Fix erroneous cred reporting in SonicWALL exploit

A session ID will be returned in the parsed JSON if the login succeeded.

Bad user:

{"noldapnouser"=>1, "loginfailed"=>1}

Bad password:

{"loginfailed"=>1}

Good user/password:

{"userid"=>"1", "sessionid"=>"4WJ9cNg1TkBrwjzX"}

Author: wvu

modules/exploits/multi/http/sonicwall_scrutinizer_methoddetail_sqli.rb

@@ -180,10 +180,10 @@ def do_login
       fail_with(Failure::NoAccess, "Username '#{datastore['USERNAME']}' is incorrect.")
     elsif res['loginfailed']
       fail_with(Failure::NoAccess, "Password '#{datastore['PASSWORD']}' is incorrect.")
+    elsif res['sessionid']
+      report_cred(datastore['USERNAME'], datastore['PASSWORD'])
     end
 
-    report_cred(datastore['USERNAME'], datastore['PASSWORD'])
-
     res
   end