From 9a293cd30eeff68524eb8e9f88364160765f3b2c Mon Sep 17 00:00:00 2001
From: Wei Chen <wei_chen@rapid7.com>
Date: Wed, 14 Feb 2018 11:03:03 -0600
Subject: [PATCH] Fix #8120, Fix undef method 'gsub' in bavision_cam_login

Fix #8120
---
 .../framework/login_scanner/bavision_cameras.rb      | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/lib/metasploit/framework/login_scanner/bavision_cameras.rb b/lib/metasploit/framework/login_scanner/bavision_cameras.rb
index 21167e3007..99abcaf8d2 100644
--- a/lib/metasploit/framework/login_scanner/bavision_cameras.rb
+++ b/lib/metasploit/framework/login_scanner/bavision_cameras.rb
@@ -5,6 +5,8 @@ module Metasploit
   module Framework
     module LoginScanner
 
+      class BavisionCamerasException < Exception; end
+
       class BavisionCameras < HTTP
 
         DEFAULT_PORT  = 80
@@ -59,7 +61,13 @@ module Metasploit
           nonce_count = 1
           cnonce = Digest::MD5.hexdigest("%x" % (Time.now.to_i + rand(65535)))
 
-          response['www-authenticate'] =~ /^(\w+) (.*)/
+          i = (response['www-authenticate'] =~ /^(\w+) (.*)/)
+
+          # The www-authenticate header does not return in the format we like,
+          # so let's bail.
+          unless i
+            raise BavisionCamerasException, 'www-authenticate header is not in the right format'
+          end
 
           params = {}
           $2.gsub(/(\w+)="(.*?)"/) { params[$1] = $2 }
@@ -104,7 +112,7 @@ module Metasploit
 
           begin
             result_opts.merge!(try_digest_auth(credential))
-          rescue ::Rex::ConnectionError => e
+          rescue ::Rex::ConnectionError, BavisionCamerasException => e
             # Something went wrong during login. 'e' knows what's up.
             result_opts.merge!(status: LOGIN_STATUS::UNABLE_TO_CONNECT, proof: e.message)
           end