From 9b344a9605840d1ed002a01436321cbbe494866f Mon Sep 17 00:00:00 2001
From: David Maloney <DMaloney@rapid7.com>
Date: Wed, 14 Jan 2015 13:20:00 -0600
Subject: [PATCH] move query fields to a constant

these fields should never change, so put the array
in a constant and freeze it to prevent accidental tampering
---
 modules/post/windows/gather/enum_ad_users.rb | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/modules/post/windows/gather/enum_ad_users.rb b/modules/post/windows/gather/enum_ad_users.rb
index 02c5375dda..c8c4f1e09f 100644
--- a/modules/post/windows/gather/enum_ad_users.rb
+++ b/modules/post/windows/gather/enum_ad_users.rb
@@ -12,6 +12,7 @@ class Metasploit3 < Msf::Post
   include Msf::Post::Windows::Accounts
 
   UAC_DISABLED = 0x02
+  USER_FIELDS = ['sAMAccountName', 'userAccountControl', 'lockoutTime', 'mail', 'primarygroupid', 'description'].freeze
 
   def initialize(info = {})
     super(update_info(
@@ -73,7 +74,7 @@ class Metasploit3 < Msf::Post
     search_filter = "(&#{inner_filter})"
 
     begin
-      q = query(search_filter, max_search, fields)
+      q = query(search_filter, max_search, USER_FIELDS)
     rescue ::RuntimeError, ::Rex::Post::Meterpreter::RequestError => e
       # Can't bind or in a network w/ limited accounts
       print_error(e.message)
@@ -90,7 +91,7 @@ class Metasploit3 < Msf::Post
         'Header'     => "Domain Users",
         'Indent'     => 1,
         'SortIndex'  => -1,
-        'Columns'    => fields
+        'Columns'    => USER_FIELDS
       )
 
     q[:results].each do |result|