Bug #537
Inconsistent database reporting in http scanners
| Status: | Closed | Start date: | 11/18/2009 | |
|---|---|---|---|---|
| Priority: | Low | Due date: | ||
| Assignee: | James Lee | % Done: | 0% |
|
| Category: | general | |||
| Target version: | Metasploit 3.3.2 | |||
| Resolution: | Release Note: |
Description
Used aux/scanner/http/version and options back to back, the options scanner uses the stock db report mechanism, the version scanner uses the wmap db reporting. If you don't have db_wmap loaded explicitly, this module does not log anything and you lose the results.
I would like to see either checking and loading of db_wmap in the module or wmap db reporting functions, a warning when you run the module with wmap reporting and don't have db_wmap loaded that none of the results will be saved since you don't have db_wmap, orrr drop back all logging to the stock db reporting mechanisms so you don't lose any of the returned data.
History
Updated by HD Moore about 2 years ago
- Target version set to Metasploit 3.4.0
Updated by James Lee about 2 years ago
- Status changed from New to Closed
- Target version changed from Metasploit 3.4.0 to Metasploit 3.3.2
Looks like Efrain fixed this in r7605 by replacing wmap_report() with report_note().