See #3941. Don't report the same thing a billion times.

git-svn-id: file:///home/svn/framework3/trunk@11956 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-14 14:34:19 +00:00 · 2011-03-14 14:34:19 +00:00 · b8b175fd5c
parent 45e29834be
commit b8b175fd5c
1 changed files with 10 additions and 4 deletions
--- a/modules/auxiliary/scanner/oracle/oracle_login.rb
+++ b/modules/auxiliary/scanner/oracle/oracle_login.rb
@ -126,11 +126,12 @@ class Metasploit3 < Msf::Auxiliary
 			print_status "#{msg} No valid accounts found"
 		else
 			output.each_line do |oline|
-				report_service(:host => addr, :port => port,
-					:proto => "tcp", :name => "oracle")
-				report_note(:host => addr, :port => port, :proto => "tcp", 
-					:type => "oracle.sid", :data => sid, :update => :unique_data)
 				if oline =~ /Login correct/
+					if not @oracle_reported
+						report_service(:host => addr, :port => port, :proto => "tcp", :name => "oracle")
+						report_note(:host => addr, :port => port, :proto => "tcp", :type => "oracle.sid", :data => sid, :update => :unique_data)
+						@oracle_reported = true
+					end
 					user,pass = extract_creds(oline)
 					pass = "" if pass == "<empty>"
 					print_good "#{msg} Success: #{user}:#{pass} (SID: #{sid})"
@ -139,6 +140,11 @@ class Metasploit3 < Msf::Auxiliary
 						:user => "#{sid}/#{user}", :pass => pass, :active => true
 					)
 				elsif oline =~ /Account locked/
+					if not @oracle_reported
+						report_service(:host => addr, :port => port, :proto => "tcp", :name => "oracle")
+						report_note(:host => addr, :port => port, :proto => "tcp", :type => "oracle.sid", :data => sid, :update => :unique_data)
+						@oracle_reported = true
+					end
 					user = extract_creds(oline)[0]
 					print_status "#{msg} Locked: #{user} (SID: #{sid}) -- account valid but locked"
 					report_auth_info(