Don't save creds of anyuser:anypass

If http accepts any user and any pass, it's not a real auth
there is no reason to create cred objects for this.
These creds have been confusing our users

Author: David Maloney

modules/auxiliary/scanner/http/http_login.rb

@@ -149,18 +149,20 @@ def do_login(user='admin', pass='admin')
 				print_status("#{target_url} - Random passwords are not allowed.")
 			end
 
-			report_auth_info(
-				:host   => rhost,
-				:port   => rport,
-				:sname => (ssl ? 'https' : 'http'),
-				:user   => user,
-				:pass   => pass,
-				:proof  => "WEBAPP=\"Generic\", PROOF=#{response.to_s}",
-				:source_type => "user_supplied",
-				:active => true
-			)
-
-			return :abort if ([any_user,any_pass].include? :success)
+      unless user == "anyuser" and pass == "anypass"
+        report_auth_info(
+          :host   => rhost,
+          :port   => rport,
+          :sname => (ssl ? 'https' : 'http'),
+          :user   => user,
+          :pass   => pass,
+          :proof  => "WEBAPP=\"Generic\", PROOF=#{response.to_s}",
+          :source_type => "user_supplied",
+          :active => true
+        )
+      end
+
+	  	return :abort if ([any_user,any_pass].include? :success)
 			return :next_user
 		else
 			vprint_error("#{target_url} - Failed to login as '#{user}'")