Update the MS17-010 scanner to use dcerpc_getarch

Author: wvu

modules/auxiliary/scanner/smb/smb_ms17_010.rb

@@ -4,6 +4,7 @@
 ##
 
 class MetasploitModule < Msf::Auxiliary
+  include Msf::Exploit::Remote::DCERPC
   include Msf::Exploit::Remote::SMB::Client
   include Msf::Exploit::Remote::SMB::Client::Authenticated
 
@@ -50,7 +51,8 @@ def initialize(info = {})
 
     register_options(
       [
-        OptBool.new('CHECK_DOPU', [true, 'Check for DOUBLEPULSAR on vulnerable hosts', true])
+        OptBool.new('CHECK_DOPU', [true, 'Check for DOUBLEPULSAR on vulnerable hosts', true]),
+        OptBool.new('CHECK_ARCH', [true, 'Check for architecture on vulnerable hosts', true])
       ])
   end
 
@@ -76,12 +78,23 @@ def run_host(ip)
       vprint_status("Received #{status} with FID = 0")
 
       if status == "STATUS_INSUFF_SERVER_RESOURCES"
-        print_good("Host is likely VULNERABLE to MS17-010!  (#{simple.client.peer_native_os})")
+        os = simple.client.peer_native_os
+
+        if datastore['CHECK_ARCH']
+          case dcerpc_getarch
+          when ARCH_X86
+            os << ' x86 (32-bit)'
+          when ARCH_X64
+            os << ' x64 (64-bit)'
+          end
+        end
+
+        print_good("Host is likely VULNERABLE to MS17-010! - #{os}")
         report_vuln(
           host: ip,
           name: self.name,
           refs: self.references,
-          info: 'STATUS_INSUFF_SERVER_RESOURCES for FID 0 against IPC$ -- (#{simple.client.peer_native_os})'
+          info: "STATUS_INSUFF_SERVER_RESOURCES for FID 0 against IPC$ - #{os}"
         )
 
         # vulnerable to MS17-010, check for DoublePulsar infection