some fixes based on Christruncer's feedback

David Maloney · David Maloney · commit 2ac15f208817 · 2014-09-08T15:27:01.000-05:00
fixed some stuff i borked, back to you chris
diff --git a/lib/metasploit/framework/login_scanner/ipboard.rb b/lib/metasploit/framework/login_scanner/ipboard.rb
@@ -40,7 +40,13 @@ def attempt_login(credential)
             if nonce_response.body =~ /name='auth_key'\s+value='.*?((?:[a-z0-9]*))'/i
               server_nonce = $1
 
-              auth_uri = "#{uri}/index.php?app=core&module=global&section=login&do=process"
+              if uri.end_with? '/'
+                base_uri = uri.gsub(/\/$/, '')
+              else
+                base_uri = uri
+              end
+
+              auth_uri = "#{base_uri}/index.php?app=core&module=global&section=login&do=process"
 
               request = http_client.request_cgi(
                   'uri' => auth_uri,
@@ -54,7 +60,7 @@ def attempt_login(credential)
 
               response = http_client.send_recv(request)
 
-              if response && response.code == 200 && response.get_cookies.include?('ipsconnect') && response.get_cookies.include?('coppa')
+              if response && response.get_cookies.include?('ipsconnect') && response.get_cookies.include?('coppa')
                 result_opts.merge!(status: Metasploit::Model::Login::Status::SUCCESSFUL, proof: response)
               else
                 result_opts.merge!(status: Metasploit::Model::Login::Status::INCORRECT, proof: response)
diff --git a/modules/auxiliary/scanner/http/ipboard_login.rb b/modules/auxiliary/scanner/http/ipboard_login.rb
@@ -66,7 +66,7 @@ def run_host(ip)
           invalidate_login(credential_data)
           :abort
         when Metasploit::Model::Login::Status::INCORRECT
-          print_brute :level => :verror, :ip => ip, :msg => "Failed: '#{result.credential}' #{result.proof}"
+          print_brute :level => :verror, :ip => ip, :msg => "Failed: '#{result.credential}'"
           invalidate_login(credential_data)
       end
     end
