Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jsherwood0 update apache_rocketmq_update_config.rb to eliminate hang on check #19038

Closed
wants to merge 2 commits into from
Closed

Jsherwood0 update apache_rocketmq_update_config.rb to eliminate hang on check #19038

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
5482b6d
Update apache_rocketmq_update_config.rb
jsherwood0 Mar 30, 2024
584e22e
Update apache_rocketmq_update_config.rb to eliminate vague rescue
jsherwood0 Mar 30, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 4 additions & 1 deletion modules/exploits/multi/http/apache_rocketmq_update_config.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -71,7 +71,10 @@ def initialize(info = {})
end

def check
@version_request_response = send_version_request
::Timeout.timeout(datastore['ConnectTimeout']) do
@version_request_response = send_version_request
end
Comment on lines +74 to +76
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

My same concerns from here apply as well.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

My same response from here applies to this change also.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This would be better implemented as a change of this to be timed_read(1024) and then an adjustment here to handle nil and return CheckCode::Unknown.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That seems to work pretty well, though the rescue after the timed_read should probably only print the stack trace when VERBOSE is set. There's no point in dumping a stack trace for known situations like timeouts, refused connections, unreachable hosts, etc. Did you want me to close this pull request so that you can submit your fix?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If you want to make the changes, I can get them landed since we're both familiar with the issue at this point. If you'd prefer to not, then sure I can get a PR submitted.


@parsed_data = parse_rocketmq_data(@version_request_response)
return Exploit::CheckCode::Unknown('RocketMQ did not respond to the request for version information') unless @parsed_data['version']

Expand Down