From 4f8ba82d0291a8941e0be907ffef1ad4996fb680 Mon Sep 17 00:00:00 2001
From: jvazquez-r7 <juan.vazquez@metasploit.com>
Date: Wed, 28 Aug 2013 09:29:49 -0500
Subject: [PATCH] Make gather_pf_info return a prefetch entry

---
 modules/post/windows/gather/enum_prefetch.rb | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/modules/post/windows/gather/enum_prefetch.rb b/modules/post/windows/gather/enum_prefetch.rb
index 11ec6169c0..440ac407de 100644
--- a/modules/post/windows/gather/enum_prefetch.rb
+++ b/modules/post/windows/gather/enum_prefetch.rb
@@ -62,11 +62,12 @@ class Metasploit3 < Msf::Post
 		end
 	end
 
-	def gather_pf_info(name_offset, hash_offset, runcount_offset, filename, table)
+	def gather_pf_info(name_offset, hash_offset, runcount_offset, filename)
 		# We'll load the file and parse information from the offsets
 		prefetch_file = read_file(filename)
 		if prefetch_file.empty? or prefetch_file.nil?
 			print_error("Couldn't read file: #{filename}")
+			return nil
 		else
 			# First we'll get the filename
 			pf_filename = prefetch_file[name_offset..name_offset+60]
@@ -85,7 +86,7 @@ class Metasploit3 < Msf::Post
 				last_modified = mtimes['Modified'].utc.to_s
 				created = mtimes['Created'].utc.to_s
 			end
-			table << [last_modified, created, run_count, path_hash, name]
+			return [last_modified, created, run_count, path_hash, name]
 		end
 	end
 
@@ -166,7 +167,10 @@ class Metasploit3 < Msf::Post
 					next
 				else
 					filename = File.join(file['path'], file['name'])
-					gather_pf_info(name_offset, hash_offset, runcount_offset, filename, table)
+					pf_entry = gather_pf_info(name_offset, hash_offset, runcount_offset, filename)
+					if not pf_entry.nil?
+						table << pf_entry
+					end
 				end
 			end
 		end