Code review comments

2020-08-14 12:28:38 +01:00 · 2020-08-14 12:28:38 +01:00 · a47e4d42b5
parent f761743f0f
commit a47e4d42b5
2 changed files with 6 additions and 4 deletions
--- a/lib/metasploit/framework/login_scanner/http.rb
+++ b/lib/metasploit/framework/login_scanner/http.rb
@ -247,7 +247,11 @@ module Metasploit
            cli.connect
            req = cli.request_cgi(opts)
            # Authenticate by default
-            res = opts['authenticate'].nil? || opts['authenticate'] ? cli.send_recv(req) : cli._send_recv(req)
+            res = if opts['authenticate'].nil? || opts['authenticate']
+                    cli.send_recv(req)
+                  else
+                    cli._send_recv(req)
+                  end
          rescue ::EOFError, Errno::ETIMEDOUT ,Errno::ECONNRESET, Rex::ConnectionError, OpenSSL::SSL::SSLError, ::Timeout::Error => e
            raise Rex::ConnectionError, e.message
          ensure
--- a/lib/metasploit/framework/login_scanner/winrm.rb
+++ b/lib/metasploit/framework/login_scanner/winrm.rb
@ -51,9 +51,7 @@ module Metasploit

        # send an HTTP request that WinRM would consider as valid  (SOAP XML in the message matching the XML schema definition)
        def send_request(opts)
-          opts['authenticate'] = false
-          allowed_auth_methods = parse_auth_methods(super(opts))
-          opts['authenticate'] = true
+          allowed_auth_methods = parse_auth_methods(super(opts.merge({ 'authenticate' => true })))

          if allowed_auth_methods.include? 'Negotiate'
            opts['preferred_auth'] = 'Negotiate'