Update atutor_filemanager_traversal

Author: wchen-r7

modules/exploits/linux/http/atutor_filemanager_traversal.rb

@@ -23,13 +23,11 @@ def initialize(info={})
          You are required to login to the target to reach the vulnerability, however this can be
          done as a student account and remote registration is enabled by default.
 
-         Just incase remote registration isnt enabled, this module uses 2 vulnerabilities
-         in order to bypass the authenication:
+         Just in case remote registration isn't enabled, this module uses 2 vulnerabilities
+         in order to bypass the authentication:
 
          1. confirm.php Authentication Bypass Type Juggling vulnerability
          2. password_reminder.php Remote Password Reset TOCTOU vulnerability
-
-         ~ spirit of the hack
       },
       'License'        => MSF_LICENSE,
       'Author'         =>
@@ -284,7 +282,7 @@ def login(username, password, check=false)
       },
     })
     # poor php developer practices
-    cookie = "ATutorID=#{$4};" if res.get_cookies =~ /ATutorID=(.*); ATutorID=(.*); ATutorID=(.*); ATutorID=(.*);/
+    cookie = "ATutorID=#{$4};" if res && res.get_cookies =~ /ATutorID=(.*); ATutorID=(.*); ATutorID=(.*); ATutorID=(.*);/
     if res && res.code == 302
       if res.redirection.to_s.include?('bounce.php?course=0')
         return cookie