Merge branch 'bug/basic_auth' of https://github.com/dmaloney-r7/metasploit-framework into dmaloney-r7-bug/basic_auth

bug/bundler_fix
jvazquez-r7 2013-02-11 21:16:35 +01:00
commit d4d41f36d4
2 changed files with 12 additions and 9 deletions

View File

@ -209,7 +209,9 @@ class Client
req << set_agent_header(c_ag)
if (c_auth.length > 0)
req << set_basic_auth_header(c_auth)
unless c_head['Authorization'] and c_head['Authorization'].include? "Basic"
req << set_basic_auth_header(c_auth)
end
end
req << set_cookie_header(c_cook)
@ -239,6 +241,7 @@ class Client
# @return [Request]
def request_cgi(opts={})
c_ag = opts['agent'] || config['agent']
c_auth = opts['basic_auth'] || config['basic_auth'] || ''
c_body = opts['data'] || ''
c_cgi = opts['uri'] || '/'
c_conn = opts['connection']
@ -313,6 +316,12 @@ class Client
req << set_host_header(c_host)
req << set_agent_header(c_ag)
if (c_auth.length > 0)
unless c_head['Authorization'] and c_head['Authorization'].include? "Basic"
req << set_basic_auth_header(c_auth)
end
end
req << set_cookie_header(c_cook)
req << set_connection_header(c_conn)
req << set_extra_headers(c_head)

View File

@ -87,10 +87,6 @@ class Metasploit3 < Msf::Auxiliary
vprint_error("http://#{rhost}:#{rport}#{uri} - No response")
return
end
if res.code != 401
vprint_error("http://#{rhost}:#{rport} - Authorization not requested")
return
end
each_user_pass { |user, pass|
do_login(user, pass)
@ -107,10 +103,8 @@ class Metasploit3 < Msf::Auxiliary
res = send_request_cgi({
'uri' => uri,
'method' => 'GET',
'headers' =>
{
'Authorization' => "Basic #{user_pass}",
}
'username' => user,
'password' => pass
}, 25)
unless (res.kind_of? Rex::Proto::Http::Response)
vprint_error("http://#{rhost}:#{rport}#{uri} not responding")