fix prometheus ppof check

h00die · h00die · commit 1e7c86c94721 · 2025-01-15T17:54:20.000-05:00
diff --git a/modules/auxiliary/gather/prometheus_api_gather.rb b/modules/auxiliary/gather/prometheus_api_gather.rb
@@ -153,9 +153,7 @@ def run
       'method' => 'GET'
     )
     fail_with(Failure::Unreachable, "#{peer} - Could not connect to web service - no response") if res.nil?
-    fail_with(Failure::UnexpectedReply, "#{peer} - Unexpected response from server (response code #{res.code})") unless res.code == 200
-
-    print_good("#{peer}#{target_uri.path}debug/pprof/ found, potential DoS and information disclosure. Should be manually reviewed.") if res.body.include?('Profile Descriptions')
+    print_good("#{peer}#{target_uri.path}debug/pprof/ found, potential DoS and information disclosure. Should be manually reviewed.") if res.code == 200 && res.body.include?('Profile Descriptions')
   rescue ::Rex::ConnectionError
     fail_with(Failure::Unreachable, "#{peer} - Could not connect to the web service")
   end
diff --git a/modules/auxiliary/gather/prometheus_node_exporter_gather.rb b/modules/auxiliary/gather/prometheus_node_exporter_gather.rb
@@ -316,9 +316,7 @@ def run
       'method' => 'GET'
     )
     fail_with(Failure::Unreachable, "#{peer} - Could not connect to web service - no response") if res.nil?
-    fail_with(Failure::UnexpectedReply, "#{peer} - Unexpected response from server (response code #{res.code})") unless res.code == 200
-
-    print_good("#{peer}#{target_uri.path}debug/pprof/ found, potential DoS and information disclosure. Should be manually reviewed.") if res.body.include?('Profile Descriptions')
+    print_good("#{peer}#{target_uri.path}debug/pprof/ found, potential DoS and information disclosure. Should be manually reviewed.") if res.code == 200 && res.body.include?('Profile Descriptions')
   rescue ::Rex::ConnectionError
     fail_with(Failure::Unreachable, "#{peer} - Could not connect to the web service")
   end
