Track and vprint canary value and code

jhart-r7 · jhart-r7 · commit 2dca18265ee4 · 2015-01-15T12:34:53.000-08:00
diff --git a/modules/auxiliary/scanner/http/allegro_rompager_misfortune_cookie.rb b/modules/auxiliary/scanner/http/allegro_rompager_misfortune_cookie.rb
@@ -98,7 +98,7 @@ def find_canary
       # in most cases, the canary URI will not exist and will return a 404, but
       # if everything under TARGETURI is protected by auth, a 401 may be OK too.
       # but, regardless, respect the configuration set for this module
-      return canary if res && res.code.to_s =~ @status_codes_regex
+      return [canary, res.code] if res && res.code.to_s =~ @status_codes_regex
     end
     nil
   end
@@ -118,7 +118,10 @@ def headers
   # vulnerable.
   def test_misfortune
     # find a usable canary URI (one that returns an acceptable status code already)
-    unless (canary_value = find_canary)
+    if canary = find_canary
+      canary_value, canary_code = canary
+      vprint_status("#{peer} canary URI #{canary_value} with code #{canary_code}")
+    else
       vprint_error("#{peer} Unable to find a suitable canary URI")
       return Exploit::CheckCode::Unknown
     end
