Land rapid7#4056, @wchen-r7's fix for Loginscanner specs

Author: jvazquez-r7

lib/metasploit/framework/login_scanner/axis2.rb

@@ -17,7 +17,7 @@ class Axis2 < HTTP
         # (see Base#attempt_login)
         def attempt_login(credential)
           http_client = Rex::Proto::Http::Client.new(
-            host, port, {}, ssl, ssl_version
+            host, port, {}, ssl, ssl_version, proxies
           )
 
           http_client = config_client(http_client)
@@ -49,8 +49,8 @@ def attempt_login(credential)
             else
               result_opts.merge!(status: Metasploit::Model::Login::Status::INCORRECT, proof: response)
             end
-          rescue ::EOFError, Rex::ConnectionError, ::Timeout::Error
-            result_opts.merge!(status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT)
+          rescue ::EOFError, Rex::ConnectionError, ::Timeout::Error => e
+            result_opts.merge!(status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT, proof: e)
           end
 
           Result.new(result_opts)

lib/metasploit/framework/login_scanner/db2.rb

@@ -39,10 +39,10 @@ def attempt_login(credential)
                 result_options[:status] = Metasploit::Model::Login::Status::INCORRECT
               end
             end
-          rescue ::Rex::ConnectionError, ::Rex::ConnectionTimeout, ::Rex::Proto::DRDA::RespError,::Timeout::Error  => e
+          rescue ::Rex::ConnectionError, ::Rex::Proto::DRDA::RespError, ::Timeout::Error => e
             result_options.merge!({
               status:  Metasploit::Model::Login::Status::UNABLE_TO_CONNECT,
-              proof: e.message
+              proof: e,
             })
           end
 

lib/metasploit/framework/login_scanner/glassfish.rb

@@ -61,7 +61,7 @@ def check_setup
         # @param (see Rex::Proto::Http::Resquest#request_raw)
         # @return [Rex::Proto::Http::Response] The HTTP response
         def send_request(opts)
-          cli = Rex::Proto::Http::Client.new(host, port, {}, ssl, ssl_version)
+          cli = Rex::Proto::Http::Client.new(host, port, {}, ssl, ssl_version, proxies)
           cli.connect
           req = cli.request_raw(opts)
           res = cli.send_recv(req)
@@ -182,8 +182,8 @@ def attempt_login(credential)
               status = try_glassfish_3(credential)
               result_opts.merge!(status)
             end
-          rescue ::EOFError, Rex::ConnectionError, ::Timeout::Error
-            result_opts.merge!(status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT)
+          rescue ::EOFError, Rex::ConnectionError, ::Timeout::Error => e
+            result_opts.merge!(status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT, proof: e)
           end
 
           Result.new(result_opts)

lib/metasploit/framework/login_scanner/http.rb

@@ -47,7 +47,7 @@ class HTTP
         # (see Base#check_setup)
         def check_setup
           http_client = Rex::Proto::Http::Client.new(
-            host, port, {}, ssl, ssl_version
+            host, port, {}, ssl, ssl_version, proxies
           )
           request = http_client.request_cgi(
             'uri' => uri,
@@ -96,7 +96,7 @@ def attempt_login(credential)
 
           http_client = Rex::Proto::Http::Client.new(
             host, port, {}, ssl, ssl_version,
-            nil, credential.public, credential.private
+            proxies, credential.public, credential.private
           )
 
           http_client = config_client(http_client)
@@ -116,8 +116,8 @@ def attempt_login(credential)
             if response && response.code == 200
               result_opts.merge!(status: Metasploit::Model::Login::Status::SUCCESSFUL, proof: response.headers)
             end
-          rescue ::EOFError, Errno::ETIMEDOUT, Rex::ConnectionError, ::Timeout::Error
-            result_opts.merge!(status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT)
+          rescue ::EOFError, Errno::ETIMEDOUT, Rex::ConnectionError, ::Timeout::Error => e
+            result_opts.merge!(status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT, proof: e)
           ensure
             http_client.close
           end

lib/metasploit/framework/login_scanner/ipboard.rb

@@ -10,7 +10,7 @@ class IPBoard < HTTP
         # (see Base#attempt_login)
         def attempt_login(credential)
           http_client = Rex::Proto::Http::Client.new(
-              host, port, {}, ssl, ssl_version
+              host, port, {}, ssl, ssl_version, proxies
           )
 
           http_client = config_client(http_client)
@@ -75,8 +75,8 @@ def attempt_login(credential)
             else
               result_opts.merge!(status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT, proof: "Server nonce not present, potentially not an IP Board install or bad URI.")
             end
-          rescue ::EOFError, Rex::ConnectionError, ::Timeout::Error
-            result_opts.merge!(status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT)
+          rescue ::EOFError, Rex::ConnectionError, ::Timeout::Error => e
+            result_opts.merge!(status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT, proof: e)
           end
 
           Result.new(result_opts)

lib/metasploit/framework/login_scanner/jenkins.rb

@@ -33,7 +33,7 @@ def attempt_login(credential)
             result_opts[:service_name] = 'http'
           end
           begin
-            cli = Rex::Proto::Http::Client.new(host, port, {}, ssl, ssl_version)
+            cli = Rex::Proto::Http::Client.new(host, port, {}, ssl, ssl_version, proxies)
             cli.connect
             req = cli.request_cgi({
               'method'=>'POST',
@@ -49,8 +49,8 @@ def attempt_login(credential)
             else
               result_opts.merge!(status: Metasploit::Model::Login::Status::INCORRECT, proof: res)
             end
-          rescue ::EOFError, Errno::ETIMEDOUT, Rex::ConnectionError, ::Timeout::Error
-            result_opts.merge!(status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT)
+          rescue ::EOFError, Errno::ETIMEDOUT, Rex::ConnectionError, ::Timeout::Error => e
+            result_opts.merge!(status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT, proof: e)
           end
           Result.new(result_opts)
         end

lib/metasploit/framework/login_scanner/mysql.rb

@@ -46,40 +46,30 @@ def attempt_login(credential)
               :db            => ''
             })
 
-          rescue Rex::HostUnreachable
+          rescue ::SystemCallError, Rex::ConnectionError => e
             result_options.merge!({
               status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT,
-              proof:  "Host was unreachable"
+              proof: e
             })
-          rescue Errno::ECONNREFUSED, Rex::ConnectionRefused
+          rescue RbMysql::ClientError => e
             result_options.merge!({
               status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT,
-              proof:  "Connection refused"
+              proof: e
             })
-          rescue RbMysql::ClientError
+          rescue RbMysql::HostNotPrivileged => e
             result_options.merge!({
               status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT,
-              proof:  "Connection timeout"
+              proof: e
             })
-          rescue Errno::ETIMEDOUT, Rex::ConnectionTimeout
-            result_options.merge!({
-              status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT,
-              proof:  "Operation Timed out"
-            })
-          rescue RbMysql::HostNotPrivileged
-            result_options.merge!({
-              status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT,
-              proof:  "Unable to login from this host due to policy"
-            })
-          rescue RbMysql::AccessDeniedError
+          rescue RbMysql::AccessDeniedError => e
             result_options.merge!({
               status: Metasploit::Model::Login::Status::INCORRECT,
-              proof:  "Access Denied"
+              proof: e
             })
-          rescue RbMysql::HostIsBlocked
+          rescue RbMysql::HostIsBlocked => e
             result_options.merge!({
               status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT,
-              proof:  "Host blocked"
+              proof: e
             })
           end
 
@@ -103,4 +93,4 @@ def set_sane_defaults
 
     end
   end
-end
+end

lib/metasploit/framework/login_scanner/pop3.rb

@@ -63,7 +63,7 @@ def attempt_login(credential)
 
           rescue Rex::ConnectionError, EOFError, Timeout::Error, Errno::EPIPE => e
             result_options.merge!(
-              proof: e.message,
+              proof: e,
               status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT
             )
           end

lib/metasploit/framework/login_scanner/postgres.rb

@@ -60,8 +60,8 @@ def attempt_login(credential)
                     proof: e.message
                 })
             end
-          rescue Rex::ConnectionError, EOFError, Timeout::Error
-            result_options.merge!({status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT })
+          rescue Rex::ConnectionError, EOFError, Timeout::Error => e
+            result_options.merge!(status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT, proof: e)
           end
 
           if pg_conn

lib/metasploit/framework/login_scanner/result.rb

@@ -21,7 +21,7 @@ class Result
         #   @return [Fixnum] the port number of the service for this result
         attr_accessor :port
         # @!attribute proof
-        #   @return [String,nil] the proof that the login was successful
+        #   @return [#to_s] the proof of the login's success or failure
         attr_accessor :proof
         # @!attribute protocol
         #   @return [String] the transport protocol used for this result (tcp/udp)