From 13ea8aaaad038f68d7d1b92f3c9d77595344a95d Mon Sep 17 00:00:00 2001
From: Tod Beardsley <tod_beardsley@rapid7.com>
Date: Fri, 9 Aug 2013 12:26:12 -0500
Subject: [PATCH] VALIDATE_COOKIE better grammar on fail message

---
 modules/exploits/multi/http/rails_secret_deserialization.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/exploits/multi/http/rails_secret_deserialization.rb b/modules/exploits/multi/http/rails_secret_deserialization.rb
index 15b2a0810f..898df97493 100644
--- a/modules/exploits/multi/http/rails_secret_deserialization.rb
+++ b/modules/exploits/multi/http/rails_secret_deserialization.rb
@@ -259,7 +259,7 @@ class Metasploit3 < Msf::Exploit::Remote
 				fail_with(Exploit::Failure::BadConfig, "No cookie found and no name given")
 			end
 			if datastore['VALIDATE_COOKIE']
-				fail_with(Exploit::Failure::BadConfig, "COOKIE not validated, set VALIDATE_COOKIE to false send the payload without validation")
+				fail_with(Exploit::Failure::BadConfig, "COOKIE not validated, unset VALIDATE_COOKIE to send the payload anyway")
 			else
 				print_status("Trying to leverage default controller without cookie confirmation.")
 			end