From 0224e0515a31b38b5c4e6367092f2b61e79b503a Mon Sep 17 00:00:00 2001
From: dmiller <dmiller@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Sat, 20 Sep 2014 05:40:47 +0000
Subject: [PATCH] Make http-vuln-wnr1000-creds actually return something

---
 scripts/http-vuln-wnr1000-creds.nse | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/scripts/http-vuln-wnr1000-creds.nse b/scripts/http-vuln-wnr1000-creds.nse
index ccc3ee883..6c752de5b 100644
--- a/scripts/http-vuln-wnr1000-creds.nse
+++ b/scripts/http-vuln-wnr1000-creds.nse
@@ -79,13 +79,15 @@ action = function(host, port)
             if payload_session then
                 local netgear_username = string.match(escape(payload_session.body), 'Router Admin Username</td>.+align="left">(.+)</td>.+Router Admin')
                 local netgear_password = string.match(escape(payload_session.body), 'Router Admin Password</td>.+align="left">(.+)</td>.+MNUText')
-                if (username ~= nil and password ~= nil) then
+                if (netgear_username ~= nil and netgear_password ~= nil) then
                     stdnse.debug1("username : %s", escape(netgear_username))
                     stdnse.debug1("password : %s", escape(netgear_password))
+                    vuln.state = vulns.STATE.VULN
                 else
                     stdnse.debug1("We haven't been able to get username/password")
                 end
             end
         end
     end
+    return vuln_report:make_output(vuln)
 end