Add more improvements

2012-11-12 15:40:12 -06:00 · 2012-11-12 15:40:12 -06:00 · 72f0a5613f
parent 8fe3f289bf
commit 72f0a5613f
1 changed files with 26 additions and 10 deletions
--- a/modules/auxiliary/scanner/http/drupal_views_user_enum.rb
+++ b/modules/auxiliary/scanner/http/drupal_views_user_enum.rb
@ -50,7 +50,11 @@ class Metasploit3 < Msf::Auxiliary

 		if not res
 			return false
-		elsif res.message != 'OK' or res.body != '[  ]'
+		elsif res and res.body =~ /\<title\>Access denied/
+			# This probably means the Views Module actually isn't installed
+			print_error("#{rhost} - Access denied")
+			return false
+		elsif res and res.message != 'OK' or res.body != '[  ]'
 			return false
 		else
 			return true
@ -72,7 +76,7 @@ class Metasploit3 < Msf::Auxiliary

 		# Check if remote host is available or appears vulnerable
 		if not check(enum_uri)
-			print_status("#{ip} does not appear to be vulnerable, will not continue")
+			print_error("#{ip} does not appear to be vulnerable, will not continue")
 			return
 		end

@ -109,14 +113,26 @@ class Metasploit3 < Msf::Auxiliary
 		final_results.each do |user|
 			print_good("Found User: #{user}")

-			store_loot(
-				type,
-				'text/plain',
-				Rex::Socket.getaddress(datastore['RHOST']),
-				user,
-				'drupal_user.txt',
-				user
+			report_auth_info(
+				:host => Rex::Socket.getaddress(datastore['RHOST']),
+				:port => datastore['RPORT'],
+				:user => user,
+				:type => "drupal_user"
 			)
 		end
+
+		# One username per line
+		final_results = final_results * "\n"
+
+		p = store_loot(
+			'drupal_user',
+			'text/plain',
+			Rex::Socket.getaddress(datastore['RHOST']),
+			final_results.to_s,
+			'drupal_user.txt'
+		)
+
+		print_status("Usernames stored in: #{p}")
 	end
+
 end