From cfd41c49ec14b7ca6b56c42e409edcbbd6cedf6a Mon Sep 17 00:00:00 2001 From: ticofoo <61046996+ticofoo@users.noreply.github.com> Date: Mon, 17 Feb 2020 23:32:25 +0100 Subject: [PATCH] Fix bug in owa_login if AUTH_TIME is set to false --- modules/auxiliary/scanner/http/owa_login.rb | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/modules/auxiliary/scanner/http/owa_login.rb b/modules/auxiliary/scanner/http/owa_login.rb index b77a71476a..303e161fe5 100644 --- a/modules/auxiliary/scanner/http/owa_login.rb +++ b/modules/auxiliary/scanner/http/owa_login.rb @@ -193,6 +193,8 @@ class MetasploitModule < Msf::Auxiliary 'data' => data }) + # define elapsed_time even if AUTH_TIME is set to "false", because it is used in all of the following print* messages + elapsed_time = 0 if datastore['AUTH_TIME'] elapsed_time = Time.now - start_time end @@ -253,7 +255,8 @@ class MetasploitModule < Msf::Auxiliary headers['Cookie'] = 'PBack=0;' << res.get_cookies else # Login didn't work. no point in going on, however, check if valid domain account by response time. - if elapsed_time <= 1 + # Added check for default value (0), since elapsed_time is not measured if AUTH_TIME is set to "false" + if (elapsed_time > 0) && (elapsed_time <= 1) unless user =~ /@\w+\.\w+/ report_cred( ip: res.peerinfo['addr'], @@ -301,7 +304,8 @@ class MetasploitModule < Msf::Auxiliary end if res.redirect? - if elapsed_time <= 1 + # Added check for default value (0), since elapsed_time is not measured if AUTH_TIME is set to "false" + if (elapsed_time > 0) && (elapsed_time <= 1) unless user =~ /@\w+\.\w+/ report_cred( ip: res.peerinfo['addr'], @@ -329,7 +333,8 @@ class MetasploitModule < Msf::Auxiliary ) return :next_user else - if elapsed_time <= 1 + # Added check for default value (0), since elapsed_time is not measured if AUTH_TIME is set to "false" + if (elapsed_time > 0) && (elapsed_time <= 1) unless user =~ /@\w+\.\w+/ report_cred( ip: res.peerinfo['addr'],