Fixes #19036 by using #timed_read in the check method so it doesn't hang for 60 seconds when targeting an HTTPS service.
#timed_read uses the socket's read timeout which defaults to 10 seconds. The current implementation uses a default read timeout of 60 seconds which makes scanning services that don't immediately return data on connection (such as HTTPS servers) very slow.
Supersedes #19037 which was repurposing the connection timeout for the purposes of a read timeout.
Verification
List the steps needed to make sure this thing works
[ ] Run time check https://metasploit.com/
[ ] See that the check method took a reasonable amount of time
Demo
metasploit-framework (S:0 J:0) exploit(multi/misc/apache_activemq_rce_cve_2023_46604) > time check https://zerosteiner.com/
[*] 192.168.249.3:443 - Cannot reliably check exploitability.
[+] Command "check https://zerosteiner.com/" completed in 10.248666797000169 seconds
# still works when targeting a real server
metasploit-framework (S:0 J:0) exploit(multi/misc/apache_activemq_rce_cve_2023_46604) > check ubuntu.labs1collabu0.local
[*] 18.220.174.0:61616 - The target appears to be vulnerable. Apache ActiveMQ 5.18.2
metasploit-framework (S:0 J:0) exploit(multi/misc/apache_activemq_rce_cve_2023_46604) >
smcintyre-r7
commented
2 weeks ago
Fixes #19036 by using #timed_read in the check method so it doesn't hang for 60 seconds when targeting an HTTPS service.
#timed_readuses the socket's read timeout which defaults to 10 seconds. The current implementation uses a default read timeout of 60 seconds which makes scanning services that don't immediately return data on connection (such as HTTPS servers) very slow.Supersedes #19037 which was repurposing the connection timeout for the purposes of a read timeout.
Verification
List the steps needed to make sure this thing works
time check https://metasploit.com/Demo