Update a few stragglers in Drupalgeddon 2

1. I added a missed header and YARD to the Drupal mixin.
2. I decided to match discovered versions more liberally.

lib/msf/core/exploit/http/drupal.rb

@@ -1,3 +1,5 @@
+# -*- coding: binary -*-
+
 module Msf
 module Exploit::Remote::HTTP::Drupal
 
@@ -19,6 +21,9 @@ module Exploit::Remote::HTTP::Drupal
     datastore['TARGETURI'] = normalize_uri(datastore['TARGETURI'], '/')
   end
 
+  # Determine Drupal version
+  #
+  # @return [Gem::Version] Version as Gem::Version
   def drupal_version
     res = send_request_cgi(
       'method' => 'GET',
@@ -42,6 +47,10 @@ module Exploit::Remote::HTTP::Drupal
     version_match(generator.value)
   end
 
+  # Return CHANGELOG.txt
+  #
+  # @param version [Gem::Version] Gem::Version or version string
+  # @return [String] CHANGELOG.txt as a string
   def drupal_changelog(version)
     return unless version && Gem::Version.correct?(version)
 
@@ -59,6 +68,10 @@ module Exploit::Remote::HTTP::Drupal
     res.body
   end
 
+  # Match a Drupal version
+  #
+  # @param string [String] String to match against
+  # @return [Gem::Version] Version as Gem::Version
   def version_match(string)
     return unless string
 

modules/exploits/unix/webapp/drupal_drupalgeddon2.rb

@@ -293,9 +293,9 @@ class MetasploitModule < Msf::Exploit::Remote
 
     res =
       case @version.to_s
-      when '7'
+      when /^7\b/
         exploit_drupal7(func, cmd)
-      when '8'
+      when /^8\b/
         exploit_drupal8(func, cmd)
       end