Handle buggy HTTP servers better

git-svn-id: file:///home/svn/framework3/trunk@8921 4d416f70-5f16-0410-b530-b9f4589650da

lib/rex/proto/http/client.rb

@@ -353,6 +353,26 @@ class Client
 					end
 					break
 				end
+
+				# This is a dirty hack for broken HTTP servers
+				if rv == Packet::ParseCode::Completed
+					rbody = resp.body
+					rbufq = resp.bufq
+
+					rblob = rbody.to_s + rbufq.to_s
+					tries = 0
+					begin
+						while tries < 20 and resp.headers["Content-Type"]== "text/html" and rblob !~ /<\/html>/i
+							buff = conn.get_once(-1, 0.05)
+							break if not buff
+							rblob += buff
+						end
+					rescue ::Errno::EPIPE, ::EOFError, ::IOError
+					end
+
+					resp.bufq = ""
+					resp.body = rblob
+				end
 			end
 		end
 		resp

modules/auxiliary/scanner/http/http_version.rb

@@ -40,7 +40,7 @@ class Metasploit3 < Msf::Auxiliary
 			res = send_request_raw({
 				'uri'          => '/',
 				'method'       => 'GET'
-			}, 10)
+			}, 25)
 
 			if (res)
 				extra = http_fingerprint(res)
@@ -58,7 +58,7 @@ class Metasploit3 < Msf::Auxiliary
 	#
 	def http_fingerprint(res)
 		return if not res
-		return if not res.body
+
 		extras = []
 
 		case res.code
@@ -85,6 +85,10 @@ class Metasploit3 < Msf::Auxiliary
 		end
 
 		case res.body
+			when nil
+				# Nothing
+			when /openAboutWindow.*\>DD\-WRT ([^\<]+)\</
+				extras << "DD-WRT #{$1.strip}"
 
 			when /ID_ESX_Welcome/
 				extras << "VMware ESX Server"
@@ -106,8 +110,6 @@ class Metasploit3 < Msf::Auxiliary
 		end
 
 
-
-
 		if (extras.length == 0)
 			return ''
 		end