Merge rapid7#3713, @hmoore-r7's SIP cleanup of my SIP cleanup

Author: jhart-r7

lib/msf/core/exploit/sip.rb

@@ -16,38 +16,58 @@ def report_response(response, rhost, proto, desired_headers = %w(User-Agent Serv
         return false
       end
 
-      # We know it is SIP, so report
-      report_service(
-        host: rhost,
-        port: rport,
-        proto: proto.downcase,
-        name: 'sip'
-      )
-
-      # Do header extraction as necessary
+      # Extracted headers, stored as a hash where the key is the header name
+      # and the value is a list of all values seen for the header, covering the
+      # case where the same header value is seen multiple times
       extracted_headers = {}
       unless desired_headers.nil? || desired_headers.empty?
         desired_headers.each do |desired_header|
           next unless (found_header = options_response.header(desired_header))
           extracted_headers[desired_header] ||= []
-          extracted_headers[desired_header] |= found_header
+          extracted_headers[desired_header]  |= found_header
         end
+      end
 
-        # report on any extracted headers
-        extracted_headers.each do |k, v|
-          report_note(
-            host: rhost,
-            port: rport,
-            proto: proto.downcase,
-            type: "sip_header.#{k.gsub(/-/, '_').downcase}",
-            data: v.join(',')
-          )
-        end
+      # Create a SIP OPTIONS fingerprint hash
+      fprint = {
+        'code'    => options_response.code,
+        'message' => options_response.message
+      }
+
+      # compact the header values, append the header information to the
+      # fingerprint hash
+      extracted_headers.each_pair do |k,v|
+        value = v.join(',')
+        extracted_headers[k] = value
+        fprint['header_' + k.gsub('-', '_').downcase] = value
+      end
+
+      # Create a summary of the response
+      status = options_response.status_line.dup
+      unless extracted_headers.keys.empty?
+        status << ": #{extracted_headers}"
       end
 
-      status = "#{endpoint} #{options_response.status_line}"
-      status += ": #{extracted_headers}" unless extracted_headers.empty?
-      print_status(status)
+      # Report the service with the status information
+      report_service(
+        host: rhost,
+        port: rport,
+        proto: proto.downcase,
+        name: 'sip',
+        info: status
+      )
+
+      # Report the fingerprint information
+      report_note(
+        host: rhost,
+        port: rport,
+        proto: proto.downcase,
+        type: "sip.options.fingerprint",
+        data: fprint
+      )
+
+      # Display the actual result to the user
+      print_status(endpoint + " " + status)
       true
     end