Land rapid7#2259, @wchen-r7's patch for [SeeRM rapid7#8319]

Author: jvazquez-r7

modules/auxiliary/scanner/http/ektron_cms400net.rb

@@ -29,8 +29,6 @@ def initialize(info={})
 
 		register_options(
 			[
-				#Set to false to prevent account lockouts - it will!
-				OptBool.new('BLANK_PASSWORDS', [false, "Try blank passwords for all users", false]),
 				OptString.new('URI', [true, "Path to the CMS400.NET login page", '/WorkArea/login.aspx']),
 				OptPath.new(
 					'USERPASS_FILE',
@@ -40,7 +38,10 @@ def initialize(info={})
 						File.join(Msf::Config.install_root, "data", "wordlists", "cms400net_default_userpass.txt")
 					])
 			], self.class)
-		end
+
+		# "Set to false to prevent account lockouts - it will!"
+		deregister_options('BLANK_PASSWORDS')
+	end
 
 	def target_url
 		#Function to display correct protocol and host/vhost info
@@ -58,6 +59,10 @@ def target_url
 		end
 	end
 
+    def gen_blank_passwords(users, credentials)
+    	return credentials
+    end
+
 	def run_host(ip)
 		begin
 			res = send_request_cgi(
@@ -66,6 +71,11 @@ def run_host(ip)
 				'uri'     => normalize_uri(datastore['URI'])
 			}, 20)
 
+			if res.nil?
+				print_error("Connection timed out")
+				return
+			end
+
 			#Check for HTTP 200 response.
 			#Numerous versions and configs make if difficult to further fingerprint.
 			if (res and res.code == 200)