Merge remote-tracking branch 'tasos-r7/bug/web-vuln-logging' into rapid7

[Closes rapid7#1559]

Author: egypt

lib/msf/core/auxiliary/web.rb

@@ -161,7 +161,6 @@ def log_fingerprint( opts = {} )
 			map { |x| x.to_s }.join( '|' ).hash
 
 		return if parent.vulns.include?( vhash )
-		parent.vulns[vhash] = true
 
 		location = opts[:location] ?
 			page.url.merge( URI( opts[:location].to_s )) : page.url
@@ -183,6 +182,7 @@ def log_fingerprint( opts = {} )
 		}
 
 		info[:confidence]  = calculate_confidence( info )
+		parent.vulns[vhash] = info
 
 		report_web_vuln( info )
 
@@ -196,7 +196,6 @@ def log_resource( opts = {} )
 			map { |x| x.to_s }.join( '|' ).hash
 
 		return if parent.vulns.include?( vhash )
-		parent.vulns[vhash] = true
 
 		location = URI( opts[:location].to_s )
 		info = {
@@ -216,6 +215,7 @@ def log_resource( opts = {} )
 		}
 
 		info[:confidence]  = calculate_confidence( info )
+		parent.vulns[vhash] = info
 
 		report_web_vuln( info )
 

lib/msf/core/auxiliary/web/http.rb

@@ -67,6 +67,7 @@ def timed_out
 	attr_reader :opts
 	attr_reader :headers
 	attr_reader :framework
+	attr_reader :parent
 
 	attr_accessor :redirect_limit
 	attr_accessor :username , :password
@@ -75,6 +76,7 @@ def initialize( opts = {} )
 		@opts = opts.dup
 
 		@framework = opts[:framework]
+		@parent    = opts[:parent]
 
 		@headers = {
 			'Accept' => '*/*',
@@ -130,8 +132,8 @@ def run
 					begin
 						request.handle_response request( request.url, request.opts )
 					rescue => e
-						elog e.to_s
-						e.backtrace.each { |l| elog l }
+						print_error e.to_s
+						e.backtrace.each { |l| print_error l }
 					end
 				end
 			end
@@ -250,6 +252,11 @@ def custom_404?( path, body, &callback )
 
 	private
 
+	def print_error( message )
+		return if !@parent
+		@parent.print_error message
+	end
+
 	def call_after_run_blocks
 		while block = @after_run_blocks.pop
 			block.call