[See RM 8114] - Reduce false positive if traffic is redirected

wchen-r7 · wchen-r7 · commit cd734acf3ef4 · 2013-08-15T16:33:10.000-05:00
Fix complaint for hitting this false positive when the user has
all the traffic redirected.
diff --git a/modules/exploits/unix/webapp/basilic_diff_exec.rb b/modules/exploits/unix/webapp/basilic_diff_exec.rb
@@ -74,7 +74,13 @@ def check
 		})
 
 		if res and res.body =~ /#{sig}/
-			return Exploit::CheckCode::Vulnerable
+			if res.code == 302
+				# Some undesirable network setup not very friendly for vuln checks.
+				# See RM8114.
+				return Exploit::CheckCode::Unknown
+			else
+				return Exploit::CheckCode::Vulnerable
+			end
 		else
 			return Exploit::CheckCode::Safe
 		end
