Remove line in description and output line in fail_with

espreto · espreto · commit c1a1143377e7 · 2015-04-18T15:38:42.000-03:00
diff --git a/modules/exploits/unix/webapp/wp_slideshowgallery_upload.rb b/modules/exploits/unix/webapp/wp_slideshowgallery_upload.rb
@@ -19,8 +19,7 @@ def initialize(info = {})
           The Wordpress SlideShow Gallery plugin contains an authenticated file upload
           vulnerability. We can upload arbitrary files to the upload folder, because
           the plugin also uses it's own file upload mechanism instead of the wordpress
-          api it's possible to upload any file type. The user provided does not need
-          special rights, and users with "Contributor" role can be abused.
+          api it's possible to upload any file type.
       },
       'Author'         =>
         [
@@ -103,7 +102,7 @@ def exploit
       if res.code == 200
         register_files_for_cleanup(filename)
       else
-        fail_with(Failure::Unknown, "#{peer} - Unable to deploy payload, server returned #{res.code}")
+        fail_with(Failure::Unknown, "#{peer} - You do not have sufficient permissions to access this page.")
       end
     else
       fail_with(Failure::Unknown, 'Server did not respond in an expected way')
