Catch additional exceptions for failures

zeroSteiner · zeroSteiner · commit 02e3a555704f · 2025-03-21T12:02:23.000-04:00
diff --git a/lib/msf/core/exploit/remote/ms_icpr.rb b/lib/msf/core/exploit/remote/ms_icpr.rb
@@ -30,6 +30,7 @@ module Exploit::Remote::MsIcpr
   class MsIcprError < StandardError; end
   class MsIcprConnectionError < MsIcprError; end
   class MsIcprAuthenticationError < MsIcprError; end
+  class MsIcprAuthorizationError < MsIcprError; end
   class MsIcprNotFoundError < MsIcprError; end
   class MsIcprUnexpectedReplyError < MsIcprError; end
   class MsIcprUnknownError < MsIcprError; end
@@ -91,7 +92,7 @@ def request_certificate(opts = {})
     rescue RubySMB::Error::UnexpectedStatusCode => e
       if e.status_code == ::WindowsError::NTStatus::STATUS_OBJECT_NAME_NOT_FOUND
         # STATUS_OBJECT_NAME_NOT_FOUND will be the status if Active Directory Certificate Service (AD CS) is not installed on the target
-        raise MsIcprNotFoundError, 'Connection failed (AD CS was not found)'
+        raise MsIcprNotFoundError, 'Connection failed (AD CS was not found).'
       end
 
       elog(e.message, error: e)
@@ -192,6 +193,17 @@ def do_request_cert(icpr, opts)
         print_error("  Source:  #{hresult.facility}") if hresult.facility
         print_error("  HRESULT: #{hresult}")
       end
+
+      case hresult
+      when ::WindowsError::HResult::CERTSRV_E_ENROLL_DENIED
+        raise MsIcprAuthorizationError.new(hresult.description)
+      when ::WindowsError::HResult::CERTSRV_E_TEMPLATE_DENIED
+        raise MsIcprAuthorizationError.new(hresult.description)
+      when ::WindowsError::HResult::CERTSRV_E_UNSUPPORTED_CERT_TYPE
+        raise MsIcprNotFoundError.new(hresult.description)
+      else
+        raise MsIcprUnknownError.new(hresult.description)
+      end
     end
 
     return unless response[:certificate]
diff --git a/modules/auxiliary/admin/dcerpc/cve_2022_26923_certifried.rb b/modules/auxiliary/admin/dcerpc/cve_2022_26923_certifried.rb
@@ -139,9 +139,9 @@ def run
         end
       end
     end
-  rescue MsSamrConnectionError, MsIcprConnectionError => e
+  rescue MsSamrConnectionError, MsIcprConnectionError, SmbIpcConnectionError => e
     fail_with(Failure::Unreachable, e.message)
-  rescue MsSamrAuthenticationError, MsIcprAuthenticationError => e
+  rescue MsSamrAuthenticationError, MsIcprAuthenticationError, MsIcprAuthorizationError, SmbIpcAuthenticationError => e
     fail_with(Failure::NoAccess, e.message)
   rescue MsSamrNotFoundError, MsIcprNotFoundError => e
     fail_with(Failure::NotFound, e.message)
diff --git a/modules/auxiliary/admin/dcerpc/icpr_cert.rb b/modules/auxiliary/admin/dcerpc/icpr_cert.rb
@@ -51,9 +51,9 @@ def initialize(info = {})
 
   def run
     send("action_#{action.name.downcase}")
-  rescue MsIcprConnectionError => e
+  rescue MsIcprConnectionError, SmbIpcConnectionError => e
     fail_with(Failure::Unreachable, e.message)
-  rescue MsIcprAuthenticationError => e
+  rescue MsIcprAuthenticationError, MsIcprAuthorizationError, SmbIpcAuthenticationError => e
     fail_with(Failure::NoAccess, e.message)
   rescue MsIcprNotFoundError => e
     fail_with(Failure::NotFound, e.message)
