Minor cleanup, msftidy check

juushya · juushya · commit 4133a6fa97e9 · 2017-01-07T03:57:46.000+05:30
diff --git a/modules/auxiliary/scanner/http/epmp1000_web_login.rb b/modules/auxiliary/scanner/http/epmp1000_web_login.rb
@@ -1,4 +1,3 @@
-## 
 ##
 # This module requires Metasploit: http://metasploit.com/download
 # Current source: https://github.com/rapid7/metasploit-framework
@@ -16,8 +15,7 @@ def initialize(info={})
     super(update_info(info,
       'Name'        => 'Cambium ePMP 1000 Login Scanner',
       'Description' => %{
-          This module scans for Cambium ePMP 1000 management login portal(s), and attempts to identify valid credentials.
-
+        This module scans for Cambium ePMP 1000 management login portal(s), and attempts to identify valid credentials. Default login credentials are - admin/admin, installer/installer, home/home and readonly/readonly.
       },
       'Author'         =>
         [
@@ -29,9 +27,9 @@ def initialize(info={})
 
     register_options(
     [
-        Opt::RPORT(80),	# Application may run on a different port too. Change port accordingly.
-        OptString.new('USERNAME', [false, "A specific username to authenticate as", "admin"]),
-        OptString.new('PASSWORD', [false, "A specific password to authenticate with", "admin"])
+      Opt::RPORT(80),	# Application may run on a different port too. Change port accordingly.
+      OptString.new('USERNAME', [false, "A specific username to authenticate as", "admin"]),
+      OptString.new('PASSWORD', [false, "A specific password to authenticate with", "admin"])
     ], self.class)
   end
 
@@ -95,11 +93,13 @@ def is_app_epmp1000?
       epmp_ver = get_epmp_ver[1]
 
       print_good("#{rhost}:#{rport} - Running Cambium ePMP 1000 version #{epmp_ver}...")
-
       return true
+
     else
+
       print_error("#{rhost}:#{rport} - Application does not appear to be Cambium ePMP 1000. Module will not continue.")
       return false
+
     end
   end
 
@@ -108,14 +108,16 @@ def is_app_epmp1000?
   #
 
   def do_login(user, pass)
+
     print_status("#{rhost}:#{rport} - Trying username:#{user.inspect} with password:#{pass.inspect}")
+
     begin
 
       res = send_request_cgi(
       {
         'uri'       => '/cgi-bin/luci',
         'method'    => 'POST',
-        'headers'   => {'X-Requested-With'	=> 'XMLHttpRequest','Accept'	=> 'application/json, text/javascript, */*; q=0.01'},
+        'headers'   => {'X-Requested-With' => 'XMLHttpRequest','Accept'	=> 'application/json, text/javascript, */*; q=0.01'},
         'vars_post' =>
           {
             'username' => 'dashboard',
@@ -124,20 +126,19 @@ def do_login(user, pass)
       })
 
 rescue ::Rex::ConnectionRefused, ::Rex::HostUnreachable, ::Rex::ConnectionTimeout, ::Rex::ConnectionError, ::Errno::EPIPE
+
       vprint_error("#{rhost}:#{rport} - HTTP Connection Failed...")
       return :abort
+
     end
 
     if (res and res.code == 200 and res.headers.include?("Set-Cookie") and res.headers['Set-Cookie'].include?("sysauth"))
 
-        get_cookie = res.headers['Set-Cookie']
-
-        get_stok = res.headers['Set-Cookie'].match(/stok=(.*)/)
-        stok_value = get_stok[1]
-
-        sysauth_value = res.headers['Set-Cookie'].match(/((.*)[$ ])/)
-
-        cookie1 = "#{sysauth_value}; "+"globalParams=%7B%22dashboard%22%3A%7B%22refresh_rate%22%3A%225%22%7D%2C%22#{user}%22%3A%7B%22refresh_rate%22%3A%225%22%7D%7D"
+      get_cookie = res.headers['Set-Cookie']
+      get_stok = res.headers['Set-Cookie'].match(/stok=(.*)/)
+      stok_value = get_stok[1]
+      sysauth_value = res.headers['Set-Cookie'].match(/((.*)[$ ])/)
+      cookie1 = "#{sysauth_value}; "+"globalParams=%7B%22dashboard%22%3A%7B%22refresh_rate%22%3A%225%22%7D%2C%22#{user}%22%3A%7B%22refresh_rate%22%3A%225%22%7D%7D"
 
       res = send_request_cgi(
       {
@@ -160,9 +161,11 @@ def do_login(user, pass)
 
     if (res and res.code == 200 and res.headers.include?("Set-Cookie") and res.headers['Set-Cookie'].include?("stok="))
 
-        print_good("SUCCESSFUL LOGIN - #{rhost}:#{rport} - #{user.inspect}:#{pass.inspect}")
+      print_good("SUCCESSFUL LOGIN - #{rhost}:#{rport} - #{user.inspect}:#{pass.inspect}")
 
+  #
   # Extract ePMP version
+  #
       res = send_request_cgi(
       {
         'uri'       => '/',
@@ -172,16 +175,18 @@ def do_login(user, pass)
       get_epmp_ver = res.body.match(/"sw_version">([^<]*)/)
       epmp_ver = get_epmp_ver[1]
 
-        report_cred(
-                ip: rhost,
-                port: rport,
-                service_name: "Cambium ePMP 1000 version #{epmp_ver}",
-                user: user,
-                password: pass
-        )
+      report_cred(
+              ip: rhost,
+              port: rport,
+              service_name: "Cambium ePMP 1000 version #{epmp_ver}",
+              user: user,
+              password: pass
+      )
 
     else
-        print_error("FAILED LOGIN - #{rhost}:#{rport} - #{user.inspect}:#{pass.inspect}")
+
+      print_error("FAILED LOGIN - #{rhost}:#{rport} - #{user.inspect}:#{pass.inspect}")
+
     end
   end
 end
