Add more improvements

Author: sinn3r

modules/auxiliary/scanner/http/drupal_views_user_enum.rb

@@ -25,7 +25,7 @@ module of Drupal, brute-forcing the first 10 usernames from 'a' to 'z'
 				[
 					'Justin Klein Keane', #Original Discovery
 					'Robin Francois <rof[at]navixia.com>',
-					'Brandon McCann "zeknox" <bmccann [at] accuvant.com>'
+					'Brandon McCann "zeknox" <bmccann[at]accuvant.com>'
 				],
 			'License'        => MSF_LICENSE,
 			'References'     =>
@@ -50,7 +50,11 @@ def check(base_uri)
 
 		if not res
 			return false
-		elsif res.message != 'OK' or res.body != '[  ]'
+		elsif res and res.body =~ /\<title\>Access denied/
+			# This probably means the Views Module actually isn't installed
+			print_error("#{rhost} - Access denied")
+			return false
+		elsif res and res.message != 'OK' or res.body != '[  ]'
 			return false
 		else
 			return true
@@ -72,7 +76,7 @@ def run_host(ip)
 
 		# Check if remote host is available or appears vulnerable
 		if not check(enum_uri)
-			print_status("#{ip} does not appear to be vulnerable, will not continue")
+			print_error("#{ip} does not appear to be vulnerable, will not continue")
 			return
 		end
 
@@ -109,14 +113,26 @@ def run_host(ip)
 		final_results.each do |user|
 			print_good("Found User: #{user}")
 
-			store_loot(
-				type,
-				'text/plain',
-				Rex::Socket.getaddress(datastore['RHOST']),
-				user,
-				'drupal_user.txt',
-				user
+			report_auth_info(
+				:host => Rex::Socket.getaddress(datastore['RHOST']),
+				:port => datastore['RPORT'],
+				:user => user,
+				:type => "drupal_user"
 			)
 		end
+
+		# One username per line
+		final_results = final_results * "\n"
+
+		p = store_loot(
+			'drupal_user',
+			'text/plain',
+			Rex::Socket.getaddress(datastore['RHOST']),
+			final_results.to_s,
+			'drupal_user.txt'
+		)
+
+		print_status("Usernames stored in: #{p}")
 	end
+
 end