Correct error check logic

2014-02-07 21:58:33 +00:00 · 2014-02-07 21:58:33 +00:00 · a0f47f6b2b
parent 443a51bbf5
commit a0f47f6b2b
1 changed files with 3 additions and 3 deletions
--- a/modules/exploits/multi/http/mediawiki_thumb.rb
+++ b/modules/exploits/multi/http/mediawiki_thumb.rb
@ -206,7 +206,7 @@ class Metasploit3 < Msf::Exploit::Remote
    wp_login_token = get_html_value(response.body, 'input', 'wpLoginToken', 'value')
-    unless wp_login_token
+    if wp_login_token.blank?
      fail_with(Failure::UnexpectedReply, "Couldn't find login token. Is URI set correctly?")
    else
      print_good("Retrieved login CSRF token.")
@ -259,7 +259,7 @@ class Metasploit3 < Msf::Exploit::Remote
    wp_upload = get_html_value(upload_file.body, 'input', 'wpUpload', 'value')
    title = get_html_value(upload_file.body, 'input', 'title', 'value')
-    if upload_csrf && wp_edit_token
+    if upload_csrf && !wp_edit_token.blank?
      print_good("Retrieved upload CSRF token.")
    elsif upload_csrf
      fail_with(Failure::UnexpectedReply, "Couldn't find upload token. Is URI set correctly?")
@ -296,7 +296,7 @@ class Metasploit3 < Msf::Exploit::Remote
      print_good("File uploaded to #{location}")
    else
      if upload.body.include? 'not a permitted file type'
-        fail_with(Failure::NotVulnerable, "Wiki is not configured for DjVu files.")
+        fail_with(Failure::NotVulnerable, "Wiki is not configured for target files.")
      else
        fail_with(Failure::UnexpectedReply, "Failed to upload file.")
      end