pushing for help

h00die · h00die · commit 8369855e4f7c · 2016-11-30T20:47:47.000-05:00
diff --git a/lib/metasploit/framework/varnish/client.rb b/lib/metasploit/framework/varnish/client.rb
@@ -7,20 +7,20 @@ module Framework
     module Varnish
       module Client
 
-        auth_required_regex = /107 \d+\s\s\s\s\s\s\n(\w+)\n\nAuthentication required./ # 107 auth
-        auth_success_regex = /200 \d+/ # 200 ok
+        @AUTH_REQUIRED_REGEX = /107 \d+\s\s\s\s\s\s\n(\w+)\n\nAuthentication required\./ # 107 auth
+        @AUTH_SUCCESS_REGEX = /200 \d+/ # 200 ok
 
         def login(pass)
           # based on https://www.varnish-cache.org/trac/wiki/CLI
           begin
-            auth = require_auth?.to_s
-            if not auth == 'false'
+            auth = require_auth?
+            if not !!auth
               #raise RuntimeError, $1 + "\n" + pass.strip + "\n" + $1 + "\n" + "auth " + Digest::SHA256.hexdigest("#{$1}\n#{pass.strip}\n#{$1}\n")
               response = Digest::SHA256.hexdigest("#{$1}\n#{pass.strip}\n#{$1}\n")
               sock.put("auth #{response}\n")
               res = sock.get_once(-1,3)
               raise RuntimeError, res
-              if res && res =~ @auth_success_regex
+              if res && res =~ @AUTH_SUCCESS_REGEX
                 return true
               else
                 return false
@@ -41,11 +41,10 @@ def require_auth?
           # function returns false if no auth is required, else
           sock.put("auth #{Rex::Text.rand_text_alphanumeric(3)}\n") # Cause a login fail to get the challenge
           res = sock.get_once(-1,3) # grab challenge
-          if res && res =~ @auth_required_regex
+          if res && res =~ @AUTH_REQUIRED_REGEX
             return $1
-          else
-            return false
           end
+          return false
         end
 
       end
