The HttpClient mixin has a peer() method, therefore these modules
should not have to make their own. Also new module writers won't
repeat the same old code again.
The modified version of pull request #453. This addresses a couple
of things including:
* Change the description to better explain what the vulnerability is.
The advisory focuses the problem as an auth bypass, not DoS,
although it can end up dosing the server.
* The title and filename are changed as a result of matching that
advisory's description.
* Use 'TARGETURI' option instead of 'URI'.
* The reset attempt needs to check if the directory actually has
401 in place, otherwise this may result a false-positive.
* The last HTTP request needs to check a possible nil return value.
* More verbose outputs.
sinn3r
Tod Beardsley
Tab Assassin
David Maloney
Chris John Riley
Tod Beardsley
sinn3r