From 7b781d53c9c33dfa2dc59c3067a3664f4aad0ccc Mon Sep 17 00:00:00 2001
From: Mzack9999 <marco.rivoli.nvh@gmail.com>
Date: Mon, 22 May 2017 13:53:32 +0200
Subject: [PATCH] Small code refactoring, added verbose output

---
 .../auxiliary/admin/http/typo3_news_module_sqli.rb   | 12 +++++-------
 1 file changed, 5 insertions(+), 7 deletions(-)

diff --git a/modules/auxiliary/admin/http/typo3_news_module_sqli.rb b/modules/auxiliary/admin/http/typo3_news_module_sqli.rb
index d2af618b88..93ee1333ff 100644
--- a/modules/auxiliary/admin/http/typo3_news_module_sqli.rb
+++ b/modules/auxiliary/admin/http/typo3_news_module_sqli.rb
@@ -127,6 +127,7 @@ class MetasploitModule < Msf::Auxiliary
   end
 
   def blind_size(field, table, condition, size, charset,  patterns = {})
+    vprint_status("Retrieving field '#{field}' string (#{size} bytes) ...")
     str = ""
     for position in 0..size
       for char in charset.split('')
@@ -178,16 +179,13 @@ class MetasploitModule < Msf::Auxiliary
     end
     pattern1 = defined?(news[0]) ? news[0].search('span[@itemprop="headline"]').text : ''
     pattern2 = defined?(news[1]) ? news[1].search('span[@itemprop="headline"]').text : ''
-    if pattern1 != '' and pattern2 != ''
-      print_status("Pattern1: #{pattern1}")
-      print_status("Pattern2: #{pattern2}")
-    else
-      print_status("Couldn't determine Pattern1 and Pattern2 automatically, switching to user speficied values...")
+    if pattern1.to_s.eql?('') || pattern2.to_s.eql?('')
+      print_status("Couldn't determine Pattern1 and Pattern2 automatically, switching to user specified values...")
       pattern1 = datastore['PATTERN1']
       pattern2 = datastore['PATTERN2']
-      print_status("Pattern1: #{pattern1}")
-      print_status("Pattern2: #{pattern2}")
     end
+    print_status("Pattern #1: #{pattern1}")
+    print_status("Pattern #2: #{pattern2}")
     return pattern1, pattern2
   end