Merge branch 'tasos-r7-web-modules'

Author: sinn3r

lib/msf/core/auxiliary/web.rb

@@ -133,7 +133,7 @@ def match_and_log_fingerprint( fingerprint )
 	# Override it if you need more complex processing, but remember to return
 	# the proof as a String.
 	#
-	# response - Net::HTTPResponse
+	# response - Auxiliary::Web::HTTP::Response
 	# element - the submitted element
 	#
 	def find_proof( response, element )

lib/msf/core/auxiliary/web/analysis/taint.rb

@@ -20,10 +20,14 @@ module Analysis::Taint
 	# opts - Options Hash (default: {})
 	#
 	def taint_analysis( opts = {} )
-	return if fuzzed? :type => :taint
-	fuzzed :type => :taint
+		return if fuzzed? :type => :taint
+		fuzzed :type => :taint
 
-	fuzz_async do |response, permutation|
+		# if we get a result without injecting anything then bail out to avoid
+		# an FP
+		return if fuzzer.find_proof( submit, self )
+
+		fuzz_async do |response, permutation|
 			next if !response || !(proof = fuzzer.find_proof( response, permutation ))
 			fuzzer.process_vulnerability( permutation, proof )
 		end

lib/msf/core/auxiliary/web/fuzzable.rb

@@ -43,18 +43,15 @@ def fuzz_async( cfuzzer = nil, &callback )
 	end
 
 	def submit( opts = {} )
-		fuzzer.increment_request_counter
+		fuzzer.increment_request_counter if fuzzer
 
-		resp = http.request_async( *request( opts ) )
-		handle_response( resp )
-		resp
+		http.request( *request( opts ) )
 	end
 
 	def submit_async( opts = {}, &callback )
 		fuzzer.increment_request_counter
 
 		http.request_async( *request( opts ) ) do |resp|
-			handle_response( resp )
 			callback.call resp if callback
 		end
 
@@ -89,20 +86,6 @@ def fuzz_wrapper( cfuzzer = nil, &block )
 		end
 	end
 
-	def handle_response( resp )
-		str = "    #{fuzzer.shortname}: #{resp.code} - #{method.to_s.upcase}" +
-			" #{action} #{params}"
-
-		case resp.code.to_i
-			when 200,404,301,302,303
-				#fuzzer.print_status str
-			when 500,503,401,403
-				fuzzer.print_good str
-			else
-				fuzzer.print_error str
-		end
-	end
-
 end
 
 end