Move the options into the mixin

Author: zeroSteiner

lib/msf/core/exploit/remote/http_client.rb

@@ -16,6 +16,7 @@ module Exploit::Remote::HttpClient
   include Msf::Auxiliary::Report
   include Msf::Auxiliary::LoginScanner
   include Msf::Exploit::Remote::Kerberos::Ticket::Storage
+  include Msf::Exploit::Remote::Kerberos::ServiceAuthenticator::Options
 
   #
   # Initializes an exploit module that exploits a vulnerability in an HTTP
@@ -36,6 +37,8 @@ def initialize(info = {})
 
     register_advanced_options(
       [
+        *kerberos_storage_options(protocol: 'HTTP'),
+        *kerberos_auth_options(protocol: 'HTTP', auth_methods: Msf::Exploit::Remote::AuthOption::HTTP_OPTIONS),
         OptString.new('UserAgent', [false, 'The User-Agent header to use for all requests',
           Rex::UserAgent.session_agent
           ]),
@@ -156,24 +159,22 @@ def connect(opts={})
 
     http_logger_subscriber = Rex::Proto::Http::HttpLoggerSubscriber.new(logger: self)
 
-    if datastore['HTTP::Auth'] == Msf::Exploit::Remote::AuthOption::KERBEROS
-      kerberos_authenticator = Msf::Exploit::Remote::Kerberos::ServiceAuthenticator::HTTP.new(
-        host: datastore['DomainControllerRhost'],
-        hostname: datastore['HTTP::Rhostname'],
-        proxies: datastore['Proxies'],
-        realm: datastore['DOMAIN'],
-        username: datastore['HttpUsername'],
-        password: datastore['HttpPassword'],
-        timeout: 20, # datastore['timeout']
-        framework: framework,
-        framework_module: self,
-        cache_file: datastore['HTTP::Krb5Ccname'].blank? ? nil : datastore['HTTP::Krb5Ccname'],
-        mutual_auth: true,
-        use_gss_checksum: true,
-        ticket_storage: kerberos_ticket_storage,
-        offered_etypes: Msf::Exploit::Remote::AuthOption.as_default_offered_etypes(datastore['HTTP::KrbOfferedEncryptionTypes'])
-      )
-    end
+    kerberos_authenticator = Msf::Exploit::Remote::Kerberos::ServiceAuthenticator::HTTP.new(
+      host: datastore['DomainControllerRhost'],
+      hostname: datastore['HTTP::Rhostname'],
+      proxies: datastore['Proxies'],
+      realm: datastore['DOMAIN'],
+      username: datastore['HttpUsername'],
+      password: datastore['HttpPassword'],
+      timeout: 20, # datastore['timeout']
+      framework: framework,
+      framework_module: self,
+      cache_file: datastore['HTTP::Krb5Ccname'].blank? ? nil : datastore['HTTP::Krb5Ccname'],
+      mutual_auth: true,
+      use_gss_checksum: true,
+      ticket_storage: kerberos_ticket_storage,
+      offered_etypes: Msf::Exploit::Remote::AuthOption.as_default_offered_etypes(datastore['HTTP::KrbOfferedEncryptionTypes'])
+    )
 
     nclient = Rex::Proto::Http::Client.new(
       opts['rhost'] || rhost,

modules/auxiliary/scanner/http/title.rb

@@ -8,8 +8,6 @@ class MetasploitModule < Msf::Auxiliary
   include Msf::Exploit::Remote::HttpClient
   # Scanner mixin should be near last
   include Msf::Auxiliary::Scanner
-  include Msf::Exploit::Remote::Kerberos::Ticket::Storage
-  include Msf::Exploit::Remote::Kerberos::ServiceAuthenticator::Options
 
   def initialize
     super(
@@ -33,8 +31,6 @@ def initialize
 
     register_advanced_options(
       [
-        *kerberos_storage_options(protocol: 'HTTP'),
-        *kerberos_auth_options(protocol: 'HTTP', auth_methods: Msf::Exploit::Remote::AuthOption::HTTP_OPTIONS),
         OptString.new('HttpQueryString', [ false, 'The HTTP query string', nil ]),
         OptBool.new('FollowRedirect', [ false, 'Follow a HTTP redirect', false ]),
         OptInt.new('FollowRedirectDepth', [false, 'Follow HTTP redirect depth', 1]),