implemented fixes requested by sinn3r

Implemented the fixes, and re-tested the modules
rapid7 · Jul 24, 2012 · dbc779e · dbc779e
1 parent 397d708
commit dbc779e
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 21 deletions.
diff --git a/modules/auxiliary/scanner/sap/sap_mgmt_con_getlogfiles.rb b/modules/auxiliary/scanner/sap/sap_mgmt_con_getlogfiles.rb
@@ -34,7 +34,7 @@ def initialize
 				],
 			'Author'       => 
 				[	'Chris John Riley', # original msf module
-					'Bruno Morisson <bm@integrity.pt>' # bulk file retrieval
+					'Bruno Morisson <bm[at]integrity.pt>' # bulk file retrieval
 				],
 			'License'      => MSF_LICENSE
 		)
@@ -59,11 +59,7 @@ def rport
 	def run_host(ip)
 		res = send_request_cgi({
 			'uri'      => "/#{datastore['URI']}",
-			'method'   => 'GET',
-			'headers'  =>
-				{
-					'User-Agent' => datastore['UserAgent']
-				}
+			'method'   => 'GET'
 		}, 25)
 
 		if not res
@@ -91,6 +87,9 @@ def listfiles(rhost)
 			ns1 = 'ns1:ListLogFiles'
 		when /^TRACE/i
 			ns1 = 'ns1:ListDeveloperTraces'
+		else
+			print_error("#{rhost}:#{rport} [SAP] unsupported filetype #{datastore['FILETYPE']}")
+			return
 		end
 
 		data = '<?xml version="1.0" encoding="utf-8"?>' + "\r\n"
@@ -121,8 +120,6 @@ def listfiles(rhost)
 			env = []
 			if res and res.code == 200
 				case res.body
-				when nil
-					# Nothing
 				when /<file>(.*)<\/file>/i
 					body = []
 					body = res.body
@@ -179,6 +176,9 @@ def gettfiles(rhost,logfile,filelen)
 			ns1 = 'ns1:ReadLogFile'
 		when /^TRACE/i
 			ns1 = 'ns1:ReadDeveloperTrace'
+		else
+			print_error("#{rhost}:#{rport} [SAP] unsupported filetype: #{datastore['FILETYPE']}")
+			return
 		end
 
 		data = '<?xml version="1.0" encoding="utf-8"?>' + "\r\n"
@@ -210,8 +210,6 @@ def gettfiles(rhost,logfile,filelen)
 
 			if res and res.code == 200
 				case res.body
-				when nil
-					# Nothing
 				when /<item>([^<]+)<\/item>/i
 					body = []
 					body = res.body
@@ -220,8 +218,6 @@ def gettfiles(rhost,logfile,filelen)
 				end
 
 				case res.body
-				when nil
-					# Nothing
 				when /<name>([^<]+)<\/name>/i
 					name = $1.strip
 					success = true

diff --git a/modules/auxiliary/scanner/sap/sap_mgmt_con_getprocesslist.rb b/modules/auxiliary/scanner/sap/sap_mgmt_con_getprocesslist.rb
@@ -9,7 +9,6 @@ class Metasploit4 < Msf::Auxiliary
 	def initialize
 		super(
 			'Name'         => 'SAP Management Console GetProcessList',
-			'Version'      => '$Revision 1$',
 			'Description'  => %q{
 				This module attempts to list SAP processes through the SAP Management Console SOAP Interface
 				},
@@ -21,7 +20,7 @@ def initialize
 			'Author'       => 
 				[ 
 					'Chris John Riley', # most of the code this module is based on
-					'Bruno Morisson <bm@integrity.pt>' # request ProcessList and parsing output
+					'Bruno Morisson <bm[at]integrity.pt>' # request ProcessList and parsing output
 
 				],
 			'License'      => MSF_LICENSE
@@ -43,11 +42,7 @@ def rport
 	def run_host(ip)
 		res = send_request_cgi({
 			'uri'      => "/#{datastore['URI']}",
-			'method'   => 'GET',
-			'headers'  =>
-				{
-					'User-Agent' => datastore['UserAgent']
-				}
+			'method'   => 'GET'
 		}, 25)
 
 		if not res
@@ -98,8 +93,6 @@ def getprocesslist(rhost)
 			if res and res.code == 200
 
 				case res.body
-				when nil
-					# Nothing
 				when /<process>(.*?)<\/process>/i
 					body = []
 					body = res.body