Add connection addr+port info to http response object.

Update owa_login to use this instead of doing lookups on its own.

Author: pbarry-r7

lib/rex/proto/http/client.rb

@@ -229,6 +229,7 @@ def _send_recv(req, t = -1, persist=false)
     send_request(req, t)
     res = read_response(t)
     res.request = req.to_s if res
+    res.peerinfo = peerinfo if res
     res
   end
 
@@ -628,6 +629,20 @@ def pipelining?
     pipeline
   end
 
+  #
+  # Target host addr and port for this connection
+  #
+  def peerinfo
+    if self.conn
+      pi = self.conn.peerinfo
+      return {
+        'addr' => pi.split(':')[0],
+        'port' => pi.split(':')[1].to_i
+      }
+    end
+    nil
+  end
+
   #
   # The client request configuration
   #

lib/rex/proto/http/response.rb

@@ -238,6 +238,10 @@ def cmd_string
   #
   attr_accessor :request
 
+  #
+  # Host address:port associated with this request/response
+  #
+  attr_accessor :peerinfo
 
   attr_accessor :code
   attr_accessor :message

modules/auxiliary/scanner/http/owa_login.rb

@@ -4,7 +4,6 @@
 ##
 
 require 'rex/proto/ntlm/message'
-require 'rex/socket'
 
 class MetasploitModule < Msf::Auxiliary
   include Msf::Auxiliary::Report
@@ -94,19 +93,6 @@ def initialize
     deregister_options('BLANK_PASSWORDS', 'RHOSTS')
   end
 
-  def lookup_addr(host)
-    return host if Rex::Socket.dotted_ip?(host)
-
-    begin
-      addr = Rex::Socket.resolv_to_dotted(host)
-      vprint_status("#{msg} Resolved hostname '#{host.to_s}' to address #{addr.to_s}")
-    rescue ResolverArgumentError, Errno::ETIMEDOUT, ::NoResponseError, ::Timeout::Error => e
-      print_error("#{msg} Failed to lookup address for #{host}, datastore persistence skipped")
-      addr = nil
-    end
-    addr
-  end
-
   def setup
     # Here's a weird hack to check if each_user_pass is empty or not
     # apparently you cannot do each_user_pass.empty? or even inspect() it
@@ -211,6 +197,10 @@ def try_user_pass(opts)
       return
     end
 
+    if res.peerinfo['addr'] != datastore['RHOST']
+      vprint_status("#{msg} Resolved hostname '#{datastore['RHOST']}' to address #{res.peerinfo['addr']}")
+    end
+
     if action.name != "OWA_2013" and res.get_cookies.empty?
         print_error("#{msg} Received invalid repsonse due to a missing cookie (possibly due to invalid version), aborting")
         return :abort
@@ -221,7 +211,7 @@ def try_user_pass(opts)
       if res.headers['location'] =~ /expiredpassword/
         print_good("#{msg} SUCCESSFUL LOGIN. #{elapsed_time} '#{user}' : '#{pass}': NOTE password change required")
         report_cred(
-          ip: lookup_addr(datastore['RHOST']),
+          ip: res.peerinfo['addr'],
           port: datastore['RPORT'],
           service_name: 'owa',
           user: user,
@@ -235,7 +225,7 @@ def try_user_pass(opts)
       if res.headers['location'] =~ /owa/ and res.headers['location'] !~ /reason/
         print_good("#{msg} SUCCESSFUL LOGIN. #{elapsed_time} '#{user}' : '#{pass}': NOTE a mailbox is not setup")
         report_cred(
-          ip: lookup_addr(datastore['RHOST']),
+          ip: res.peerinfo['addr'],
           port: datastore['RPORT'],
           service_name: 'owa',
           user: user,
@@ -255,7 +245,7 @@ def try_user_pass(opts)
         # Login didn't work. no point in going on, however, check if valid domain account by response time.
         if elapsed_time <= 1
           report_cred(
-            ip: lookup_addr(datastore['RHOST']),
+            ip: res.peerinfo['addr'],
             port: datastore['RPORT'],
             service_name: 'owa',
             user: user
@@ -301,7 +291,7 @@ def try_user_pass(opts)
     if res.redirect?
       if elapsed_time <= 1
         report_cred(
-          ip: lookup_addr(datastore['RHOST']),
+          ip: res.peerinfo['addr'],
           port: datastore['RPORT'],
           service_name: 'owa',
           user: user
@@ -317,7 +307,7 @@ def try_user_pass(opts)
     if res.body =~ login_check
       print_good("#{msg} SUCCESSFUL LOGIN. #{elapsed_time} '#{user}' : '#{pass}'")
       report_cred(
-        ip: lookup_addr(datastore['RHOST']),
+        ip: res.peerinfo['addr'],
         port: datastore['RPORT'],
         service_name: 'owa',
         user: user,
@@ -327,7 +317,7 @@ def try_user_pass(opts)
     else
       if elapsed_time <= 1
         report_cred(
-          ip: lookup_addr(datastore['RHOST']),
+          ip: res.peerinfo['addr'],
           port: datastore['RPORT'],
           service_name: 'owa',
           user: user