Move redirect check before body check -- a redirect won't have a body

jhart-r7 · jhart-r7 · commit 2c028ca7a646 · 2014-11-04T14:19:21.000-08:00
diff --git a/modules/auxiliary/scanner/http/owa_login.rb b/modules/auxiliary/scanner/http/owa_login.rb
@@ -248,6 +248,11 @@ def try_user_pass(opts)
       return :abort
     end
 
+    if res.redirect?
+      vprint_error("#{msg} FAILED LOGIN. '#{user}' : '#{pass}' (response was a #{res.code} redirect)")
+      return :skip_pass
+    end
+
     if res.body =~ login_check
       print_good("#{msg} SUCCESSFUL LOGIN. '#{user}' : '#{pass}'")
 
@@ -262,12 +267,6 @@ def try_user_pass(opts)
 
       report_auth_info(report_hash)
       return :next_user
-
-    if res.redirect?
-      vprint_error("#{msg} FAILED LOGIN. '#{user}' : '#{pass}' (response was a #{res.code} redirect)")
-      return :skip_pass
-    end
-
     else
       vprint_error("#{msg} FAILED LOGIN. '#{user}' : '#{pass}' (response body did not match)")
       return :skip_pass
