Merge pull request rapid7#1567 from tasos-r7/bug/web-vuln-logging

Web vuln proof forced #to_s

Author: HD Moore

lib/msf/core/auxiliary/web.rb

@@ -160,7 +160,8 @@ def log_fingerprint( opts = {} )
 		vhash = [target.to_url, opts[:fingerprint], mode, opts[:location]].
 			map { |x| x.to_s }.join( '|' ).hash
 
-		return if parent.vulns.include?( vhash )
+		parent.vulns[mode] ||= {}
+		return if parent.vulns[mode].include?( vhash )
 
 		location = opts[:location] ?
 			page.url.merge( URI( opts[:location].to_s )) : page.url
@@ -182,7 +183,7 @@ def log_fingerprint( opts = {} )
 		}
 
 		info[:confidence]  = calculate_confidence( info )
-		parent.vulns[vhash] = info
+		parent.vulns[mode][vhash] = info
 
 		report_web_vuln( info )
 
@@ -195,7 +196,8 @@ def log_resource( opts = {} )
 		vhash = [target.to_url, mode, opts[:location]].
 			map { |x| x.to_s }.join( '|' ).hash
 
-		return if parent.vulns.include?( vhash )
+		parent.vulns[mode] ||= {}
+		return if parent.vulns[mode].include?( vhash )
 
 		location = URI( opts[:location].to_s )
 		info = {
@@ -215,7 +217,7 @@ def log_resource( opts = {} )
 		}
 
 		info[:confidence]  = calculate_confidence( info )
-		parent.vulns[vhash] = info
+		parent.vulns[mode][vhash] = info
 
 		report_web_vuln( info )
 
@@ -237,7 +239,7 @@ def process_vulnerability( element, proof, opts = {} )
 			:params		 => element.params.to_a,
 			:mode		 => mode,
 			:pname		 => element.altered,
-			:proof		 => proof,
+			:proof		 => proof.to_s,
 			:form		 => element.model,
 			:risk		 => details[:risk],
 			:name		 => details[:name],
@@ -266,7 +268,7 @@ def process_vulnerability( element, proof, opts = {} )
 			:method		 => element.method.to_s.upcase,
 			:params		 => element.params.to_a,
 			:pname		 => element.altered,
-			:proof		 => proof,
+			:proof		 => proof.to_s,
 			:risk		 => details[:risk],
 			:name		 => details[:name],
 			:blame		 => details[:blame],