From 549f9e74d8ae6223786a3e07a5db5eeb57b5ff6f Mon Sep 17 00:00:00 2001
From: William Vu <William_Vu@rapid7.com>
Date: Wed, 14 Jun 2017 16:53:01 -0500
Subject: [PATCH] Fix AMT scanner for mangled HTML (no </p>)

Also stores proof using the correct :info for report_vuln (not :proof).
---
 modules/auxiliary/scanner/http/intel_amt_digest_bypass.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/modules/auxiliary/scanner/http/intel_amt_digest_bypass.rb b/modules/auxiliary/scanner/http/intel_amt_digest_bypass.rb
index 750c4eeef1..47c24b4b91 100644
--- a/modules/auxiliary/scanner/http/intel_amt_digest_bypass.rb
+++ b/modules/auxiliary/scanner/http/intel_amt_digest_bypass.rb
@@ -76,7 +76,7 @@ class MetasploitModule < Msf::Auxiliary
       proof = res.body.to_s
       proof_hash = nil
 
-      info_keys = res.body.scan(/<td class=r1><p>([^\<]+)<\/p>/).map{|x| x.first.to_s.gsub("&#x2F;", "/") }
+      info_keys = res.body.scan(/<td class=r1><p>([^\<]+)(?:<\/p>)?/).map{|x| x.first.to_s.gsub("&#x2F;", "/") }
       if info_keys.length > 0
         proof_hash = {}
         proof = ""
@@ -106,7 +106,7 @@ class MetasploitModule < Msf::Auxiliary
         :proto => 'tcp',
         :name  => "Intel AMT Digest Authentication Bypass",
         :refs  => self.references,
-        :proof => proof
+        :info => proof
       })
 
     rescue ::Timeout::Error, ::Errno::EPIPE