep 17 00:00:00 2001
From: John Sherwood <jsherwood0@users.noreply.github.com>
Date: Sat, 30 Mar 2024 15:14:46 -0400
Subject: [PATCH 2/2] Update apache_activemq_rce_cve_2023_46604.rb to remove
 vague rescue

Remove rescue that does not handle specific exceptions.
---
 .../multi/misc/apache_activemq_rce_cve_2023_46604.rb  | 11 +++--------
 1 file changed, 3 insertions(+), 8 deletions(-)

diff --git a/modules/exploits/multi/misc/apache_activemq_rce_cve_2023_46604.rb b/modules/exploits/multi/misc/apache_activemq_rce_cve_2023_46604.rb
index a4e5a09775ac..b8fee6b0c06a 100644
--- a/modules/exploits/multi/misc/apache_activemq_rce_cve_2023_46604.rb
+++ b/modules/exploits/multi/misc/apache_activemq_rce_cve_2023_46604.rb
@@ -79,15 +79,10 @@ def initialize(info = {})
 
   def check
     res = nil
-    begin
-      ::Timeout.timeout(datastore['ConnectTimeout']) do
-        connect
+    ::Timeout.timeout(datastore['ConnectTimeout']) do
+      connect
 
-        res = sock.get_once
-      end
-    rescue => e
-      print_error("Error: #{e.message}")
-      return CheckCode::Unknown
+      res = sock.get_once
     end
 
     disconnect