From 0e300d64dcd9658141a798690b4a2c47d6c94eb5 Mon Sep 17 00:00:00 2001
From: "John Q. Public" <jnqpblc@gmail.com>
Date: Sat, 16 Feb 2019 14:20:51 -0600
Subject: [PATCH] Moved bruteforce(ip) under the sys_name check.

Moving the bruteforce(ip) under the sys_name check stops the script from executing against the wrong systems.
---
 .../auxiliary/scanner/http/hp_sys_mgmt_login.rb    | 14 ++++++--------
 1 file changed, 6 insertions(+), 8 deletions(-)

diff --git a/modules/auxiliary/scanner/http/hp_sys_mgmt_login.rb b/modules/auxiliary/scanner/http/hp_sys_mgmt_login.rb
index 960b6e92c9..539336f9eb 100644
--- a/modules/auxiliary/scanner/http/hp_sys_mgmt_login.rb
+++ b/modules/auxiliary/scanner/http/hp_sys_mgmt_login.rb
@@ -187,15 +187,13 @@ class MetasploitModule < Msf::Auxiliary
         :type => "system.name",
         :data => sys_name
       )
+      if anonymous_access?(res)
+        print_good("No login necessary. Server allows anonymous access.")
+        return
+      end
+      init_loginscanner(ip)
+      bruteforce(ip)
     end
-
-    if anonymous_access?(res)
-      print_good("No login necessary. Server allows anonymous access.")
-      return
-    end
-
-    init_loginscanner(ip)
-    bruteforce(ip)
   end
 end