Merge pull request rapid7#6 from jvazquez-r7/dlink_dir_300_615_http_l…

…ogin_work tested and working. pcap follows
bturner-r7 · Apr 4, 2013 · 1344fa8 · 1344fa8
2 parents b6a50da + 89de9fd
commit 1344fa8
Showing 1 changed file with 24 additions and 5 deletions.
diff --git a/modules/auxiliary/scanner/http/dlink_dir_300_615_http_login.rb b/modules/auxiliary/scanner/http/dlink_dir_300_615_http_login.rb
@@ -53,11 +53,31 @@ def target_url
 		"#{proto}://#{rhost}:#{rport}#{@uri.to_s}"
 	end
 
+	def is_dlink?
+		response = send_request_cgi({
+			'uri' => @uri,
+			'method' => 'GET'
+		})
+
+		if response and response.headers['Server'] and response.headers['Server'] =~ /Mathopd\/1\.5p6/
+			return true
+		else
+			return false
+		end
+	end
+
 	def run_host(ip)
 
 		@uri = "/login.php"
 
-		print_status("Attempting to login to #{target_url}")
+		if is_dlink?
+			vprint_good("#{target_url} - DLink device detected")
+		else
+			vprint_error("#{target_url} - Dlink device doesn't detected")
+			return
+		end
+
+		print_status("#{target_url} - Attempting to login")
 
 		each_user_pass { |user, pass|
 			do_login(user, pass)
@@ -103,10 +123,8 @@ def do_http_login(user,pass)
 					"login" => "+Log+In+"
 				}
 			})
-			return if response.nil?
-			return if (response.headers['Server'].nil? or response.headers['Server'] !~ /Mathopd\/1\.5p6/)
-			return if (response.code == 404)
-
+			return nil if response.nil?
+			return nil if (response.code == 404)
 			return response
 		rescue ::Rex::ConnectionError
 			vprint_error("#{target_url} - Failed to connect to the web server")
@@ -115,6 +133,7 @@ def do_http_login(user,pass)
 	end
 
 	def determine_result(response)
+		return :abort if response.nil?
 		return :abort unless response.kind_of? Rex::Proto::Http::Response
 		return :abort unless response.code
 		if response.body =~ /\<META\ HTTP\-EQUIV\=Refresh\ CONTENT\=\'0\;\ url\=index.php\'\>/